| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 7: Maus klickt selbständig, Entertaste womöglich auch.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.06.2015, 22:06
| #1 |
 |  Win 7: Maus klickt selbständig, Entertaste womöglich auch. Hallo liebes Trojaner-Board! Ich habe auf meinem PC unter Windows 7 folgendes Problem: Schon zum zweiten Mal klickt meine Maus selbständig alles an, was sich unter dem Cursor befindet und jede Auswahlmöglichkeit in einem Fenster, die markiert ist, wird sofort ausgewählt (so als ob ich Enter drücken würde). Beim ersten Mal, habe ich aus Jux versucht eine benutzerdefinierte Windows-Startmelodie auszuwählen. Hat auch geklappt, aber nach dem Neustart haben mal alle Fenster geflackert, die ich geschafft habe zu öffnen und alles was sich unter dem Cursor befand, wurde angeklickt und - so schnell konnte ich gar nicht schauen - der erstbeste Button gedrückt. Ich habs irgendwie geschafft die Datei, die ich als Startmelodie gewählt habe zu löschen und den PC neuzustarten, danach war der Spuk vorbei. Nun ca. 1 Monat später (die Maus wurde in der Zwischenzeit ausgetauscht) habe ich gerade das selbe erlebt, nachdem ich mir DisplayFusion heruntergeladen habe. Es gab damit zunächst keine Probleme, ich konnte einige Einstellungen damit vornehmen und aus dem Nichts hat besagter Spuk wieder angefangen. Wenn ich da nicht aufpasse, löst es mir Icons aus der Taskleiste, führt Programme aus und löscht auch Dateien. Ich habe den PC neugestartet (mehr od. weniger freiwillig), der Spuk war vorbei und dann gleich mal DisplayFusion deinstalliert. Ich habe seit kurzem eine neue Razer Tastatur, möglicherweise stimmt da was mit dem Treiber nicht und da "klemmt manchmal was fest"? Außerdem habe ich seit nicht allzu langer Zeit ein Wacom-Eingabegerät, vielleicht liegt's auch daran? Ich hoffe noch auf ein Wunder und denke, es könnte vllt. auch ein defektes Eingabegerät sein. Oder habe ich mir tatsächlich etwas eingefangen? Ich hoffe ihr könnt mir weiterhelfen. Norton 360 habe ich gerade drüberlaufen lassen, der hat nichts gefunden. Hier mal die Standard-Logs: Defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:29 on 17/06/2015 (Saskia)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by me (administrator) on TOWER on 17-06-2015 22:30:35
Running from C:\Users\me\Desktop
Loaded Profiles: me (Available Profiles: me & Mcx1-me)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\n360.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-03] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [590656 2015-05-15] (Razer Inc.)
HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
AppInit_DLLs-x32: => "" File not found
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers: [OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
ShellIconOverlayIdentifiers: [OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\buShell.dll [2015-03-07] (Symantec Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-969999041-449978527-1292099721-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-969999041-449978527-1292099721-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope value is missing
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-03-10] (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\IPS\IPSBHO.DLL [2015-03-05] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2015-04-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\coIEPlg.dll [2015-03-05] (Symantec Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21
FireFox:
========
FF ProfilePath: C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\0fvb6uws.default-1412276940105
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-31] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-03] (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-31] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2014-11-21] (DivX, LLC)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2014-04-03] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-12-21] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-25] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\0fvb6uws.default-1412276940105\searchplugins\youtube-videosuche.xml [2015-03-12]
FF Extension: NoScript - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\0fvb6uws.default-1412276940105\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-10-02]
FF Extension: Adblock Edge - C:\Users\me\AppData\Roaming\Mozilla\Firefox\Profiles\0fvb6uws.default-1412276940105\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2014-10-02]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2015-06-17]
Chrome:
=======
CHR Profile: C:\Users\me\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-25]
CHR Extension: (Google Docs) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-25]
CHR Extension: (Google Drive) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-25]
CHR Extension: (YouTube) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-25]
CHR Extension: (Google Search) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-25]
CHR Extension: (Google Sheets) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-25]
CHR Extension: (Norton Identity Safe) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-05-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-25]
CHR Extension: (Norton Security Toolbar) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2015-05-25]
CHR Extension: (Google Wallet) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-25]
CHR Extension: (Gmail) - C:\Users\me\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-25]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-17]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx [2015-04-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2736824 2015-04-07] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-03] (NVIDIA Corporation)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe [265000 2015-03-07] (Symantec Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-06-03] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-03] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-03] (Electronic Arts)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [483864 2013-04-24] (Sony Corporation)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187072 2015-02-05] ()
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2015-02-12] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [302968 2015-02-12] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [672024 2015-02-27] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150602.001\BHDrvx64.sys [1640152 2015-05-21] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-03-19] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [489776 2015-05-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [145200 2015-05-27] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150616.001\IDSvia64.sys [684248 2015-05-29] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150616.018\ENG64.SYS [129752 2015-01-31] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150616.018\EX64.SYS [2137304 2015-01-31] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-03] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\DRIVERS\rzendpt.sys [39592 2014-12-30] (Razer Inc)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2015-02-05] (Razer, Inc.)
R2 rzpnk; C:\Windows\system32\drivers\rzpnk.sys [129600 2015-03-03] (Razer, Inc.)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1507000.00B\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-12-02] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 22:30 - 2015-06-17 22:30 - 00021470 _____ C:\Users\me\Desktop\FRST.txt
2015-06-17 22:30 - 2015-06-17 22:30 - 00000000 ____D C:\FRST
2015-06-17 22:29 - 2015-06-17 22:29 - 00000474 _____ C:\Users\me\Desktop\defogger_disable.log
2015-06-17 22:29 - 2015-06-17 22:29 - 00000000 _____ C:\Users\me\defogger_reenable
2015-06-17 22:28 - 2015-06-17 22:28 - 00380416 _____ C:\Users\me\Desktop\Gmer-19357.exe
2015-06-17 22:27 - 2015-06-17 22:27 - 02109952 _____ (Farbar) C:\Users\me\Desktop\FRST64.exe
2015-06-17 22:24 - 2015-06-17 22:27 - 00020146 _____ C:\Users\me\Desktop\tb.odt
2015-06-17 22:24 - 2015-06-17 22:24 - 00050477 _____ C:\Users\me\Desktop\Defogger.exe
2015-06-17 22:13 - 2015-06-17 22:13 - 00001340 _____ C:\Users\me\Desktop\norton.txt
2015-06-17 21:21 - 2015-06-17 21:21 - 00000000 __SHD C:\Users\me\AppData\Roaming\Common
2015-06-17 20:40 - 2015-05-19 05:29 - 00046768 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-17 20:40 - 2015-05-19 05:14 - 00057520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-16 23:25 - 2015-06-16 23:25 - 00000000 ____D C:\Users\me\AppData\Local\openvr
2015-06-16 22:38 - 2015-06-16 22:38 - 00000000 ____D C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-06-16 19:41 - 2015-06-16 19:41 - 00000000 ____D C:\Users\me\Downloads\BIOS
2015-06-16 19:16 - 2015-06-16 19:16 - 00000948 _____ C:\Users\me\Desktop\Core Temp.lnk
2015-06-16 19:16 - 2015-06-16 19:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Core Temp
2015-06-16 19:16 - 2015-06-16 19:16 - 00000000 ____D C:\Program Files\Core Temp
2015-06-16 19:14 - 2015-06-16 19:14 - 00000869 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2015-06-16 19:14 - 2015-06-16 19:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2015-06-16 19:14 - 2015-06-16 19:14 - 00000000 ____D C:\Program Files\CPUID
2015-06-12 18:34 - 2015-06-12 18:34 - 00000000 ____D C:\Program Files\Common Files\AV
2015-06-11 20:58 - 2015-06-11 20:58 - 00002156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth.lnk
2015-06-11 20:17 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-11 20:17 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-11 20:17 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-11 20:17 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-11 20:17 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-11 20:17 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-11 20:17 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-11 20:17 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-11 20:17 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-11 20:17 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-11 20:17 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-11 20:17 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-11 20:17 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-11 20:17 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-11 20:17 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-11 20:17 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-11 20:17 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-11 20:17 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-11 20:17 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-11 20:17 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-11 20:17 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-11 20:17 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-11 20:17 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-11 20:17 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-11 20:17 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-11 20:17 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-11 20:17 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-11 20:17 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-11 20:17 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-11 20:17 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-11 20:17 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-11 20:17 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-11 20:17 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-11 20:17 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-11 20:17 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-11 20:17 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-11 20:17 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-11 20:17 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-11 20:17 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-11 20:17 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-11 20:16 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-11 20:16 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-11 20:16 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-11 20:16 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-11 20:16 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-11 20:16 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-11 20:16 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-11 20:16 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-11 20:15 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-11 20:15 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-11 20:15 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-11 20:15 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-11 20:15 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-11 20:15 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-11 20:15 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-11 20:15 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-11 20:15 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-11 20:15 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-11 20:15 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-11 20:15 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-11 20:15 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-11 20:15 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-11 20:15 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-11 20:15 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-11 20:15 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-11 20:15 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-11 20:15 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-11 20:15 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-11 20:15 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-11 20:15 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-11 20:15 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-11 20:15 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-11 20:15 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-11 20:15 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-11 20:15 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-11 20:15 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-11 20:15 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-11 20:15 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-11 20:15 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-11 20:15 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-11 20:15 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-11 20:15 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-11 20:15 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-11 20:15 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-11 20:15 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-11 20:15 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-11 20:15 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-11 20:15 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-11 20:15 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-11 20:15 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-11 20:15 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-11 20:15 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-11 20:15 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-11 20:15 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-11 20:15 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-11 20:15 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-11 20:15 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-11 20:15 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-11 20:15 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-11 20:15 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-11 20:15 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-11 20:15 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-11 20:15 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-11 20:15 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-11 20:15 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-11 20:15 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-11 20:15 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-11 20:15 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-05 20:07 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-05 20:07 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-05 20:07 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-05 20:07 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-05 20:07 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-05 20:07 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-05 20:07 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-05 20:07 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 15:39 - 2015-06-04 15:39 - 00000000 ____D C:\Users\me\AppData\Roaming\com.cipherprime.auditorium
2015-06-03 20:42 - 2015-06-04 14:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-02 21:38 - 2015-06-02 21:43 - 00007601 _____ C:\Users\me\AppData\Local\Resmon.ResmonCfg
2015-06-01 23:33 - 2015-06-02 00:09 - 00000000 ____D C:\Users\me\Desktop\Neuer Ordner
2015-06-01 23:16 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-01 23:13 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 23:13 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 23:13 - 2015-05-28 09:04 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-06-01 23:06 - 2015-06-17 20:40 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 23:04 - 2015-06-01 23:04 - 00000000 ____D C:\Users\me\AppData\Local\GWX
2015-06-01 01:44 - 2015-06-01 01:44 - 00001536 _____ C:\Users\me\AppData\Local\recently-used.xbel
2015-05-26 16:39 - 2015-05-26 16:39 - 00000020 _____ C:\Windows\Øö!
2015-05-26 16:21 - 2015-06-04 15:19 - 00018892 _____ C:\Windows\DirectX.log
2015-05-26 16:12 - 2015-06-16 20:47 - 00013980 _____ C:\Windows\PFRO.log
2015-05-25 19:52 - 2015-06-17 22:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-25 19:52 - 2015-06-17 21:53 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 19:52 - 2015-05-25 19:58 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-25 19:52 - 2015-05-25 19:58 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-25 19:52 - 2015-05-25 19:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-25 14:44 - 2015-05-28 20:33 - 00075672 _____ C:\Users\me\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-25 14:09 - 2015-06-17 21:53 - 00008305 _____ C:\Windows\setupact.log
2015-05-25 14:09 - 2015-06-12 18:31 - 00354728 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-25 14:09 - 2015-05-25 14:09 - 00000000 _____ C:\Windows\setuperr.log
2015-05-25 05:27 - 2015-05-25 05:27 - 00069646 _____ C:\Users\me\Documents\cc_20150525_052725.reg
2015-05-25 04:57 - 2015-05-25 04:57 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2015-05-25 04:57 - 2015-03-03 19:47 - 00129600 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpnk.sys
2015-05-25 04:57 - 2015-02-05 01:24 - 00037184 _____ (Razer, Inc.) C:\Windows\system32\Drivers\rzpmgrk.sys
2015-05-25 04:56 - 2015-05-25 04:56 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_rzendpt_01009.Wdf
2015-05-25 04:54 - 2015-05-25 04:54 - 00002098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2015-05-25 04:54 - 2015-05-25 04:54 - 00000000 ____D C:\Users\me\AppData\Roaming\Thunderbird
2015-05-25 04:54 - 2015-05-25 04:54 - 00000000 ____D C:\Users\me\AppData\Local\Thunderbird
2015-05-25 04:54 - 2015-05-25 04:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-05-25 04:49 - 2015-05-25 04:49 - 00000000 ____D C:\Users\me\AppData\Local\Razer
2015-05-25 04:48 - 2015-05-25 04:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2015-05-25 04:45 - 2015-05-25 04:45 - 00000000 ____D C:\Users\me\AppData\Local\Razer_Inc
2015-05-25 04:01 - 2015-06-16 18:54 - 00000000 ____D C:\Program Files (x86)\Razer
2015-05-25 04:01 - 2015-05-25 04:58 - 00000000 ____D C:\ProgramData\Razer
2015-05-25 04:00 - 2015-05-25 04:00 - 00000000 ____D C:\Windows\SysWOW64\0409
2015-05-25 04:00 - 2015-05-25 04:00 - 00000000 ____D C:\Windows\system32\0409
2015-05-25 03:52 - 2015-06-16 23:41 - 00000000 ____D C:\Program Files (x86)\Steam
2015-05-25 03:52 - 2015-05-25 03:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-25 03:46 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-05-25 03:46 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-05-25 03:46 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-05-25 03:46 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-05-25 03:46 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-05-21 14:48 - 2015-05-28 09:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-21 14:48 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-21 14:48 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-21 14:48 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-21 14:48 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-17 22:29 - 2013-02-16 22:52 - 00000000 ____D C:\Users\me
2015-06-17 22:28 - 2013-06-18 17:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-17 22:06 - 2014-04-24 00:54 - 00000000 ____D C:\Users\me\AppData\Local\NPE
2015-06-17 22:01 - 2009-07-14 06:45 - 00026848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-17 22:01 - 2009-07-14 06:45 - 00026848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-17 21:57 - 2013-02-16 22:50 - 01126214 _____ C:\Windows\WindowsUpdate.log
2015-06-17 21:54 - 2015-04-17 02:50 - 00008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2015-06-17 21:52 - 2013-02-16 23:21 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-17 21:52 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-17 21:22 - 2013-11-21 16:09 - 00000000 ____D C:\Users\me\Desktop\Games
2015-06-17 20:41 - 2013-02-16 23:21 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-16 23:02 - 2015-03-02 00:11 - 00000000 ____D C:\Users\me\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-06-16 22:40 - 2014-06-13 12:44 - 00000000 ____D C:\Users\me\AppData\Local\Ubisoft Game Launcher
2015-06-16 22:00 - 2013-10-27 16:46 - 00000000 ____D C:\Users\me\AppData\Roaming\vlc
2015-06-16 19:58 - 2009-07-14 19:58 - 00699416 _____ C:\Windows\system32\perfh007.dat
2015-06-16 19:58 - 2009-07-14 19:58 - 00149556 _____ C:\Windows\system32\perfc007.dat
2015-06-16 19:58 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-12 18:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-11 23:59 - 2013-08-15 20:59 - 00000000 ____D C:\Windows\system32\MRT
2015-06-11 23:55 - 2013-02-21 18:12 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-11 20:58 - 2013-02-17 00:34 - 00000000 ____D C:\Program Files (x86)\Google
2015-06-11 20:28 - 2013-06-18 17:10 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-06-11 20:28 - 2013-02-17 17:41 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-11 20:28 - 2013-02-17 17:41 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-11 19:49 - 2015-04-19 18:49 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-11 19:49 - 2014-05-08 22:37 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-06 00:24 - 2013-02-17 01:09 - 00000000 ____D C:\ProgramData\Origin
2015-06-04 15:17 - 2014-05-15 17:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-04 14:29 - 2013-02-17 00:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 23:04 - 2014-06-03 18:48 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-06-03 23:04 - 2014-06-03 18:48 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-06-03 23:04 - 2013-10-29 21:25 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-06-03 23:04 - 2013-10-29 21:25 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-06-03 19:25 - 2013-02-28 23:23 - 00000000 ____D C:\Users\me\AppData\Local\CrashDumps
2015-06-03 19:11 - 2013-02-17 01:09 - 00000000 ____D C:\Users\me\AppData\Roaming\Origin
2015-06-03 19:10 - 2013-02-17 01:09 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-01 23:16 - 2013-02-16 23:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-01 23:16 - 2013-02-16 23:21 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-06-01 01:44 - 2014-01-26 01:34 - 00000000 ____D C:\Users\me\AppData\Local\gtk-2.0
2015-06-01 01:44 - 2013-06-18 18:04 - 00000000 ____D C:\Users\me\.gimp-2.8
2015-05-31 16:19 - 2014-10-12 23:54 - 00000000 ____D C:\Users\me\AppData\Local\Adobe
2015-05-28 16:59 - 2014-08-17 02:58 - 00000000 ____D C:\Windows\rescache
2015-05-28 09:04 - 2015-02-07 04:54 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-28 09:04 - 2014-12-26 18:03 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-28 09:04 - 2013-02-26 00:32 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2013-02-26 00:32 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2013-02-16 23:21 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-28 09:04 - 2013-02-16 23:21 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-28 06:15 - 2013-02-16 23:21 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2013-02-16 23:21 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2013-02-16 23:21 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2013-02-16 23:21 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2013-02-16 23:21 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2013-02-16 23:21 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 18:13 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-27 12:48 - 2013-02-16 23:21 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-26 16:41 - 2014-02-28 23:31 - 00000000 ____D C:\Users\me\AppData\Local\Windows Live
2015-05-26 16:38 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-05-25 19:52 - 2013-02-17 00:34 - 00000000 ____D C:\Users\me\AppData\Local\Google
2015-05-25 15:39 - 2013-02-17 00:46 - 00000000 ____D C:\Windows\System32\Tasks\Games
2015-05-25 05:20 - 2013-06-18 17:30 - 01593956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-05-25 05:04 - 2014-10-22 20:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-25 04:24 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2015-05-25 04:00 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\system32\winrm
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\system32\WCN
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\system32\slmgr
2015-05-25 04:00 - 2009-07-14 19:58 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-05-25 04:00 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-05-25 04:00 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-05-25 04:00 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-05-25 04:00 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-05-25 04:00 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-05-25 04:00 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-05-25 04:00 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-05-25 04:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-05-25 03:28 - 2014-12-15 00:21 - 00000000 ____D C:\Program Files\Unlocker
2015-05-25 03:28 - 2014-05-08 19:36 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-05-25 02:54 - 2014-05-24 23:47 - 00000000 ____D C:\Program Files\s3pe
2015-05-25 02:50 - 2014-03-18 23:58 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster
2015-05-25 02:41 - 2013-11-21 16:09 - 00000000 ___RD C:\Users\me\Desktop\Security
2015-05-21 22:52 - 2015-04-19 18:49 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-21 22:52 - 2015-04-19 18:49 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-21 19:17 - 2013-11-21 20:20 - 00000552 __RSH C:\ProgramData\ntuser.pol
2015-05-21 17:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-05-21 14:49 - 2013-02-16 23:20 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-21 14:40 - 2013-09-16 15:23 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{B1309304-91E3-4870-B2E5-39AFB00E9104}
2015-05-21 14:37 - 2014-12-21 19:12 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-05-19 05:14 - 2013-08-29 18:38 - 00061616 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
==================== Files in the root of some directories =======
2015-06-01 01:44 - 2015-06-01 01:44 - 0001536 _____ () C:\Users\me\AppData\Local\recently-used.xbel
2015-06-02 21:38 - 2015-06-02 21:43 - 0007601 _____ () C:\Users\me\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-28 16:51
==================== End of log ============================
|
|
17.06.2015, 22:07
| #2 |
| | Win 7: Maus klickt selbständig, Entertaste womöglich auch. ... es geht weiter:
__________________Addition (Hier gibt's ein kleines Problem mit der Formattierung, hab's zwei Mal bearbeitet, aber das "FRST Logfile" erscheint automatisch wieder.) [CODE] Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:13-06-2015
Ran by me at 2015-06-17 22:31:22
Running from C:\Users\me\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-969999041-449978527-1292099721-500 - Administrator - Disabled)
Gast (S-1-5-21-969999041-449978527-1292099721-501 - Limited - Disabled)
Mcx1-me (S-1-5-21-969999041-449978527-1292099721-1005 - Limited - Enabled) => C:\Users\Mcx1-me
me (S-1-5-21-969999041-449978527-1292099721-1000 - Administrator - Enabled) => C:\Users\me
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Norton 360 (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Age of Mythology (HKLM-x32\...\Age of Mythology 1.0) (Version: - )
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArtRage Studio (HKLM-x32\...\{E0540EB6-E8D2-4F55-8429-E41A1DD12254}) (Version: 3.5.12 - Ambient Design)
Audiosurf 2 Demo (HKLM-x32\...\Steam App 373960) (Version: - )
Auditorium (HKLM-x32\...\Steam App 205870) (Version: - Cipher Prime Studios)
Autodesk SketchBook Express 6.2 (HKLM-x32\...\{34CBACD3-040E-43D6-86C1-9FBE44B180BF}) (Version: 6.2.0000 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 3.27 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corel Painter 13 - IPM (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 13 - IPM Content (Version: 14.0 - Corel Corporation) Hidden
Corel Painter 2015 (HKLM\...\_{DDB3F5F0-2583-426C-A652-8404AFF3A4D0}) (Version: 14.1.0.1105 - Corel Corporation)
CPUID CPU-Z 1.72.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.31 - DivX, LLC)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.124 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4719.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.7.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Norton 360 (HKLM-x32\...\N360) (Version: 21.7.0.11 - Symantec Corporation)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.44 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4719.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
Painter 2015 - Contentx64 (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Core (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Corex64 (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - CT (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - DE (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - EN (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - FR (Version: 14.1.4 - Corel Corporation) Hidden
Painter 2015 - Setup Files (Version: 14.1.4 - Corel Corporation) Hidden
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PlayMemories Home (HKLM-x32\...\{0657DE52-8F5C-4073-B70C-ED4F3F7FA076}) (Version: 7.0.03.04240 - Sony Corporation)
Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.26027 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.44 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.11-4 - Wacom Technology Corp.)
WD Drive Utilities (HKLM-x32\...\{B2BCCFEC-2623-40E5-9522-DEC488E6B730}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{BE1B25F9-5A51-4DB8-81FA-CE0CABC14D07}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{8A7B24E8-864E-4794-95C4-17644D0991AA}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{FECF90E3-FDEA-4A87-8A06-2683388C69C4}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-969999041-449978527-1292099721-1000_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-969999041-449978527-1292099721-1000_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-969999041-449978527-1292099721-1000_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-969999041-449978527-1292099721-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-969999041-449978527-1292099721-1000_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-969999041-449978527-1292099721-1000_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
==================== Restore Points =========================
29-05-2015 16:01:07 Geplanter Prüfpunkt
04-06-2015 15:16:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
04-06-2015 15:17:27 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
04-06-2015 15:18:02 DirectX wurde installiert
06-06-2015 00:24:53 Windows Update
11-06-2015 23:53:29 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2014-03-14 16:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0F81EB67-BCC6-44B7-873E-81790CA1BCA5} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {1E7C35B5-CB23-422C-917A-FB67798D16CF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {29F7BC0D-5E4B-430D-BBE3-CA6835ED7BAF} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {31AEA872-6AB2-469B-B4EC-C49ABC816FF9} - System32\Tasks\{AA074299-058B-4DCF-87BE-B7562C55ED1C} => C:\Users\me\Downloads\Total Club Manager 2004\tcm2004.exe
Task: {3719F324-E2B1-44F9-8141-634DCF3EBDD2} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-me => C:\Windows\ehome\McxTask.exe [2009-07-14] (Microsoft Corporation)
Task: {41E56FEC-4002-4A2C-89B3-32F2FADC4014} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {466ADB8A-131B-4603-BCD0-BF9D40C4FCD2} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {5EA5A8B1-3756-40C7-927D-05BA794DD6D1} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-03] (Microsoft Corporation)
Task: {69CD1736-470A-4FF2-8A3A-88C8336ACCA3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {6FEA3B8F-9AB6-4AF5-BF8F-45941FCA324E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {80DD8C07-D81C-43E1-85CA-920D8955EE6F} - System32\Tasks\{3074DD30-5776-4794-87D9-A899EAA8A52B} => pcalua.exe -a "C:\Program Files (x86)\SketchBook_Express_v6_2\setup.exe" -d "C:\Program Files (x86)\SketchBook_Express_v6_2"
Task: {816F5CAE-F2C3-4CE2-BA97-4E452010CCB5} - System32\Tasks\Games\UpdateCheck_S-1-5-21-969999041-449978527-1292099721-1000
Task: {825C852F-9CC7-4808-97AB-E983B31F4766} - System32\Tasks\{32F5B74D-F743-4F4A-B22C-96F757790A15} => pcalua.exe -a F:\Setup.exe -d F:\
Task: {8C7CAEB6-34D1-4DFA-AA37-284A0EA2647C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.)
Task: {A3297FF7-E751-40C7-AAEA-9765A2190A82} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {A8548233-738C-4CE8-848D-E999C330808A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A854ECBC-6351-4B4A-8B7D-CFA23BFBD1B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-25] (Google Inc.)
Task: {AAF4CA17-EA18-4F3E-A7EC-6F1B67517B83} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-01-23] (Piriform Ltd)
Task: {BEEDB721-49B0-460F-A664-0967F49AF05A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-04-14] (Microsoft Corporation)
Task: {D1D10854-E68B-4979-9D41-E17888AC3567} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-11] (Adobe Systems Incorporated)
Task: {DF25234C-627A-4C96-B751-240C49A402D1} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {F5469A4C-34CB-4961-965D-E75BEF78F8D2} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {F55146F1-305F-4E7C-9133-FFF66DB3E808} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {FEE15684-0EFD-441E-9D2B-C53AF97DC161} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe [2015-06-02] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2013-02-16 23:21 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-21 19:12 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-02-05 01:24 - 2015-02-05 01:25 - 00187072 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-01-09 23:38 - 2015-06-03 23:06 - 00721552 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2014-01-09 23:38 - 2015-06-03 23:06 - 00854160 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-03-18 13:47 - 2015-02-27 00:16 - 01356568 _____ () C:\Program Files\Tablet\Wacom\libxml2.dll
2015-04-19 19:07 - 2015-06-03 23:06 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-20 04:29 - 2015-05-20 04:29 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData:gs5sys
AlternateDataStreams: C:\Users\All Users:gs5sys
AlternateDataStreams: C:\Users\me:gs5sys
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\ProgramData\Application Data:gs5sys
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
AlternateDataStreams: C:\ProgramData\TEMP:7D2C66B1
AlternateDataStreams: C:\ProgramData\Templates:gs5sys
AlternateDataStreams: C:\ProgramData\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Public\Documents\desktop.ini:gs5sys
AlternateDataStreams: C:\Users\me\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\me\Cookies:gs5sys
AlternateDataStreams: C:\Users\me\Lokale Einstellungen:gs5sys
AlternateDataStreams: C:\Users\me\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\me\AppData\Local:gs5sys
AlternateDataStreams: C:\Users\me\AppData\Roaming:gs5sys
AlternateDataStreams: C:\Users\me\AppData\Local\Anwendungsdaten:gs5sys
AlternateDataStreams: C:\Users\me\AppData\Local\Verlauf:gs5sys
AlternateDataStreams: C:\Users\me\Documents\desktop.ini:gs5sys
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\nvidia.de -> hxxp://www.nvidia.de
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\0411dd.com -> 0411dd.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\0511zfhl.com -> 0511zfhl.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\0632qyw.com -> 0632qyw.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-969999041-449978527-1292099721-1000\...\1001movie.com -> 1001movie.com
There are 6083 more restricted sites.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-969999041-449978527-1292099721-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\me\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 195.34.133.21 - 212.186.211.21
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: Hobbyist Software VLC Streamer => "C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe" /startup
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: Wisdom-soft AutoScreenRecorder 3.1 Free => 0
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{AF8BFF6E-68C1-476F-BED7-5439AC7B1E5B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{93CC563F-0B45-421B-963B-71B4F99517FC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3CF99304-DC07-4BBD-94A7-7E7E0D776F67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{CEBC8D64-395E-4C08-A9FB-2E59D1D48B1B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{65E501C5-55DE-4C32-A686-2A81D86A9A51}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{A7E66331-2064-4998-B435-3B57AEF3B44C}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{8A08C353-98E4-4B11-84A5-66900A95D07E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{8CC9C8B9-11A3-40C1-964B-1B4F420CF22E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FFE51E11-C4E0-44A5-A986-CCFBF0917560}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{BA8A1CD5-F55E-45F5-BB43-F1EBB0496DDD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{138A0C43-F07D-43FF-81EA-AF697FF1FDCF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{5D531F97-E002-43AA-8100-E9C3A54A95E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7C7CC6F4-3562-4ADA-AD52-B675C5BE621A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02360E85-70E1-4DF3-A69B-62AA90F5BCFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1C7A527F-2094-4EA7-BD48-9453CCE7059A}] => (Allow) LPort=2869
FirewallRules: [{16A6C462-75B7-49B2-A669-3DA8A89DF623}] => (Allow) LPort=10243
FirewallRules: [{64BEA902-5DED-48AF-A33F-57C13736BCC7}] => (Allow) LPort=1900
FirewallRules: [{4C3617FF-3EAF-47E2-AED1-1464D8EA179F}] => (Allow) LPort=10283
FirewallRules: [{FEA0CA2B-7E18-44B9-8D3D-C7E4D8A69212}] => (Allow) LPort=10281
FirewallRules: [{606302E3-2761-4153-AA3A-7A97A04FEC65}] => (Allow) LPort=10280
FirewallRules: [{2A7221AF-288A-42F9-8CA4-5F5FFBA84015}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0FB60EE1-92CA-4DD8-AF9E-A9D735915D17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{732FD99F-C3D0-4659-B6FD-FC88F5993B4B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A4C16E6D-5F5F-4F83-9EB1-99201DDC1715}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D78FDB41-0046-45DD-B9B2-14A952D52D90}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{7D2C1115-50B8-41C5-9E67-7AEC96EB3DC4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F211060C-53A2-42FD-AF75-7AD3F6327C79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AC51D750-30C9-4E29-ACEF-104019D62D2F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7956C083-CF10-4B42-9937-066E76C81700}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2498A095-6CB0-4672-8F69-41BA4B12DC03}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4EF3E99B-A48F-4FE6-A930-704E97366BE7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{706C8BA8-1474-47A4-A8AE-5078543286C3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{12ABF82D-3DA0-4BB3-94CC-1E3880DA9400}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{54979C31-720B-4EE8-AFC3-5BB07B5EB11F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7255822C-A8AF-457F-A0AB-FCA0E1675A1F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D3E37E8-285E-497B-9B6C-9F7AC6C2DF12}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{40F7C356-5CEF-4DC4-AEA4-A76AB0CB2AE7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1989060B-7B42-4582-A7EE-C513A48C39F3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D6DCF2E5-0B6E-42BC-A2C3-FA334C15FB0A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A25BCAF4-05BB-4749-990B-BF12A8BCE8F9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DE85B0A5-4220-4638-907D-0AE5250CAE2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{096D15E1-DE95-424C-8114-459DD3CC8FA0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1B26EED3-3589-494E-99F7-655CFA2EA5F1}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{29AFACBE-6A8A-438F-805E-428295E5B47B}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{EB14FE49-7924-4D56-A8DB-44C72F5262E1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{D040B6D1-30B6-470C-8665-463DC94AF5ED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{0C9DA901-3008-4B36-B579-0751BB129BA2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{C038A460-EB8C-41FD-B9B5-D9752748F7D2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{007AAF25-1566-4249-B3A9-53BD33B07F52}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{57550510-2C28-437B-8C24-EA5768E589D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{F8A8C3F0-4E4F-4DF3-8864-594DCA92F0D4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSResponder.exe
FirewallRules: [{2543EA2C-CF34-4188-B73A-69867DC40EB7}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{D4ABB7D2-3620-476E-9DA7-84E48F7D17EF}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{A96C6B16-DDB0-4F21-9E02-82D8B2BB2F87}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{4A728527-7FD3-407D-8D3C-95383354A313}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{9626C7B8-2FB5-4CB5-BCBE-CE7E312A5433}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{40F7E4CD-94A4-41A3-B6BF-E88E4397293C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A0A9399-F84C-4285-8012-06D3FD1633D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F6AEEEEC-514F-4E9C-B230-3AE67499C883}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{562F2EFF-7997-4F8C-9CE2-7F87636C4B75}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4644253A-2031-4854-9290-4F1AFD9AA0F8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6EBCB63C-0AAA-4309-B2E1-0A77811A12D9}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{436B2371-4443-43AE-ABF3-2B856BE74AF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{63C647DB-4B16-47B1-BA0E-936C7670262D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{3715245B-6C2A-46F5-A644-2E3FFBC02164}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{C57FEE45-D331-42B0-9A4D-7AC54D262189}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{8022573E-A805-4505-AD35-B3F464451C85}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf 2 Demo\Audiosurf2.exe
FirewallRules: [{52278B3D-4B6D-4EAC-B693-C6313F475C1D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Audiosurf 2 Demo\Audiosurf2.exe
FirewallRules: [{A21CF996-EC26-4FED-9588-065D041AD881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Auditorium\Auditorium.exe
FirewallRules: [{D28ACDAC-D3CB-4D44-9BCB-C04263F99BF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Auditorium\Auditorium.exe
FirewallRules: [{53F0E3F6-C311-4C8C-93D1-DFD777BC6DB8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{923C3464-54D3-4E17-AD01-0B83B916B989}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{F508C1FC-FD88-4D5E-B74D-9EE1861EF547}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
FirewallRules: [{E7BD1974-D7F8-40C5-AA65-45F4DCB4BC98}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{3CD27EE1-FE3A-43EB-9757-73C79ED7EBA5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Team Fortress 2\hl2.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/16/2015 08:48:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD initialization failed [6]).
Error: (06/16/2015 08:48:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed to set NvVAD endpoint as default Audio endpoint [0]).
Error: (06/16/2015 08:48:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (NvVAD endpoint registration failed [0]).
Error: (06/03/2015 07:25:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: viewer.exe, Version: 2.4.4.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x420
Startzeit der fehlerhaften Anwendung: 0xviewer.exe0
Pfad der fehlerhaften Anwendung: viewer.exe1
Pfad des fehlerhaften Moduls: viewer.exe2
Berichtskennung: viewer.exe3
Error: (06/03/2015 07:25:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: viewer.exe, Version: 2.4.4.0, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x1b48
Startzeit der fehlerhaften Anwendung: 0xviewer.exe0
Pfad der fehlerhaften Anwendung: viewer.exe1
Pfad des fehlerhaften Moduls: viewer.exe2
Berichtskennung: viewer.exe3
Error: (06/02/2015 11:42:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm CCleaner64.exe, Version 3.27.0.1900 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1688
Startzeit: 01d09d6c2f76b322
Endzeit: 6
Anwendungspfad: C:\Program Files\CCleaner\CCleaner64.exe
Berichts-ID: 491e8874-0970-11e5-9525-6cf049062de4
Error: (05/30/2015 03:34:42 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: An error has occurred (Failed continue stopping. [6]).
Error: (05/29/2015 09:25:43 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: Der geplante Wiederherstellungspunkt konnte nicht erstellt werden. Zusätzliche Informationen: (0x81000101).
Error: (05/29/2015 09:25:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Beschreibung = Geplanter Prüfpunkt; Fehler = 0x81000101).
Error: (05/29/2015 04:02:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17192
System errors:
=============
Error: (06/16/2015 08:05:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/16/2015 08:05:53 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/16/2015 08:05:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/16/2015 08:05:52 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/16/2015 08:05:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden.
Error: (06/16/2015 06:58:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/11/2015 07:55:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (06/04/2015 02:53:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (06/04/2015 02:53:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (05/29/2015 04:02:04 PM) (Source: Microsoft-Windows-HAL) (EventID: 12) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Microsoft Office:
=========================
Error: (06/16/2015 08:48:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (06/16/2015 08:48:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (06/16/2015 08:48:27 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (06/03/2015 07:25:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: viewer.exe2.4.4.02a425e19KERNELBASE.dll6.1.7601.18839553e88ab0eedfade0000c42d42001d09e2254b437f5D:\Viewer\viewer.exeC:\Windows\syswow64\KERNELBASE.dll9325ac00-0a15-11e5-954b-6cf049062de4
Error: (06/03/2015 07:25:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: viewer.exe2.4.4.02a425e19KERNELBASE.dll6.1.7601.18839553e88ab0eedfade0000c42d1b4801d09e2246f94edeD:\Viewer\viewer.exeC:\Windows\syswow64\KERNELBASE.dll88730537-0a15-11e5-954b-6cf049062de4
Error: (06/02/2015 11:42:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: CCleaner64.exe3.27.0.1900168801d09d6c2f76b3226C:\Program Files\CCleaner\CCleaner64.exe491e8874-0970-11e5-9525-6cf049062de4
Error: (05/30/2015 03:34:42 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]
Error: (05/29/2015 09:25:43 PM) (Source: System Restore) (EventID: 8211) (User: )
Description: 0x81000101
Error: (05/29/2015 09:25:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreationGeplanter Prüfpunkt0x81000101
Error: (05/29/2015 04:02:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17192
CodeIntegrity Errors:
===================================
Date: 2014-03-14 15:43:02.318
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-03-14 15:43:02.240
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 30%
Total physical RAM: 8183.49 MB
Available physical RAM: 5705.65 MB
Total Pagefile: 16365.19 MB
Available Pagefile: 13633.2 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:237.57 GB) NTFS
Drive g: (Chief) (Fixed) (Total:2794.49 GB) (Free:1064.24 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 241C6624)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End of log ============================
--- --- --- --- --- --- GMER Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-17 22:52:39
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP3T0L0-3 Hitachi_HDT721050SLA360 rev.ST3OA3AA 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\me\AppData\Local\Temp\kxldipow.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000075cc1401 2 bytes JMP 757db21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000075cc1419 2 bytes JMP 757db346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000075cc1431 2 bytes JMP 75858f29 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000075cc144a 2 bytes CALL 757b489d C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000075cc14dd 2 bytes JMP 75858822 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000075cc14f5 2 bytes JMP 758589f8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000075cc150d 2 bytes JMP 75858718 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000075cc1525 2 bytes JMP 75858ae2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000075cc153d 2 bytes JMP 757cfca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000075cc1555 2 bytes JMP 757d68ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000075cc156d 2 bytes JMP 75858fe3 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000075cc1585 2 bytes JMP 75858b42 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000075cc159d 2 bytes JMP 758586dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000075cc15b5 2 bytes JMP 757cfd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000075cc15cd 2 bytes JMP 757db2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000075cc16b2 2 bytes JMP 75858ea4 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe[2252] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000075cc16bd 2 bytes JMP 75858671 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3644] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW 0000000075572ab1 5 bytes JMP 0000000100aef046
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 0000000075cc1401 2 bytes JMP 757db21b C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 0000000075cc1419 2 bytes JMP 757db346 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 0000000075cc1431 2 bytes JMP 75858f29 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 0000000075cc144a 2 bytes CALL 757b489d C:\Windows\syswow64\KERNEL32.dll
.text ... * 9
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 0000000075cc14dd 2 bytes JMP 75858822 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 0000000075cc14f5 2 bytes JMP 758589f8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 0000000075cc150d 2 bytes JMP 75858718 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 0000000075cc1525 2 bytes JMP 75858ae2 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 0000000075cc153d 2 bytes JMP 757cfca8 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 0000000075cc1555 2 bytes JMP 757d68ef C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 0000000075cc156d 2 bytes JMP 75858fe3 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 0000000075cc1585 2 bytes JMP 75858b42 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 0000000075cc159d 2 bytes JMP 758586dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 0000000075cc15b5 2 bytes JMP 757cfd41 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 0000000075cc15cd 2 bytes JMP 757db2dc C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 0000000075cc16b2 2 bytes JMP 75858ea4 C:\Windows\syswow64\KERNEL32.dll
.text C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe[3868] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 0000000075cc16bd 2 bytes JMP 75858671 C:\Windows\syswow64\KERNEL32.dll
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtUnmapViewOfSection 00000000776efccc 5 bytes JMP 00000001002a012a
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtTerminateProcess 00000000776efcfc 5 bytes JMP 00000001002a0bc2
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtWriteVirtualMemory 00000000776efe60 5 bytes JMP 00000001002a0048
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtReadVirtualMemory 00000000776efedc 5 bytes JMP 00000001002a0e68
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtOpenEvent 00000000776efef4 5 bytes JMP 00000001002a0594
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtQueueApcThread 00000000776eff70 5 bytes JMP 00000001002a0f4a
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtCreateThread 00000000776f0050 5 bytes JMP 00000001002a0758
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory 00000000776f0084 5 bytes JMP 00000001002a0ca4
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtResumeThread 00000000776f00b4 5 bytes JMP 00000001002a0d86
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtTerminateThread 00000000776f00d0 5 bytes JMP 0000000100020050
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtAlertResumeThread 00000000776f0334 5 bytes JMP 00000001002a020c
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtCreateMutant 00000000776f07e8 5 bytes JMP 00000001002a03d0
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtCreateSymbolicLinkObject 00000000776f08d8 5 bytes JMP 00000001002a09fe
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx 00000000776f08f0 2 bytes JMP 00000001002a091c
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtCreateThreadEx + 3 00000000776f08f3 2 bytes [BB, 88]
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtLoadDriver 00000000776f0e40 5 bytes JMP 00000001002a0676
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtQueueApcThreadEx 00000000776f1620 5 bytes JMP 00000001002a02ee
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtSetContextThread 00000000776f196c 5 bytes JMP 00000001002a083a
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtSetSystemInformation 00000000776f1c30 5 bytes JMP 00000001002a0ae0
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\SysWOW64\ntdll.dll!NtSuspendThread 00000000776f1dbc 5 bytes JMP 00000001002a04b2
.text C:\Users\me\Desktop\Gmer-19357.exe[3500] C:\Windows\syswow64\USER32.dll!RecordShutdownReason + 882 0000000075111492 7 bytes JMP 00000001002b0048
---- EOF - GMER 2.1 ----
Mit freundlichen Grüßen, 2k1p Geändert von 2k1p (17.06.2015 um 22:12 Uhr) |
|
18.06.2015, 05:12
| #3 |
| /// the machine /// TB-Ausbilder    | Win 7: Maus klickt selbständig, Entertaste womöglich auch. hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
18.06.2015, 15:19
| #4 |
| | Win 7: Maus klickt selbständig, Entertaste womöglich auch. Hallo schrauber, danke für deine schnelle Antwort und dafür, dass du dich meinem Problem angenommen hast. Ich habe deine Anweisungen befolgt, die Logfiles folgen sogleich. Ich möchte aber vorher noch erwähnen, dass ich am Wochenende ganz andere Probleme mit meinem PC hatte, welche für mich eindeutig auf defekte Hardware zurückzuführen waren, allerdings bin ich mir da jetzt nicht mehr allzu sicher und wollte dies dennoch bekannt geben, möglicherweise ist es ja relevant. Der PC hat sich selbständig heruntergefahren, als ich Netflix geschaut habe, danach hing er in einer Endlosschleife und hat sich permanent selbständig hoch- und wieder runtergefahren, jedoch nie vollständig. Ich kam nichtmal bis zum BIOS, 3 - 5 Sek. fuhr er hoch und dann hat er sich sofort wieder abgedreht. Es stoppte erst, wenn ich ihn vom Strom genommen habe, kaum hing er wieder dran, ging es von vorne los. Das Problem löste sich von selbst, noch bevor ich ein anderes Netzteil probieren konnte (auf welches ich es primär geschoben hatte). Also mal nur zur Info am Rande. Jetzt die Logfiles: MBAR (Ich wurde von der Software nicht nach einem Neustart gefragt, also habe ich keinen ausgeführt.) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.18.04
rootkit: v2015.06.15.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
me :: TOWER [administrator]
18.06.2015 15:11:09
mbar-log-2015-06-18 (15-11-09).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 440939
Time elapsed: 40 minute(s), 16 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 16:03:25.0604 0x0094 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:03:31.0580 0x0094 ============================================================
16:03:31.0580 0x0094 Current date / time: 2015/06/18 16:03:31.0580
16:03:31.0580 0x0094 SystemInfo:
16:03:31.0580 0x0094
16:03:31.0580 0x0094 OS Version: 6.1.7601 ServicePack: 1.0
16:03:31.0580 0x0094 Product type: Workstation
16:03:31.0580 0x0094 ComputerName: TOWER
16:03:31.0581 0x0094 UserName: me
16:03:31.0581 0x0094 Windows directory: C:\Windows
16:03:31.0581 0x0094 System windows directory: C:\Windows
16:03:31.0581 0x0094 Running under WOW64
16:03:31.0581 0x0094 Processor architecture: Intel x64
16:03:31.0581 0x0094 Number of processors: 4
16:03:31.0581 0x0094 Page size: 0x1000
16:03:31.0581 0x0094 Boot type: Normal boot
16:03:31.0581 0x0094 ============================================================
16:03:33.0260 0x0094 KLMD registered as C:\Windows\system32\drivers\16554318.sys
16:03:33.0538 0x0094 System UUID: {EFEB6542-48D0-804D-2CCD-AA69B0A446BA}
16:03:34.0101 0x0094 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
16:03:34.0104 0x0094 Drive \Device\Harddisk1\DR1 - Size: 0x2BA9F400000 ( 2794.49 Gb ), SectorSize: 0x1000, Cylinders: 0xB21F, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:03:34.0106 0x0094 ============================================================
16:03:34.0106 0x0094 \Device\Harddisk0\DR0:
16:03:34.0107 0x0094 MBR partitions:
16:03:34.0107 0x0094 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:03:34.0107 0x0094 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
16:03:34.0107 0x0094 \Device\Harddisk1\DR1:
16:03:34.0107 0x0094 MBR partitions:
16:03:34.0107 0x0094 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BA9F300
16:03:34.0107 0x0094 ============================================================
16:03:34.0126 0x0094 C: <-> \Device\Harddisk0\DR0\Partition2
16:03:34.0859 0x0094 G: <-> \Device\Harddisk1\DR1\Partition1
16:03:34.0860 0x0094 ============================================================
16:03:34.0860 0x0094 Initialize success
16:03:34.0860 0x0094 ============================================================
16:04:34.0581 0x0ed0 ============================================================
16:04:34.0581 0x0ed0 Scan started
16:04:34.0581 0x0ed0 Mode: Manual; SigCheck; TDLFS;
16:04:34.0581 0x0ed0 ============================================================
16:04:34.0581 0x0ed0 KSN ping started
16:04:50.0879 0x0ed0 KSN ping finished: true
16:04:53.0585 0x0ed0 ================ Scan system memory ========================
16:04:53.0585 0x0ed0 System memory - ok
16:04:53.0586 0x0ed0 ================ Scan services =============================
16:04:53.0737 0x0ed0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:04:53.0825 0x0ed0 1394ohci - ok
16:04:53.0878 0x0ed0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:04:53.0909 0x0ed0 ACPI - ok
16:04:53.0925 0x0ed0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:04:53.0961 0x0ed0 AcpiPmi - ok
16:04:54.0061 0x0ed0 [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:04:54.0090 0x0ed0 AdobeARMservice - ok
16:04:54.0185 0x0ed0 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:04:54.0208 0x0ed0 AdobeFlashPlayerUpdateSvc - ok
16:04:54.0261 0x0ed0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:04:54.0287 0x0ed0 adp94xx - ok
16:04:54.0316 0x0ed0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:04:54.0337 0x0ed0 adpahci - ok
16:04:54.0353 0x0ed0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:04:54.0369 0x0ed0 adpu320 - ok
16:04:54.0407 0x0ed0 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:04:54.0442 0x0ed0 AeLookupSvc - ok
16:04:54.0481 0x0ed0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:04:54.0542 0x0ed0 AFD - ok
16:04:54.0566 0x0ed0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:04:54.0579 0x0ed0 agp440 - ok
16:04:54.0603 0x0ed0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:04:54.0681 0x0ed0 ALG - ok
16:04:54.0734 0x0ed0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:04:54.0753 0x0ed0 aliide - ok
16:04:54.0781 0x0ed0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:04:54.0801 0x0ed0 amdide - ok
16:04:54.0840 0x0ed0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:04:54.0888 0x0ed0 AmdK8 - ok
16:04:54.0901 0x0ed0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:04:54.0931 0x0ed0 AmdPPM - ok
16:04:54.0958 0x0ed0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:04:54.0973 0x0ed0 amdsata - ok
16:04:55.0003 0x0ed0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:04:55.0020 0x0ed0 amdsbs - ok
16:04:55.0040 0x0ed0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:04:55.0052 0x0ed0 amdxata - ok
16:04:55.0089 0x0ed0 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
16:04:55.0146 0x0ed0 AppID - ok
16:04:55.0157 0x0ed0 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:04:55.0178 0x0ed0 AppIDSvc - ok
16:04:55.0198 0x0ed0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:04:55.0223 0x0ed0 Appinfo - ok
16:04:55.0321 0x0ed0 [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:04:55.0342 0x0ed0 Apple Mobile Device Service - ok
16:04:55.0379 0x0ed0 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:04:55.0415 0x0ed0 AppMgmt - ok
16:04:55.0457 0x0ed0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:04:55.0470 0x0ed0 arc - ok
16:04:55.0488 0x0ed0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:04:55.0503 0x0ed0 arcsas - ok
16:04:55.0616 0x0ed0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:04:55.0654 0x0ed0 aspnet_state - ok
16:04:55.0683 0x0ed0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:04:55.0735 0x0ed0 AsyncMac - ok
16:04:55.0758 0x0ed0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:04:55.0769 0x0ed0 atapi - ok
16:04:55.0820 0x0ed0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:04:55.0870 0x0ed0 AudioEndpointBuilder - ok
16:04:55.0889 0x0ed0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:04:55.0916 0x0ed0 AudioSrv - ok
16:04:55.0964 0x0ed0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:04:56.0005 0x0ed0 AxInstSV - ok
16:04:56.0081 0x0ed0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:04:56.0124 0x0ed0 b06bdrv - ok
16:04:56.0157 0x0ed0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:04:56.0179 0x0ed0 b57nd60a - ok
16:04:56.0220 0x0ed0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:04:56.0237 0x0ed0 BDESVC - ok
16:04:56.0248 0x0ed0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:04:56.0295 0x0ed0 Beep - ok
16:04:56.0352 0x0ed0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:04:56.0391 0x0ed0 BFE - ok
16:04:56.0564 0x0ed0 [ DBC2EF1C27C7D65589D99596EE475145, A10BB062B2FCF1A70C3286E84F90B77F7856A79882CF89F19574E46CCBE01B18 ] BHDrvx64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20150602.001\BHDrvx64.sys
16:04:56.0622 0x0ed0 BHDrvx64 - ok
16:04:56.0694 0x0ed0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:04:56.0764 0x0ed0 BITS - ok
16:04:56.0776 0x0ed0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:04:56.0805 0x0ed0 blbdrive - ok
16:04:56.0863 0x0ed0 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:04:56.0886 0x0ed0 Bonjour Service - ok
16:04:56.0926 0x0ed0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:04:56.0961 0x0ed0 bowser - ok
16:04:56.0996 0x0ed0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:04:57.0024 0x0ed0 BrFiltLo - ok
16:04:57.0031 0x0ed0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:04:57.0059 0x0ed0 BrFiltUp - ok
16:04:57.0102 0x0ed0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
16:04:57.0161 0x0ed0 BridgeMP - ok
16:04:57.0188 0x0ed0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:04:57.0213 0x0ed0 Browser - ok
16:04:57.0240 0x0ed0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:04:57.0277 0x0ed0 Brserid - ok
16:04:57.0295 0x0ed0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:04:57.0345 0x0ed0 BrSerWdm - ok
16:04:57.0369 0x0ed0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:04:57.0422 0x0ed0 BrUsbMdm - ok
16:04:57.0432 0x0ed0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:04:57.0455 0x0ed0 BrUsbSer - ok
16:04:57.0475 0x0ed0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:04:57.0496 0x0ed0 BTHMODEM - ok
16:04:57.0526 0x0ed0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:04:57.0571 0x0ed0 bthserv - ok
16:04:57.0608 0x0ed0 catchme - ok
16:04:57.0710 0x0ed0 [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360 C:\Windows\system32\drivers\N360x64\1507000.00B\ccSetx64.sys
16:04:57.0737 0x0ed0 ccSet_N360 - ok
16:04:57.0757 0x0ed0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:04:57.0805 0x0ed0 cdfs - ok
16:04:57.0835 0x0ed0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:04:57.0861 0x0ed0 cdrom - ok
16:04:57.0905 0x0ed0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:04:57.0949 0x0ed0 CertPropSvc - ok
16:04:57.0978 0x0ed0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:04:57.0995 0x0ed0 circlass - ok
16:04:58.0042 0x0ed0 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
16:04:58.0065 0x0ed0 CLFS - ok
16:04:58.0221 0x0ed0 [ 42C5B8010D47EF3F4BAE6D1B427E80F4, 721C24522C43D50081EA01FD521D68EB365B91561CCF2E7AD1F091FBD61E67FB ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
16:04:58.0299 0x0ed0 ClickToRunSvc - ok
16:04:58.0346 0x0ed0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:04:58.0363 0x0ed0 clr_optimization_v2.0.50727_32 - ok
16:04:58.0395 0x0ed0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:04:58.0411 0x0ed0 clr_optimization_v2.0.50727_64 - ok
16:04:58.0499 0x0ed0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:04:58.0517 0x0ed0 clr_optimization_v4.0.30319_32 - ok
16:04:58.0536 0x0ed0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:04:58.0553 0x0ed0 clr_optimization_v4.0.30319_64 - ok
16:04:58.0572 0x0ed0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:04:58.0595 0x0ed0 CmBatt - ok
16:04:58.0623 0x0ed0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:04:58.0634 0x0ed0 cmdide - ok
16:04:58.0703 0x0ed0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
16:04:58.0737 0x0ed0 CNG - ok
16:04:58.0765 0x0ed0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:04:58.0777 0x0ed0 Compbatt - ok
16:04:58.0800 0x0ed0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:04:58.0870 0x0ed0 CompositeBus - ok
16:04:58.0881 0x0ed0 COMSysApp - ok
16:04:58.0896 0x0ed0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:04:58.0911 0x0ed0 crcdisk - ok
16:04:58.0963 0x0ed0 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:04:59.0008 0x0ed0 CryptSvc - ok
16:04:59.0079 0x0ed0 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:04:59.0133 0x0ed0 CSC - ok
16:04:59.0185 0x0ed0 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:04:59.0227 0x0ed0 CscService - ok
16:04:59.0284 0x0ed0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:04:59.0338 0x0ed0 DcomLaunch - ok
16:04:59.0370 0x0ed0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:04:59.0430 0x0ed0 defragsvc - ok
16:04:59.0469 0x0ed0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:04:59.0541 0x0ed0 DfsC - ok
16:04:59.0593 0x0ed0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:04:59.0614 0x0ed0 Dhcp - ok
16:04:59.0722 0x0ed0 [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack C:\Windows\system32\diagtrack.dll
16:04:59.0787 0x0ed0 DiagTrack - ok
16:04:59.0809 0x0ed0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:04:59.0889 0x0ed0 discache - ok
16:04:59.0926 0x0ed0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:04:59.0938 0x0ed0 Disk - ok
16:04:59.0966 0x0ed0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:05:00.0001 0x0ed0 Dnscache - ok
16:05:00.0037 0x0ed0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:05:00.0092 0x0ed0 dot3svc - ok
16:05:00.0140 0x0ed0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:05:00.0217 0x0ed0 DPS - ok
16:05:00.0259 0x0ed0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:05:00.0290 0x0ed0 drmkaud - ok
16:05:00.0338 0x0ed0 [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
16:05:00.0369 0x0ed0 dtsoftbus01 - ok
16:05:00.0428 0x0ed0 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:05:00.0470 0x0ed0 DXGKrnl - ok
16:05:00.0495 0x0ed0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:05:00.0539 0x0ed0 EapHost - ok
16:05:00.0674 0x0ed0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:05:00.0782 0x0ed0 ebdrv - ok
16:05:00.0889 0x0ed0 [ E5CE7CFE2E08B03E9AEC2CC3750ACBCB, 9892C142143A761072B1B4AD3ADDB738B3B26A6B4D7C4B1A97C74FBF59A9FDD3 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:05:00.0917 0x0ed0 eeCtrl - ok
16:05:00.0977 0x0ed0 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS C:\Windows\System32\lsass.exe
16:05:01.0012 0x0ed0 EFS - ok
16:05:01.0058 0x0ed0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:05:01.0090 0x0ed0 ehRecvr - ok
16:05:01.0115 0x0ed0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:05:01.0147 0x0ed0 ehSched - ok
16:05:01.0193 0x0ed0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:05:01.0219 0x0ed0 elxstor - ok
16:05:01.0300 0x0ed0 [ 13E3BBC4578742E80854451FA16F272A, A9B2D972B114ED2E18246CCBDEE97F6C1AFA8B143791AD5DAED70100E58CD25F ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:05:01.0312 0x0ed0 EraserUtilRebootDrv - ok
16:05:01.0344 0x0ed0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:05:01.0389 0x0ed0 ErrDev - ok
16:05:01.0440 0x0ed0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:05:01.0485 0x0ed0 EventSystem - ok
16:05:01.0504 0x0ed0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:05:01.0548 0x0ed0 exfat - ok
16:05:01.0572 0x0ed0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:05:01.0620 0x0ed0 fastfat - ok
16:05:01.0697 0x0ed0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:05:01.0744 0x0ed0 Fax - ok
16:05:01.0754 0x0ed0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:05:01.0786 0x0ed0 fdc - ok
16:05:01.0819 0x0ed0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:05:01.0890 0x0ed0 fdPHost - ok
16:05:01.0906 0x0ed0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:05:01.0950 0x0ed0 FDResPub - ok
16:05:01.0972 0x0ed0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:05:01.0984 0x0ed0 FileInfo - ok
16:05:01.0998 0x0ed0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:05:02.0042 0x0ed0 Filetrace - ok
16:05:02.0052 0x0ed0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:05:02.0063 0x0ed0 flpydisk - ok
16:05:02.0107 0x0ed0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:05:02.0125 0x0ed0 FltMgr - ok
16:05:02.0202 0x0ed0 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
16:05:02.0255 0x0ed0 FontCache - ok
16:05:02.0308 0x0ed0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:05:02.0331 0x0ed0 FontCache3.0.0.0 - ok
16:05:02.0352 0x0ed0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:05:02.0365 0x0ed0 FsDepends - ok
16:05:02.0395 0x0ed0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:05:02.0408 0x0ed0 Fs_Rec - ok
16:05:02.0443 0x0ed0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:05:02.0464 0x0ed0 fvevol - ok
16:05:02.0485 0x0ed0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:05:02.0498 0x0ed0 gagp30kx - ok
16:05:02.0530 0x0ed0 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:05:02.0539 0x0ed0 GEARAspiWDM - ok
16:05:02.0673 0x0ed0 [ 55FC14B287C6FF306C32B42628CE0D8C, F22D7BA248D616A76AFAC5DA21A419FF13BC4346F402685F6FC6671B04528110 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:05:02.0717 0x0ed0 GfExperienceService - ok
16:05:02.0781 0x0ed0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:05:02.0843 0x0ed0 gpsvc - ok
16:05:02.0892 0x0ed0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:05:02.0903 0x0ed0 gupdate - ok
16:05:02.0912 0x0ed0 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:05:02.0923 0x0ed0 gupdatem - ok
16:05:02.0943 0x0ed0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:05:02.0967 0x0ed0 hcw85cir - ok
16:05:03.0007 0x0ed0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:05:03.0031 0x0ed0 HdAudAddService - ok
16:05:03.0055 0x0ed0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:05:03.0082 0x0ed0 HDAudBus - ok
16:05:03.0097 0x0ed0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:05:03.0110 0x0ed0 HidBatt - ok
16:05:03.0129 0x0ed0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:05:03.0158 0x0ed0 HidBth - ok
16:05:03.0189 0x0ed0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:05:03.0210 0x0ed0 HidIr - ok
16:05:03.0244 0x0ed0 [ F6C1CAF52246BD4F8503BC78A04A56C2, 07844E7EFCAE19CE0DE4089A01D8B5B4F7A52770CCE4EA7BFD78A00EF8B6CD6C ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
16:05:03.0253 0x0ed0 hidkmdf - ok
16:05:03.0273 0x0ed0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
16:05:03.0311 0x0ed0 hidserv - ok
16:05:03.0352 0x0ed0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:05:03.0394 0x0ed0 HidUsb - ok
16:05:03.0427 0x0ed0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:05:03.0501 0x0ed0 hkmsvc - ok
16:05:03.0541 0x0ed0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:05:03.0569 0x0ed0 HomeGroupListener - ok
16:05:03.0614 0x0ed0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:05:03.0632 0x0ed0 HomeGroupProvider - ok
16:05:03.0675 0x0ed0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:05:03.0690 0x0ed0 HpSAMD - ok
16:05:03.0774 0x0ed0 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:05:03.0819 0x0ed0 HTTP - ok
16:05:03.0853 0x0ed0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:05:03.0863 0x0ed0 hwpolicy - ok
16:05:03.0893 0x0ed0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:05:03.0921 0x0ed0 i8042prt - ok
16:05:03.0951 0x0ed0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:05:03.0973 0x0ed0 iaStorV - ok
16:05:04.0070 0x0ed0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:05:04.0104 0x0ed0 idsvc - ok
16:05:04.0232 0x0ed0 [ 46EEACCFEEA6F4B8CB55F5141423BF76, 6F576C7020A47BFBF7477BECEB45406A10AECAE530E73661FCE75D84E013CFB8 ] IDSVia64 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20150617.001\IDSvia64.sys
16:05:04.0269 0x0ed0 IDSVia64 - ok
16:05:04.0311 0x0ed0 IEEtwCollectorService - ok
16:05:04.0349 0x0ed0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:05:04.0372 0x0ed0 iirsp - ok
16:05:04.0422 0x0ed0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:05:04.0458 0x0ed0 IKEEXT - ok
16:05:04.0489 0x0ed0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:05:04.0511 0x0ed0 intelide - ok
16:05:04.0530 0x0ed0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:05:04.0554 0x0ed0 intelppm - ok
16:05:04.0608 0x0ed0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:05:04.0675 0x0ed0 IPBusEnum - ok
16:05:04.0711 0x0ed0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:05:04.0747 0x0ed0 IpFilterDriver - ok
16:05:04.0784 0x0ed0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:05:04.0807 0x0ed0 iphlpsvc - ok
16:05:04.0833 0x0ed0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:05:04.0855 0x0ed0 IPMIDRV - ok
16:05:04.0886 0x0ed0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:05:04.0942 0x0ed0 IPNAT - ok
16:05:05.0011 0x0ed0 [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:05:05.0037 0x0ed0 iPod Service - ok
16:05:05.0046 0x0ed0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:05:05.0062 0x0ed0 IRENUM - ok
16:05:05.0078 0x0ed0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:05:05.0089 0x0ed0 isapnp - ok
16:05:05.0124 0x0ed0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:05:05.0143 0x0ed0 iScsiPrt - ok
16:05:05.0180 0x0ed0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:05:05.0193 0x0ed0 kbdclass - ok
16:05:05.0218 0x0ed0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:05:05.0238 0x0ed0 kbdhid - ok
16:05:05.0250 0x0ed0 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso C:\Windows\system32\lsass.exe
16:05:05.0265 0x0ed0 KeyIso - ok
16:05:05.0303 0x0ed0 [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:05:05.0316 0x0ed0 KSecDD - ok
16:05:05.0338 0x0ed0 [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:05:05.0352 0x0ed0 KSecPkg - ok
16:05:05.0378 0x0ed0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:05:05.0422 0x0ed0 ksthunk - ok
16:05:05.0452 0x0ed0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:05:05.0512 0x0ed0 KtmRm - ok
16:05:05.0583 0x0ed0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
16:05:05.0675 0x0ed0 LanmanServer - ok
16:05:05.0716 0x0ed0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:05:05.0768 0x0ed0 LanmanWorkstation - ok
16:05:05.0790 0x0ed0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:05:05.0827 0x0ed0 lltdio - ok
16:05:05.0863 0x0ed0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:05:05.0921 0x0ed0 lltdsvc - ok
16:05:05.0944 0x0ed0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:05:05.0980 0x0ed0 lmhosts - ok
16:05:06.0009 0x0ed0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:05:06.0022 0x0ed0 LSI_FC - ok
16:05:06.0047 0x0ed0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:05:06.0061 0x0ed0 LSI_SAS - ok
16:05:06.0069 0x0ed0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:05:06.0083 0x0ed0 LSI_SAS2 - ok
16:05:06.0099 0x0ed0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:05:06.0114 0x0ed0 LSI_SCSI - ok
16:05:06.0136 0x0ed0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:05:06.0175 0x0ed0 luafv - ok
16:05:06.0218 0x0ed0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:05:06.0238 0x0ed0 Mcx2Svc - ok
16:05:06.0265 0x0ed0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:05:06.0277 0x0ed0 megasas - ok
16:05:06.0300 0x0ed0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:05:06.0319 0x0ed0 MegaSR - ok
16:05:06.0340 0x0ed0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:05:06.0397 0x0ed0 MMCSS - ok
16:05:06.0420 0x0ed0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:05:06.0467 0x0ed0 Modem - ok
16:05:06.0483 0x0ed0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:05:06.0507 0x0ed0 monitor - ok
16:05:06.0521 0x0ed0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:05:06.0533 0x0ed0 mouclass - ok
16:05:06.0566 0x0ed0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:05:06.0608 0x0ed0 mouhid - ok
16:05:06.0703 0x0ed0 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:05:06.0743 0x0ed0 mountmgr - ok
16:05:06.0809 0x0ed0 [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:05:06.0834 0x0ed0 MozillaMaintenance - ok
16:05:06.0953 0x0ed0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:05:07.0011 0x0ed0 mpio - ok
16:05:07.0199 0x0ed0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:05:07.0266 0x0ed0 mpsdrv - ok
16:05:07.0318 0x0ed0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:05:07.0398 0x0ed0 MpsSvc - ok
16:05:07.0436 0x0ed0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:05:07.0468 0x0ed0 MRxDAV - ok
16:05:07.0500 0x0ed0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:05:07.0579 0x0ed0 mrxsmb - ok
16:05:07.0615 0x0ed0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:05:07.0709 0x0ed0 mrxsmb10 - ok
16:05:07.0801 0x0ed0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:05:07.0918 0x0ed0 mrxsmb20 - ok
16:05:07.0952 0x0ed0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:05:07.0973 0x0ed0 msahci - ok
16:05:07.0990 0x0ed0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:05:08.0007 0x0ed0 msdsm - ok
16:05:08.0044 0x0ed0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:05:08.0073 0x0ed0 MSDTC - ok
16:05:08.0109 0x0ed0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:05:08.0145 0x0ed0 Msfs - ok
16:05:08.0153 0x0ed0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:05:08.0205 0x0ed0 mshidkmdf - ok
16:05:08.0237 0x0ed0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:05:08.0259 0x0ed0 msisadrv - ok
16:05:08.0289 0x0ed0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:05:08.0359 0x0ed0 MSiSCSI - ok
16:05:08.0363 0x0ed0 msiserver - ok
16:05:08.0398 0x0ed0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:05:08.0469 0x0ed0 MSKSSRV - ok
16:05:08.0501 0x0ed0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:05:08.0573 0x0ed0 MSPCLOCK - ok
16:05:08.0595 0x0ed0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:05:08.0635 0x0ed0 MSPQM - ok
16:05:08.0679 0x0ed0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:05:08.0702 0x0ed0 MsRPC - ok
16:05:08.0724 0x0ed0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:05:08.0735 0x0ed0 mssmbios - ok
16:05:08.0758 0x0ed0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:05:08.0803 0x0ed0 MSTEE - ok
16:05:08.0823 0x0ed0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:05:08.0835 0x0ed0 MTConfig - ok
16:05:08.0855 0x0ed0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:05:08.0867 0x0ed0 Mup - ok
16:05:09.0044 0x0ed0 [ 06F83F2E1FE29115E2D397046BA3C10D, 6551E1A580B6FB7047D445F81305451BB0408859376DE9EA2132F5C5EB48993A ] N360 C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\N360.exe
16:05:09.0061 0x0ed0 N360 - ok
16:05:09.0115 0x0ed0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:05:09.0183 0x0ed0 napagent - ok
16:05:09.0245 0x0ed0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:05:09.0284 0x0ed0 NativeWifiP - ok
16:05:09.0393 0x0ed0 [ 54F4B358F41C664CBDE4507D67EED1CD, CDCA0A778AF596933CD7CBF1119FCA551ECC03CBBD4F1E8213C3FD2FECA902F2 ] NAVENG C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150617.034\ENG64.SYS
16:05:09.0418 0x0ed0 NAVENG - ok
16:05:09.0516 0x0ed0 [ A74D67EEEB3938FD2FA3B65B24C32C44, 4D780B70B57E23A3A155794C4DEEBD856E32D35B789BDF4673AAC8FC3AC4367B ] NAVEX15 C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20150617.034\EX64.SYS
16:05:09.0584 0x0ed0 NAVEX15 - ok
16:05:09.0677 0x0ed0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:05:09.0715 0x0ed0 NDIS - ok
16:05:09.0745 0x0ed0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:05:09.0802 0x0ed0 NdisCap - ok
16:05:09.0833 0x0ed0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:05:09.0869 0x0ed0 NdisTapi - ok
16:05:09.0914 0x0ed0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:05:09.0973 0x0ed0 Ndisuio - ok
16:05:10.0005 0x0ed0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:05:10.0043 0x0ed0 NdisWan - ok
16:05:10.0075 0x0ed0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:05:10.0115 0x0ed0 NDProxy - ok
16:05:10.0137 0x0ed0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:05:10.0183 0x0ed0 NetBIOS - ok
16:05:10.0231 0x0ed0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:05:10.0288 0x0ed0 NetBT - ok
16:05:10.0317 0x0ed0 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon C:\Windows\system32\lsass.exe
16:05:10.0331 0x0ed0 Netlogon - ok
16:05:10.0368 0x0ed0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:05:10.0418 0x0ed0 Netman - ok
16:05:10.0463 0x0ed0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:05:10.0481 0x0ed0 NetMsmqActivator - ok
16:05:10.0487 0x0ed0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:05:10.0502 0x0ed0 NetPipeActivator - ok
16:05:10.0516 0x0ed0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:05:10.0578 0x0ed0 netprofm - ok
16:05:10.0585 0x0ed0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:05:10.0603 0x0ed0 NetTcpActivator - ok
16:05:10.0611 0x0ed0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:05:10.0628 0x0ed0 NetTcpPortSharing - ok
16:05:10.0655 0x0ed0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:05:10.0666 0x0ed0 nfrd960 - ok
16:05:10.0696 0x0ed0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:05:10.0724 0x0ed0 NlaSvc - ok
16:05:10.0738 0x0ed0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:05:10.0774 0x0ed0 Npfs - ok
16:05:10.0792 0x0ed0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:05:10.0836 0x0ed0 nsi - ok
16:05:10.0851 0x0ed0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:05:10.0902 0x0ed0 nsiproxy - ok
16:05:10.0993 0x0ed0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:05:11.0049 0x0ed0 Ntfs - ok
16:05:11.0066 0x0ed0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:05:11.0115 0x0ed0 Null - ok
16:05:11.0145 0x0ed0 [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:05:11.0162 0x0ed0 NVHDA - ok
16:05:11.0537 0x0ed0 [ 017E0B4AEFCB291E7CF1CD4BF120A7A8, 5C4B8D1AF91DE041F48E06E58ED71EFDD168942259F39012EB1CC957908B554C ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:05:11.0927 0x0ed0 nvlddmkm - ok
16:05:12.0073 0x0ed0 [ DCAA93D28D6FC75A4D80AE410008BA90, 7EDB69747C95FB68A4DF1932CF45E078DE94364D7A37D83A29952977A41D1FD7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:05:12.0127 0x0ed0 NvNetworkService - ok
16:05:12.0159 0x0ed0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:05:12.0174 0x0ed0 nvraid - ok
16:05:12.0188 0x0ed0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:05:12.0203 0x0ed0 nvstor - ok
16:05:12.0260 0x0ed0 [ 9408391358F3B9FD0F59E27151383C51, 777A41DE1D8D71833369D1335A083BA8F197317CB62D0E65EFFCC9760D84F2AB ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:05:12.0280 0x0ed0 NvStreamKms - ok
16:05:12.0313 0x0ed0 NvStreamSvc - ok
16:05:12.0370 0x0ed0 [ 5141D408272B3681ED6A0E8CCF771EF9, C55304DC5EE588F747DF3B26ED08DE12106B79C686DCD22030F5523FC3F62727 ] nvsvc C:\Windows\system32\nvvsvc.exe
16:05:12.0403 0x0ed0 nvsvc - ok
16:05:12.0428 0x0ed0 [ 6AC68DDFCAC19A300D738AF3493E46AA, 4E92215B6E3ED263E89489851C6FEAD08D3155C82A74E880DA460DED0021DF42 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:05:12.0441 0x0ed0 nvvad_WaveExtensible - ok
16:05:12.0472 0x0ed0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:05:12.0487 0x0ed0 nv_agp - ok
16:05:12.0513 0x0ed0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:05:12.0528 0x0ed0 ohci1394 - ok
16:05:12.0646 0x0ed0 [ FCE83ABDE761C87D17EA65960455F0E5, E59C13E26845FE0537AEBF0E4A9DC0AF3E6DF55C7A54247FC8078AC5DE666AD4 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:05:12.0709 0x0ed0 Origin Client Service - ok
16:05:12.0761 0x0ed0 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:05:12.0789 0x0ed0 ose - ok
16:05:12.0996 0x0ed0 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:05:13.0148 0x0ed0 osppsvc - ok
16:05:13.0189 0x0ed0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:05:13.0221 0x0ed0 p2pimsvc - ok
16:05:13.0245 0x0ed0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:05:13.0281 0x0ed0 p2psvc - ok
16:05:13.0317 0x0ed0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:05:13.0332 0x0ed0 Parport - ok
16:05:13.0353 0x0ed0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:05:13.0365 0x0ed0 partmgr - ok
16:05:13.0407 0x0ed0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:05:13.0440 0x0ed0 PcaSvc - ok
16:05:13.0467 0x0ed0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:05:13.0485 0x0ed0 pci - ok
16:05:13.0507 0x0ed0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:05:13.0518 0x0ed0 pciide - ok
16:05:13.0539 0x0ed0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:05:13.0556 0x0ed0 pcmcia - ok
16:05:13.0573 0x0ed0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:05:13.0585 0x0ed0 pcw - ok
16:05:13.0614 0x0ed0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:05:13.0662 0x0ed0 PEAUTH - ok
16:05:13.0750 0x0ed0 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:05:13.0821 0x0ed0 PeerDistSvc - ok
16:05:13.0883 0x0ed0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:05:13.0904 0x0ed0 PerfHost - ok
16:05:13.0980 0x0ed0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:05:14.0068 0x0ed0 pla - ok
16:05:14.0107 0x0ed0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:05:14.0129 0x0ed0 PlugPlay - ok
16:05:14.0198 0x0ed0 [ 7C725A94A89E3C1EA7D492D5E79698A2, 0E678DF8D5B54FF671912DF103623ACF3264E86BDACF744D0A7BA80C51A79110 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
16:05:14.0239 0x0ed0 PMBDeviceInfoProvider - ok
16:05:14.0260 0x0ed0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:05:14.0283 0x0ed0 PNRPAutoReg - ok
16:05:14.0307 0x0ed0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:05:14.0329 0x0ed0 PNRPsvc - ok
16:05:14.0379 0x0ed0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:05:14.0446 0x0ed0 PolicyAgent - ok
16:05:14.0491 0x0ed0 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:05:14.0543 0x0ed0 Power - ok
16:05:14.0585 0x0ed0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:05:14.0623 0x0ed0 PptpMiniport - ok
16:05:14.0640 0x0ed0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:05:14.0666 0x0ed0 Processor - ok
16:05:14.0694 0x0ed0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:05:14.0732 0x0ed0 ProfSvc - ok
16:05:14.0750 0x0ed0 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
16:05:14.0763 0x0ed0 ProtectedStorage - ok
16:05:14.0813 0x0ed0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:05:14.0857 0x0ed0 Psched - ok
16:05:14.0927 0x0ed0 [ 6C112DA6C86DB7FB2C50522EFDDA706A, 46BB9970F3C58E47143C133B34423ABE5D19F2A865280852CE672BF57EC2F98A ] PSI_SVC_2_x64 c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
16:05:14.0951 0x0ed0 PSI_SVC_2_x64 - ok
16:05:15.0010 0x0ed0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:05:15.0063 0x0ed0 ql2300 - ok
16:05:15.0084 0x0ed0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:05:15.0098 0x0ed0 ql40xx - ok
16:05:15.0128 0x0ed0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:05:15.0150 0x0ed0 QWAVE - ok
16:05:15.0163 0x0ed0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:05:15.0180 0x0ed0 QWAVEdrv - ok
16:05:15.0193 0x0ed0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:05:15.0246 0x0ed0 RasAcd - ok
16:05:15.0280 0x0ed0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:05:15.0323 0x0ed0 RasAgileVpn - ok
16:05:15.0340 0x0ed0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:05:15.0381 0x0ed0 RasAuto - ok
16:05:15.0417 0x0ed0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:05:15.0461 0x0ed0 Rasl2tp - ok
16:05:15.0492 0x0ed0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:05:15.0540 0x0ed0 RasMan - ok
16:05:15.0562 0x0ed0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:05:15.0628 0x0ed0 RasPppoe - ok
16:05:15.0644 0x0ed0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:05:15.0681 0x0ed0 RasSstp - ok
16:05:15.0775 0x0ed0 [ 67EAD2898F681B4ECA6E385AA39C8539, BD3D46234DD4FB6232CFF073E75CA8E35E06B416D205DCD6564E30D7548ED6F6 ] Razer Game Scanner Service C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
16:05:15.0804 0x0ed0 Razer Game Scanner Service - ok
16:05:15.0850 0x0ed0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:05:15.0905 0x0ed0 rdbss - ok
16:05:15.0928 0x0ed0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:05:15.0948 0x0ed0 rdpbus - ok
16:05:15.0965 0x0ed0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:05:16.0007 0x0ed0 RDPCDD - ok
16:05:16.0052 0x0ed0 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:05:16.0067 0x0ed0 RDPDR - ok
16:05:16.0079 0x0ed0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:05:16.0126 0x0ed0 RDPENCDD - ok
16:05:16.0132 0x0ed0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:05:16.0181 0x0ed0 RDPREFMP - ok
16:05:16.0249 0x0ed0 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:05:16.0276 0x0ed0 RdpVideoMiniport - ok
16:05:16.0319 0x0ed0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:05:16.0357 0x0ed0 RDPWD - ok
16:05:16.0418 0x0ed0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:05:16.0434 0x0ed0 rdyboost - ok
16:05:16.0448 0x0ed0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:05:16.0483 0x0ed0 RemoteAccess - ok
16:05:16.0509 0x0ed0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:05:16.0569 0x0ed0 RemoteRegistry - ok
16:05:16.0593 0x0ed0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:05:16.0642 0x0ed0 RpcEptMapper - ok
16:05:16.0665 0x0ed0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:05:16.0693 0x0ed0 RpcLocator - ok
16:05:16.0753 0x0ed0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:05:16.0813 0x0ed0 RpcSs - ok
16:05:16.0834 0x0ed0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:05:16.0871 0x0ed0 rspndr - ok
16:05:16.0907 0x0ed0 [ 7F4F11527AF5A7E4526CB6A146B3E40C, 705177014374AB2F12AF4558344C35C206C2820BD1A16770173EA10D094D182B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
16:05:16.0936 0x0ed0 RTL8167 - ok
16:05:16.0981 0x0ed0 [ 4CE333AC701C4BD2E3EFF721C0DB2526, C210FCDDDED79FC68EC3BFA599F162C2CCDA4A52BCF5A2DBA456696BDFE7D035 ] RTL8192su C:\Windows\system32\DRIVERS\RTL8192su.sys
16:05:17.0012 0x0ed0 RTL8192su - ok
16:05:17.0082 0x0ed0 [ 8295DB01432C1D1F3D0F4A27AB349730, 7FE8CC442829B8136A96E19F17070C29DA2C5F1B9EA2B5EBACCB965783F96356 ] rzendpt C:\Windows\system32\DRIVERS\rzendpt.sys
16:05:17.0103 0x0ed0 rzendpt - ok
16:05:17.0153 0x0ed0 [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk C:\Windows\system32\drivers\rzpmgrk.sys
16:05:17.0172 0x0ed0 rzpmgrk - ok
16:05:17.0214 0x0ed0 [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk C:\Windows\system32\drivers\rzpnk.sys
16:05:17.0229 0x0ed0 rzpnk - ok
16:05:17.0296 0x0ed0 [ 77C5AB228FE307C55FEF0C575E218771, 73C9D4593DA694B2D52817F608E749296D9CC1C44906C97204595476B68AD50F ] rzudd C:\Windows\system32\DRIVERS\rzudd.sys
16:05:17.0313 0x0ed0 rzudd - ok
16:05:17.0332 0x0ed0 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:05:17.0364 0x0ed0 s3cap - ok
16:05:17.0391 0x0ed0 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs C:\Windows\system32\lsass.exe
16:05:17.0405 0x0ed0 SamSs - ok
16:05:17.0423 0x0ed0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:05:17.0437 0x0ed0 sbp2port - ok
16:05:17.0459 0x0ed0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:05:17.0515 0x0ed0 SCardSvr - ok
16:05:17.0553 0x0ed0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:05:17.0605 0x0ed0 scfilter - ok
16:05:17.0697 0x0ed0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:05:17.0768 0x0ed0 Schedule - ok
16:05:17.0804 0x0ed0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:05:17.0838 0x0ed0 SCPolicySvc - ok
16:05:17.0854 0x0ed0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:05:17.0878 0x0ed0 SDRSVC - ok
16:05:17.0904 0x0ed0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:05:17.0945 0x0ed0 secdrv - ok
16:05:17.0983 0x0ed0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:05:18.0023 0x0ed0 seclogon - ok
16:05:18.0043 0x0ed0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
16:05:18.0087 0x0ed0 SENS - ok
16:05:18.0103 0x0ed0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:05:18.0115 0x0ed0 SensrSvc - ok
16:05:18.0126 0x0ed0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:05:18.0144 0x0ed0 Serenum - ok
16:05:18.0169 0x0ed0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:05:18.0191 0x0ed0 Serial - ok
16:05:18.0211 0x0ed0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:05:18.0239 0x0ed0 sermouse - ok
16:05:18.0285 0x0ed0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:05:18.0326 0x0ed0 SessionEnv - ok
16:05:18.0338 0x0ed0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:05:18.0353 0x0ed0 sffdisk - ok
16:05:18.0366 0x0ed0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:05:18.0387 0x0ed0 sffp_mmc - ok
16:05:18.0395 0x0ed0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:05:18.0409 0x0ed0 sffp_sd - ok
16:05:18.0429 0x0ed0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:05:18.0452 0x0ed0 sfloppy - ok
16:05:18.0479 0x0ed0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:05:18.0525 0x0ed0 SharedAccess - ok
16:05:18.0579 0x0ed0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:05:18.0642 0x0ed0 ShellHWDetection - ok
16:05:18.0666 0x0ed0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:05:18.0678 0x0ed0 SiSRaid2 - ok
16:05:18.0691 0x0ed0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:05:18.0705 0x0ed0 SiSRaid4 - ok
16:05:18.0729 0x0ed0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:05:18.0770 0x0ed0 Smb - ok
16:05:18.0789 0x0ed0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:05:18.0811 0x0ed0 SNMPTRAP - ok
16:05:18.0826 0x0ed0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:05:18.0838 0x0ed0 spldr - ok
16:05:18.0875 0x0ed0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:05:18.0908 0x0ed0 Spooler - ok
16:05:19.0049 0x0ed0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:05:19.0179 0x0ed0 sppsvc - ok
16:05:19.0203 0x0ed0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:05:19.0245 0x0ed0 sppuinotify - ok
16:05:19.0333 0x0ed0 [ E163E10191958FF6A2B0B48353F9E9FD, C4F5B83B5C435458AEEC4BD5C6A0FE15F4C3CD5C23CA7F5949A62214634DBB36 ] SRTSP C:\Windows\System32\Drivers\N360x64\1507000.00B\SRTSP64.SYS
16:05:19.0369 0x0ed0 SRTSP - ok
16:05:19.0394 0x0ed0 [ 68E7B6708B9EEE021301C483825D05EA, 87E262405473A063E3E6E9D1D61D8381C997C95F77317CDBB3C59369436E70C5 ] SRTSPX C:\Windows\system32\drivers\N360x64\1507000.00B\SRTSPX64.SYS
16:05:19.0405 0x0ed0 SRTSPX - ok
16:05:19.0430 0x0ed0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:05:19.0461 0x0ed0 srv - ok
16:05:19.0482 0x0ed0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:05:19.0514 0x0ed0 srv2 - ok
16:05:19.0529 0x0ed0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:05:19.0555 0x0ed0 srvnet - ok
16:05:19.0579 0x0ed0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:05:19.0642 0x0ed0 SSDPSRV - ok
16:05:19.0660 0x0ed0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:05:19.0727 0x0ed0 SstpSvc - ok
16:05:19.0825 0x0ed0 [ 9D7B6B2011ACCB3688F958E2D0F1F603, 4DA1B5F17FA1094779556DD085BE21529B02658228D61645EB436DB25CC11631 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:05:19.0858 0x0ed0 Steam Client Service - ok
16:05:19.0961 0x0ed0 [ 2E273A5E7A22A2E4EAFB05D6D5D856EB, 80C0380B1244154D5D7A602C50255C01CDA3912EA6EA484A3F438941CC812FD0 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:05:19.0987 0x0ed0 Stereo Service - ok
16:05:20.0030 0x0ed0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:05:20.0046 0x0ed0 stexstor - ok
16:05:20.0277 0x0ed0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:05:20.0330 0x0ed0 stisvc - ok
16:05:20.0389 0x0ed0 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:05:20.0412 0x0ed0 storflt - ok
16:05:20.0431 0x0ed0 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:05:20.0453 0x0ed0 storvsc - ok
16:05:20.0468 0x0ed0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:05:20.0492 0x0ed0 swenum - ok
16:05:20.0533 0x0ed0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:05:20.0604 0x0ed0 swprv - ok
16:05:20.0841 0x0ed0 [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS C:\Windows\system32\drivers\N360x64\1507000.00B\SYMDS64.SYS
16:05:20.0873 0x0ed0 SymDS - ok
16:05:20.0978 0x0ed0 [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA C:\Windows\system32\drivers\N360x64\1507000.00B\SYMEFA64.SYS
16:05:21.0025 0x0ed0 SymEFA - ok
16:05:21.0106 0x0ed0 [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:05:21.0126 0x0ed0 SymEvent - ok
16:05:21.0208 0x0ed0 [ 2C95265BE19F338E1C1090E4E91055BB, 1E580E9367B1C89B06BD4B34EFD94CD511FD3AA1617D943DDFE0A28B7ED5D5F9 ] SymIRON C:\Windows\system32\drivers\N360x64\1507000.00B\Ironx64.SYS
16:05:21.0234 0x0ed0 SymIRON - ok
16:05:21.0300 0x0ed0 [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS C:\Windows\System32\Drivers\N360x64\1507000.00B\SYMNETS.SYS
16:05:21.0326 0x0ed0 SymNetS - ok
16:05:21.0349 0x0ed0 Synth3dVsc - ok
16:05:21.0469 0x0ed0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:05:21.0547 0x0ed0 SysMain - ok
16:05:21.0593 0x0ed0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:05:21.0661 0x0ed0 TabletInputService - ok
16:05:21.0701 0x0ed0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:05:21.0778 0x0ed0 TapiSrv - ok
16:05:21.0801 0x0ed0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:05:21.0843 0x0ed0 TBS - ok
16:05:21.0922 0x0ed0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:05:21.0982 0x0ed0 Tcpip - ok
16:05:22.0032 0x0ed0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:05:22.0084 0x0ed0 TCPIP6 - ok
16:05:22.0113 0x0ed0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:05:22.0137 0x0ed0 tcpipreg - ok
16:05:22.0161 0x0ed0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:05:22.0190 0x0ed0 TDPIPE - ok
16:05:22.0220 0x0ed0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:05:22.0242 0x0ed0 TDTCP - ok
16:05:22.0271 0x0ed0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:05:22.0323 0x0ed0 tdx - ok
16:05:22.0349 0x0ed0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:05:22.0361 0x0ed0 TermDD - ok
16:05:22.0412 0x0ed0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:05:22.0446 0x0ed0 TermService - ok
16:05:22.0468 0x0ed0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:05:22.0506 0x0ed0 Themes - ok
16:05:22.0530 0x0ed0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:05:22.0566 0x0ed0 THREADORDER - ok
16:05:22.0584 0x0ed0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:05:22.0621 0x0ed0 TrkWks - ok
16:05:22.0683 0x0ed0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:05:22.0745 0x0ed0 TrustedInstaller - ok
16:05:22.0784 0x0ed0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:05:22.0799 0x0ed0 tssecsrv - ok
16:05:22.0841 0x0ed0 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:05:22.0867 0x0ed0 TsUsbFlt - ok
16:05:22.0870 0x0ed0 tsusbhub - ok
16:05:22.0923 0x0ed0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:05:22.0972 0x0ed0 tunnel - ok
16:05:23.0003 0x0ed0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:05:23.0016 0x0ed0 uagp35 - ok
16:05:23.0052 0x0ed0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:05:23.0109 0x0ed0 udfs - ok
16:05:23.0143 0x0ed0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:05:23.0162 0x0ed0 UI0Detect - ok
16:05:23.0193 0x0ed0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:05:23.0205 0x0ed0 uliagpkx - ok
16:05:23.0226 0x0ed0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:05:23.0255 0x0ed0 umbus - ok
16:05:23.0290 0x0ed0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:05:23.0338 0x0ed0 UmPass - ok
16:05:23.0371 0x0ed0 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:05:23.0392 0x0ed0 UmRdpService - ok
16:05:23.0418 0x0ed0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:05:23.0469 0x0ed0 upnphost - ok
16:05:23.0489 0x0ed0 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
16:05:23.0523 0x0ed0 USBAAPL64 - ok
16:05:23.0557 0x0ed0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:05:23.0575 0x0ed0 usbccgp - ok
16:05:23.0634 0x0ed0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:05:23.0666 0x0ed0 usbcir - ok
16:05:23.0696 0x0ed0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:05:23.0725 0x0ed0 usbehci - ok
16:05:23.0767 0x0ed0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:05:23.0787 0x0ed0 usbhub - ok
16:05:23.0812 0x0ed0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:05:23.0824 0x0ed0 usbohci - ok
16:05:23.0852 0x0ed0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:05:23.0878 0x0ed0 usbprint - ok
16:05:23.0905 0x0ed0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:05:23.0939 0x0ed0 USBSTOR - ok
16:05:23.0964 0x0ed0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:05:23.0997 0x0ed0 usbuhci - ok
16:05:24.0021 0x0ed0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:05:24.0058 0x0ed0 UxSms - ok
16:05:24.0073 0x0ed0 [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc C:\Windows\system32\lsass.exe
16:05:24.0086 0x0ed0 VaultSvc - ok
16:05:24.0109 0x0ed0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:05:24.0122 0x0ed0 vdrvroot - ok
16:05:24.0170 0x0ed0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:05:24.0220 0x0ed0 vds - ok
16:05:24.0251 0x0ed0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:05:24.0284 0x0ed0 vga - ok
16:05:24.0302 0x0ed0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:05:24.0337 0x0ed0 VgaSave - ok
16:05:24.0348 0x0ed0 VGPU - ok
16:05:24.0374 0x0ed0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:05:24.0390 0x0ed0 vhdmp - ok
16:05:24.0419 0x0ed0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:05:24.0430 0x0ed0 viaide - ok
16:05:24.0451 0x0ed0 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:05:24.0467 0x0ed0 vmbus - ok
16:05:24.0482 0x0ed0 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:05:24.0493 0x0ed0 VMBusHID - ok
16:05:24.0518 0x0ed0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:05:24.0531 0x0ed0 volmgr - ok
16:05:24.0577 0x0ed0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:05:24.0599 0x0ed0 volmgrx - ok
16:05:24.0638 0x0ed0 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:05:24.0658 0x0ed0 volsnap - ok
16:05:24.0687 0x0ed0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:05:24.0701 0x0ed0 vsmraid - ok
16:05:24.0795 0x0ed0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:05:24.0880 0x0ed0 VSS - ok
16:05:24.0893 0x0ed0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:05:24.0909 0x0ed0 vwifibus - ok
16:05:24.0924 0x0ed0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:05:24.0942 0x0ed0 vwififlt - ok
16:05:24.0976 0x0ed0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:05:25.0025 0x0ed0 W32Time - ok
16:05:25.0059 0x0ed0 [ C465E2A166B7C349FC48F9CC9F77F3D7, D3990A02041FFE14D8B1B22FF18082FD39C59A6D6EB28B4E44BFD22232061AD1 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
16:05:25.0071 0x0ed0 WacHidRouter - ok
16:05:25.0100 0x0ed0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:05:25.0114 0x0ed0 WacomPen - ok
16:05:25.0137 0x0ed0 [ 89AEAEAD593723EA7182AA72691E98C5, E506085A538050C683666F767C0BD5A6590ECAA893AB1CEF20F5C1E4C710A2BD ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
16:05:25.0146 0x0ed0 wacomrouterfilter - ok
16:05:25.0191 0x0ed0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:05:25.0265 0x0ed0 WANARP - ok
16:05:25.0274 0x0ed0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:05:25.0309 0x0ed0 Wanarpv6 - ok
16:05:25.0435 0x0ed0 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
16:05:25.0479 0x0ed0 WatAdminSvc - ok
16:05:25.0557 0x0ed0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:05:25.0630 0x0ed0 wbengine - ok
16:05:25.0659 0x0ed0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:05:25.0697 0x0ed0 WbioSrvc - ok
16:05:25.0741 0x0ed0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:05:25.0774 0x0ed0 wcncsvc - ok
16:05:25.0784 0x0ed0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:05:25.0806 0x0ed0 WcsPlugInService - ok
16:05:25.0850 0x0ed0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:05:25.0868 0x0ed0 Wd - ok
16:05:25.0964 0x0ed0 [ B8003E1C12E6ABCC8B1E6F448C99FB8F, A0FECC2A1B4414FF86EA0A23C341E84E0711542B4E43B7FAB85C3609442B0589 ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
16:05:25.0996 0x0ed0 WDBackup - ok
16:05:26.0018 0x0ed0 [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
16:05:26.0038 0x0ed0 WDC_SAM - ok
16:05:26.0068 0x0ed0 [ DF166352F6E356BFA33A66DD37A96AA7, 3993C22810A490281F74BF26210C9A868BF8E99A0CB090BA8E0250A5D2BC1EB2 ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
16:05:26.0083 0x0ed0 WDDriveService - ok
16:05:26.0125 0x0ed0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:05:26.0162 0x0ed0 Wdf01000 - ok
16:05:26.0196 0x0ed0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:05:26.0218 0x0ed0 WdiServiceHost - ok
16:05:26.0223 0x0ed0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:05:26.0237 0x0ed0 WdiSystemHost - ok
16:05:26.0254 0x0ed0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:05:26.0282 0x0ed0 WebClient - ok
16:05:26.0311 0x0ed0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:05:26.0351 0x0ed0 Wecsvc - ok
16:05:26.0364 0x0ed0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:05:26.0410 0x0ed0 wercplsupport - ok
16:05:26.0422 0x0ed0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:05:26.0473 0x0ed0 WerSvc - ok
16:05:26.0511 0x0ed0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:05:26.0560 0x0ed0 WfpLwf - ok
16:05:26.0578 0x0ed0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:05:26.0589 0x0ed0 WIMMount - ok
16:05:26.0619 0x0ed0 WinDefend - ok
16:05:26.0640 0x0ed0 WinHttpAutoProxySvc - ok
16:05:26.0715 0x0ed0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:05:26.0760 0x0ed0 Winmgmt - ok
16:05:26.0830 0x0ed0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:05:26.0905 0x0ed0 WinRM - ok
16:05:26.0951 0x0ed0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
16:05:26.0967 0x0ed0 WinUsb - ok
16:05:27.0048 0x0ed0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:05:27.0090 0x0ed0 Wlansvc - ok
16:05:27.0120 0x0ed0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:05:27.0154 0x0ed0 WmiAcpi - ok
16:05:27.0194 0x0ed0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:05:27.0213 0x0ed0 wmiApSrv - ok
16:05:27.0240 0x0ed0 WMPNetworkSvc - ok
16:05:27.0313 0x0ed0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:05:27.0371 0x0ed0 WPCSvc - ok
16:05:27.0430 0x0ed0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:05:27.0463 0x0ed0 WPDBusEnum - ok
16:05:27.0481 0x0ed0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:05:27.0524 0x0ed0 ws2ifsl - ok
16:05:27.0551 0x0ed0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
16:05:28.0161 0x0ed0 wscsvc - ok
16:05:28.0164 0x0ed0 WSearch - ok
16:05:28.0749 0x0ed0 [ 0CFE3C7336FE24CF6C0B8167821BAEEC, AB9EB819EA9EDBD93673F68929911C3F06FA8AE9E5A2177548530F1BEB8162D0 ] WTabletServicePro C:\Program Files\Tablet\Wacom\WTabletServicePro.exe
16:05:28.0782 0x0ed0 WTabletServicePro - ok
16:05:29.0457 0x0ed0 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
16:05:29.0544 0x0ed0 wuauserv - ok
16:05:29.0570 0x0ed0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:05:29.0590 0x0ed0 WudfPf - ok
16:05:29.0622 0x0ed0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:05:29.0639 0x0ed0 WUDFRd - ok
16:05:29.0656 0x0ed0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:05:29.0670 0x0ed0 wudfsvc - ok
16:05:29.0692 0x0ed0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:05:29.0732 0x0ed0 WwanSvc - ok
16:05:29.0775 0x0ed0 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
16:05:29.0810 0x0ed0 xusb21 - ok
16:05:29.0835 0x0ed0 ================ Scan global ===============================
16:05:29.0860 0x0ed0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:05:29.0911 0x0ed0 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:05:29.0930 0x0ed0 [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:05:29.0966 0x0ed0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:05:30.0021 0x0ed0 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:05:30.0031 0x0ed0 [ Global ] - ok
16:05:30.0031 0x0ed0 ================ Scan MBR ==================================
16:05:30.0050 0x0ed0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:05:31.0450 0x0ed0 \Device\Harddisk0\DR0 - ok
16:05:31.0463 0x0ed0 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
16:05:32.0307 0x0ed0 \Device\Harddisk1\DR1 - ok
16:05:32.0308 0x0ed0 ================ Scan VBR ==================================
16:05:32.0324 0x0ed0 [ 7CE7535E32457433EED609309B7B5620 ] \Device\Harddisk0\DR0\Partition1
16:05:32.0325 0x0ed0 \Device\Harddisk0\DR0\Partition1 - ok
16:05:32.0358 0x0ed0 [ E73F4110B1E8B0EC829662A644C61B82 ] \Device\Harddisk0\DR0\Partition2
16:05:32.0388 0x0ed0 \Device\Harddisk0\DR0\Partition2 - ok
16:05:32.0394 0x0ed0 [ F0F58B385A84D1DF39C14D10FBB42C20 ] \Device\Harddisk1\DR1\Partition1
16:05:32.0471 0x0ed0 \Device\Harddisk1\DR1\Partition1 - ok
16:05:32.0472 0x0ed0 ================ Scan generic autorun ======================
16:05:32.0521 0x0ed0 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
16:05:32.0582 0x0ed0 ShadowPlay - ok
16:05:33.0139 0x0ed0 [ D9133D4157664B1E2ACFC2CD56CCB599, 0B2B8EE7D45962026A30833D3D7F59FB1FB07085904C2E77A10714F38910E462 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:05:33.0211 0x0ed0 NvBackend - ok
16:05:33.0324 0x0ed0 [ 4275C55AA440DC08EA0267AED31D9654, A5EF4505960D9CECC45376026A8B51FF43282AE811C88617CCD8F7F1E6E56A7B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:05:33.0359 0x0ed0 APSDaemon - ok
16:05:33.0521 0x0ed0 [ 0610E1989914B6DA54165A4F2C766721, CFFDCA465C9A6988A747C08346B9A122A4DB08AACE42B8AEB4AE410981044892 ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
16:05:33.0569 0x0ed0 WD Drive Unlocker - ok
16:05:33.0753 0x0ed0 [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:05:33.0793 0x0ed0 Adobe ARM - ok
16:05:33.0795 0x0ed0 Waiting for KSN requests completion. In queue: 77
16:05:34.0795 0x0ed0 Waiting for KSN requests completion. In queue: 5
16:05:35.0795 0x0ed0 Waiting for KSN requests completion. In queue: 5
16:05:36.0811 0x0ed0 AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe ( 22.3.0.0 ), 0x51000 ( enabled : updated )
16:05:36.0813 0x0ed0 FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\WSCStub.exe ( 22.3.0.0 ), 0x51010 ( enabled )
16:05:39.0472 0x0ed0 ============================================================
16:05:39.0472 0x0ed0 Scan finished
16:05:39.0472 0x0ed0 ============================================================
16:05:39.0483 0x1528 Detected object count: 0
16:05:39.0483 0x1528 Actual detected object count: 0
|
|
19.06.2015, 07:21
| #5 |
| /// the machine /// TB-Ausbilder | Win 7: Maus klickt selbständig, Entertaste womöglich auch. Jap klingt nach Hardware, ebenso das mit der Maus. Logs sind soweit sauber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.06.2015, 11:45
| #6 |
| | Win 7: Maus klickt selbständig, Entertaste womöglich auch. Dann freue ich mich schon mal, dass es kein Trojaner oder Virus ist, Hardware ist mir wesentlich lieber! Vielen herzlichen Dank trotzdem! |
|
20.06.2015, 07:18
| #7 |
| /// the machine /// TB-Ausbilder | Win 7: Maus klickt selbständig, Entertaste womöglich auch. Gern Geschehen 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 7: Maus klickt selbständig, Entertaste womöglich auch. |
| bonjour, browser, combofix, cursor, defender, einstellungen, firefox, flash player, helper, home, maus, mozilla, problem, registry, rundll, scan, security, services.exe, software, svchost.exe, symantec, system, taskleiste, tastatur, tower, warnhinweis, windows |
Linear-Darstellung
