| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
22.07.2015, 13:27
| #1 |
| |  Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? Hallo allerseits! Ich bin neu hier im Forum und entschuldige mich falls ich hier etwas falsch mache oder in das falsche Unterforum poste. Also mein Problem: Gestern ist mein PC abgestürzt und hatte einen Bluescreen. Nach dem Absturz habe ich ihn wieder gestartet und er war seehr langsam und hatte einige Probleme wie zb. das mein Antiviren Programm (Panda free antivirus) angezeigt hat das es Aktiv ist doch es war nicht Aktiv. Viele Programme haben einfach nicht mehr reagiert. Ich habe ihn nochmal runtergefahren und bin schlafen gegangen. Heute ist wieder das selbe. Beim starten des Computers kommt immer eine Fehlermeldung (Bild 1) laut der Fehlermeldung sollte ich das Windows Mouse and Keyboard Center deinstallieren, das versuchte ich bis eine weitere Fehlermeldung kahm. (Bild 2) Könnt ihr mir weiterhelfen? Wenn es keinen anderen ausweg mehr gibt werde ich den Computer neu aufsetzen doch ich hoffe das ich das umgehen kann. LG Simroi Geändert von Simroi (22.07.2015 um 13:42 Uhr) |
|
22.07.2015, 14:14
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
22.07.2015, 14:29
| #3 |
| | Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus?FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Michel (ATTENTION: The logged in user is not administrator) on MICHEL on 22-07-2015 15:25:44
Running from C:\Users\Michel\Downloads
Loaded Profiles: Michel´s Daddelkiste & Michel (Available Profiles: Michel´s Daddelkiste & Michel)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
Failed to access process -> smss.exe
Failed to access process -> csrss.exe
Failed to access process -> wininit.exe
Failed to access process -> csrss.exe
Failed to access process -> services.exe
Failed to access process -> lsass.exe
Failed to access process -> svchost.exe
Failed to access process -> winlogon.exe
Failed to access process -> svchost.exe
Failed to access process -> dwm.exe
Failed to access process -> atiesrxx.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> atieclxx.exe
Failed to access process -> svchost.exe
Failed to access process -> svchost.exe
Failed to access process -> spoolsv.exe
Failed to access process -> svchost.exe
Failed to access process -> armsvc.exe
Failed to access process -> Fuel.Service.exe
Failed to access process -> AppleMobileDeviceService.exe
Failed to access process -> mDNSResponder.exe
Failed to access process -> SkypeC2CAutoUpdateSvc.exe
Failed to access process -> SkypeC2CPNRSvc.exe
Failed to access process -> svchost.exe
Failed to access process -> dasHost.exe
Failed to access process -> LMIGuardianSvc.exe
Failed to access process -> PSANHost.exe
Failed to access process -> AgentSvc.exe
Failed to access process -> PnkBstrA.exe
Failed to access process -> PSUAService.exe
Failed to access process -> svchost.exe
Failed to access process -> hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
Failed to access process -> SearchIndexer.exe
Failed to access process -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\WpcMon.exe
Failed to access process -> svchost.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
Failed to access process -> iPodService.exe
(TeamSpeak Systems GmbH) C:\Users\Michel\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
Failed to access process -> wmpnetwk.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
Failed to access process -> OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\RunOnce: [MSPCLOCK] => rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\RunOnce: [MSPQM] => rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\RunOnce: [MSKSSRV] => rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\RunOnce: [MSTEE.CxTransform] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [MSTEE.Splitter] => rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\Windows\inf\ksfilter.inf,MSTEE.Interf (the data entry has 11 more characters).
HKLM\...\RunOnce: [WDM_DRMKAUD] => rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\Windows\inf\WDMAUDIO.inf,WDM_DRMKAUD. (the data entry has 17 more characters).
HKU\S-1-5-21-345954769-3013140688-2023865255-1006\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095840 2015-04-30] (Nota Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-345954769-3013140688-2023865255-1006\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
URLSearchHook: [S-1-5-21-345954769-3013140688-2023865255-1001] ATTENTION ==> Default URLSearchHook is missing
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-08-18] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-08-18] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{40D9973B-D9BA-4D7F-81FC-437D9B8814FF}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{47F13971-5B56-44E3-970D-BB007E42DE19}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{589FE36D-803B-44F7-B87A-DE05F6E2BC69}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A3ABE923-81B6-4C68-8271-89DC5EB0422C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EE2ABEC4-C104-4B80-AE1F-6ADCEE1FD3F9}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-08-18] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-345954769-3013140688-2023865255-1006: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-02-01] ()
Chrome:
=======
CHR Profile: C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-11-12]
CHR Extension: (Google Docs) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-11-12]
CHR Extension: (Google Drive) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-11-12]
CHR Extension: (YouTube) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-11-12]
CHR Extension: (Google Search) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-11-12]
CHR Extension: (Google Sheets) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-11-12]
CHR Extension: (Avira Browser Safety) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-11-12]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-22]
CHR Extension: (Skype Click to Call) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-28]
CHR Extension: (Google Wallet) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-11-12]
CHR Extension: (Gmail) - C:\Users\Michel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-11-12]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-06-18] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-06-20] (EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 lmhosts; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
R2 NlaSvc; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [38792 2014-10-29] (Microsoft Corporation)
R2 nsi; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-20] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-09] (Overwolf LTD)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-24] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-11] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 15:25 - 2015-07-22 15:25 - 00020144 _____ C:\Users\Michel\Downloads\FRST.txt
2015-07-22 15:25 - 2015-07-22 15:25 - 00000000 ____D C:\FRST
2015-07-22 15:24 - 2015-07-22 15:24 - 02135552 _____ (Farbar) C:\Users\Michel\Downloads\FRST64.exe
2015-07-21 18:06 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 18:06 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 18:06 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 18:06 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 15:23 - 2015-07-20 15:23 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-18 09:31 - 2015-07-18 12:08 - 00000000 ____D C:\Users\Michel\Documents\Stronghold Crusader
2015-07-18 09:28 - 2015-07-18 11:40 - 00000000 ____D C:\Users\Michel\Documents\gothic3
2015-07-16 17:55 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 17:55 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 17:55 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 17:55 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 17:55 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 17:55 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-16 17:55 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 17:55 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 17:55 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 17:55 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 17:55 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 17:55 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 17:55 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 17:55 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 17:55 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 17:55 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 17:54 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 17:54 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 17:54 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 17:54 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 17:54 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 17:54 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 17:54 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 17:54 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 17:54 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 17:54 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 17:54 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 17:54 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 17:54 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 17:54 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 17:54 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-16 17:54 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 17:54 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 17:54 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-16 17:54 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 17:54 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 17:54 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 17:54 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 17:54 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 17:54 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 17:54 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 17:54 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 17:54 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 17:54 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 17:54 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-16 17:54 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-16 17:54 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-16 17:54 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-16 17:54 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-16 17:54 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-16 17:54 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-16 17:54 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 17:54 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 17:54 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 17:54 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 17:54 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-16 17:54 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-16 17:54 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-16 17:54 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-16 17:54 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-16 17:54 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-16 17:54 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-16 17:54 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-16 17:54 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-16 17:54 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-16 17:54 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-16 17:54 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-16 17:53 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 17:53 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 17:53 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 17:53 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 17:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 17:53 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 17:53 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 17:53 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-16 17:53 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 17:53 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-16 17:53 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 17:53 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 17:53 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-16 17:53 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 17:53 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-16 17:53 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-16 17:53 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-16 17:53 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-16 17:53 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-16 17:53 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-16 17:53 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-16 17:53 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-16 17:53 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-16 17:53 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-16 17:53 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-16 17:53 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-16 17:53 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-16 17:52 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 17:52 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-16 17:52 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 17:52 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-16 17:52 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 17:52 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-16 17:52 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-16 17:52 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-16 17:52 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-16 17:52 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-16 17:52 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-16 17:52 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-16 17:36 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 17:36 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 17:36 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 17:36 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 17:36 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-16 17:36 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-16 17:36 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-16 17:36 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-16 17:36 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-16 17:33 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-16 17:32 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-16 17:32 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-16 17:32 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-16 17:32 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-14 15:48 - 2015-07-14 15:49 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Trove
2015-07-01 18:00 - 2015-07-18 15:19 - 00000166 _____ C:\Users\Michel\Documents\ClownfishForTeamspeak.ini
2015-07-01 17:58 - 2015-07-01 17:58 - 00237268 _____ C:\Users\Michel\Downloads\ClownfishVoiceChanger-v1.50 (1).ts3_plugin
2015-07-01 17:57 - 2015-07-01 17:58 - 00237268 _____ C:\Users\Michel\Downloads\ClownfishVoiceChanger-v1.50.ts3_plugin
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-22 15:24 - 2014-11-14 21:28 - 00000000 ____D C:\Users\Michel\AppData\Roaming\TS3Client
2015-07-22 15:18 - 2014-08-21 03:40 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-22 15:16 - 2014-08-18 09:34 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-22 15:12 - 2014-08-18 04:21 - 01781474 _____ C:\Windows\WindowsUpdate.log
2015-07-22 15:09 - 2014-08-18 09:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-22 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-22 14:56 - 2014-08-17 22:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-22 14:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-22 14:21 - 2014-08-21 03:40 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-22 14:19 - 2014-08-19 22:42 - 00000000 ____D C:\ProgramData\Origin
2015-07-22 14:08 - 2014-12-21 16:34 - 00000000 ____D C:\Users\Michel\Downloads\Musik
2015-07-22 14:03 - 2014-11-10 20:40 - 00000000 ____D C:\Users\Michel\AppData\Local\LogMeIn Hamachi
2015-07-22 14:02 - 2014-08-18 09:34 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-22 14:02 - 2013-08-22 16:46 - 00054027 _____ C:\Windows\setupact.log
2015-07-22 14:02 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 13:33 - 2014-08-18 04:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-22 13:33 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-07-22 13:33 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-07-21 22:03 - 2013-08-22 16:44 - 00454200 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 19:43 - 2014-11-13 18:43 - 00000000 ____D C:\Users\Michel\AppData\Roaming\.minecraft
2015-07-21 19:32 - 2014-11-25 09:25 - 00000000 ____D C:\Users\Michel\Documents\irgendwas
2015-07-21 18:55 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-21 17:20 - 2014-08-21 20:41 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-21 16:20 - 2014-08-19 22:23 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-21 15:00 - 2015-06-18 17:08 - 00000000 ____D C:\Users\Michel\AppData\Local\Arma 3
2015-07-20 15:26 - 2014-11-12 16:16 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Origin
2015-07-20 15:26 - 2014-08-19 22:41 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-20 15:18 - 2014-11-22 10:20 - 00000000 __SHD C:\Users\Michel\AppData\Local\EmieBrowserModeList
2015-07-20 15:18 - 2014-11-12 16:26 - 00000000 __SHD C:\Users\Michel\AppData\Local\EmieUserList
2015-07-20 15:18 - 2014-11-12 16:26 - 00000000 __SHD C:\Users\Michel\AppData\Local\EmieSiteList
2015-07-18 13:52 - 2014-11-27 18:08 - 00000000 ____D C:\Users\Michel\Documents\Mount&Blade Warband Savegames
2015-07-17 23:52 - 2015-04-07 10:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 23:52 - 2015-04-07 10:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-17 08:43 - 2015-04-07 20:43 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-07-16 21:20 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-16 21:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-16 21:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 19:19 - 2015-04-16 20:52 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 19:19 - 2015-03-15 08:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 19:19 - 2014-08-18 10:25 - 00000000 ____D C:\Windows\system32\MRT
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 19:45 - 2015-06-18 17:07 - 00000000 ____D C:\Users\Michel\AppData\Local\Arma 3 Launcher
2015-07-06 20:50 - 2015-04-28 17:13 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Skype
2015-07-05 20:50 - 2015-05-30 20:14 - 00000000 ____D C:\Users\Michel\Documents\My Games
2015-07-03 08:43 - 2014-08-18 10:25 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-29 19:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-25 13:41 - 2014-11-10 20:39 - 00002273 _____ C:\Users\Michel\Desktop\Google Chrome.lnk
==================== Files in the root of some directories =======
2014-11-14 21:22 - 2014-11-14 21:22 - 0000000 _____ () C:\Users\Michel\AppData\Local\{0CF64296-3E6E-477B-9E8E-381995D2C58B}
Some files in TEMP:
====================
C:\Users\Michel´s Daddelkiste\AppData\Local\Temp\avgnt.exe
C:\Users\Michel´s Daddelkiste\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Michel´s Daddelkiste\AppData\Local\Temp\ose00000.exe
C:\Users\Michel´s Daddelkiste\AppData\Local\Temp\sonarinst.exe
C:\Users\Michel´s Daddelkiste\AppData\Local\Temp\{AC616FF0-3538-4BAF-8A59-0ADB0B8F4C29}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
==================== End of log ============================
und [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Michel at 2015-07-22 15:26:12
Running from C:\Users\Michel\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-345954769-3013140688-2023865255-500 - Administrator - Disabled)
Gast (S-1-5-21-345954769-3013140688-2023865255-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-345954769-3013140688-2023865255-1003 - Limited - Enabled)
Michel (S-1-5-21-345954769-3013140688-2023865255-1006 - Limited - Enabled) => C:\Users\Michel
Michel´s Daddelkiste (S-1-5-21-345954769-3013140688-2023865255-1001 - Administrator - Enabled) => C:\Users\Michel´s Daddelkiste
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{668B7711-6DAF-465F-9BE2-F3C07C962131}) (Version: 0.92.117 - Dotjosh Studios)
DayZLauncher version 0.0.0.13 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4E6CFD40DF}_is1) (Version: 0.0.0.13 - Maca134)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version: - Piranha – Bytes)
Gyazo 2.4 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HyperSnap 7 (HKLM-x32\...\HyperSnap 7) (Version: 7.29.03 - Hyperionics Technology LLC)
Interstellar Marines (HKLM-x32\...\Steam App 236370) (Version: - Zero Point Software)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Miscreated (HKLM-x32\...\Steam App 299740) (Version: - Entrada Interactive LLC)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
Nidhogg v1.0 (HKLM-x32\...\Nidhogg v1.01.0) (Version: 1.0 - Friends in War)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.22.0 - Overwolf Ltd.)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-345954769-3013140688-2023865255-1006\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
Toribash (HKLM-x32\...\Steam App 248570) (Version: - Nabi Studios)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
War of the Roses (HKLM-x32\...\Steam App 42160) (Version: - Fatshark)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled
Check "winmgmt" service or repair WMI.
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job =>
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job =>
==================== Loaded Modules (Whitelisted) ==============
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-345954769-3013140688-2023865255-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Michel\Documents\irgendwas\Bilder\animel orbs.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{48EA31DF-DE71-48E0-B983-0D419A6281E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1B78C42-CA90-4D95-B71F-E7AA75C506B6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC321896-58D2-44CA-BF44-CC3D30F0F327}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EABF85EF-56AE-43BA-ADC3-1E0A16CB79F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7A72799B-A873-4328-8C82-94ABA45FE432}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F3C1D98A-3011-442E-AE3F-A1578EE104F6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8326E0BA-63A3-4939-97D5-D7E52D75E59C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{981A7D93-28B9-4176-94B4-C7E3DB3C8F3A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CF2C9E58-6EA2-4F9A-9E11-2A2EBC7AFCEE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{D11B53A8-F45C-4F8E-8C80-3D59DA824701}C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe] => (Block) C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe
FirewallRules: [UDP Query User{8684B433-DFD8-4597-988A-E33E48E2E12D}C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe] => (Block) C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe
FirewallRules: [{CB22F8A8-425D-40A4-8D60-A2343B745CFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{36450553-7CBF-4898-898C-E1AD70B39E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{D87D6380-D093-4E17-95BB-FFFA17858DF4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DC0BD242-B329-4C76-8018-84DECFBD76E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F377ECBE-CA7E-4304-8BC3-396F31AE9B42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{8E86FDEA-564B-4259-A1CA-5E953FF1D5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{422993D7-72E9-406C-AF53-2EBAA6FEB9EC}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{E5CC1D3B-35E0-490C-8372-00B5C6F28CC6}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{B0AEC8CF-393C-45D4-9440-EBD8028D69B7}C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{6BBDF20D-22F6-4AF5-BB1F-A6EC5F40B281}C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{308AF660-AF8D-4A7F-A03B-749B753BC663}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CC95F6DB-E215-4A4F-8356-18D5C01A1A93}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{522589A0-C049-4B29-9C1B-176341586D03}D:\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{0F94F54A-1604-43D9-96AD-7E9FD87EA6B1}D:\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{97217A7D-4776-4C30-9C6F-62398E0F0E47}D:\counter strike 1.6 [portable]\root\cstrike.exe] => (Allow) D:\counter strike 1.6 [portable]\root\cstrike.exe
FirewallRules: [UDP Query User{38C656E6-E7CE-44BA-83BF-FF73365A5262}D:\counter strike 1.6 [portable]\root\cstrike.exe] => (Allow) D:\counter strike 1.6 [portable]\root\cstrike.exe
FirewallRules: [TCP Query User{F4F4801E-7A8E-4D6A-B250-9BEFB56FECE9}D:\day of defeat source [portable]\hl2.exe] => (Allow) D:\day of defeat source [portable]\hl2.exe
FirewallRules: [UDP Query User{811E8FB4-96C0-4A30-AEAF-588EDB0D6822}D:\day of defeat source [portable]\hl2.exe] => (Allow) D:\day of defeat source [portable]\hl2.exe
FirewallRules: [TCP Query User{2939A04C-5688-45CC-AB2C-6D17F7C69DEA}D:\day of defeat source [portable]\srcds.exe] => (Allow) D:\day of defeat source [portable]\srcds.exe
FirewallRules: [UDP Query User{C852E898-2000-4910-AFAC-8E1F7CB4A284}D:\day of defeat source [portable]\srcds.exe] => (Allow) D:\day of defeat source [portable]\srcds.exe
FirewallRules: [TCP Query User{C56BF3DF-3611-45F6-B663-30C242EEF24A}D:\quake3 [portable]\quake3.exe] => (Allow) D:\quake3 [portable]\quake3.exe
FirewallRules: [UDP Query User{B05A938D-783D-49E8-8E51-C1B2407393EE}D:\quake3 [portable]\quake3.exe] => (Allow) D:\quake3 [portable]\quake3.exe
FirewallRules: [TCP Query User{44A9645E-BF03-45CA-91E1-504AC8FD80E8}D:\team fortress 2 [portable]\hl2.exe] => (Allow) D:\team fortress 2 [portable]\hl2.exe
FirewallRules: [UDP Query User{A76E0FEB-DE3A-431F-937C-33B7B8E3D02D}D:\team fortress 2 [portable]\hl2.exe] => (Allow) D:\team fortress 2 [portable]\hl2.exe
FirewallRules: [TCP Query User{1DDF2AFA-F3CE-41A6-919E-459153B1FEB5}D:\warcraft iii + frozen throne [portable]\war3.exe] => (Allow) D:\warcraft iii + frozen throne [portable]\war3.exe
FirewallRules: [UDP Query User{6C6463C4-8C77-4D16-B845-051A89CB7141}D:\warcraft iii + frozen throne [portable]\war3.exe] => (Allow) D:\warcraft iii + frozen throne [portable]\war3.exe
FirewallRules: [TCP Query User{54672DFC-0EA4-4F4D-A4C5-FAC8DD7EFE73}D:\cod4 - install\setup\data\iw3mp.exe] => (Allow) D:\cod4 - install\setup\data\iw3mp.exe
FirewallRules: [UDP Query User{D849D1AB-EA47-43C6-B3AA-0FD35FD47FC0}D:\cod4 - install\setup\data\iw3mp.exe] => (Allow) D:\cod4 - install\setup\data\iw3mp.exe
FirewallRules: [{6888A420-632B-42CA-9991-0495FDEF34F4}] => (Allow) D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{3E0F50A7-E715-4265-9604-6E8070F4B9A0}] => (Allow) D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{CA85EDBC-DEE7-41C1-80FE-CD6C3477C6F0}] => (Allow) D:\BF4\Battlefield 3\bf3.exe
FirewallRules: [{F4914610-4F63-467D-8366-86A1BB2400E9}] => (Allow) D:\BF4\Battlefield 3\bf3.exe
FirewallRules: [{5D62F0E9-E1C7-43DE-BD78-0B051C9E2F2D}] => (Allow) D:\SteamLibrary\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{E02161A5-DD3D-4CE3-ACE2-D89827E5A41E}] => (Allow) D:\SteamLibrary\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{0A5EAF3F-7F02-4739-AF11-172A906B047B}] => (Allow) D:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{3138FD1A-B956-4D5D-830B-493C3783FA45}] => (Allow) D:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{350068E0-61F9-4BB4-9A25-C99D5B115FDA}] => (Allow) D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{664DDB74-F2A7-4834-93DC-968417CB3BC4}] => (Allow) D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{9BBD13CA-9404-437C-AD83-AE03D8E15B20}D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{46B9DB84-649B-4A2C-8EDC-D238858032B4}D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{0B95740C-7B09-4D26-98E0-54BFCB947438}] => (Allow) D:\SteamLibrary\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{4426E978-E42E-4305-A319-6CEC075D4B2E}] => (Allow) D:\SteamLibrary\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{0CE0BE62-7662-4273-8DCE-FBE18DEE1C88}] => (Allow) D:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{08971E34-1940-4FFC-BA5F-C45EEFEA6F2A}] => (Allow) D:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{9FBC3462-A6DC-46E3-A1A8-3E5940CF7210}] => (Allow) D:\SteamLibrary\SteamApps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{7D250C55-9A12-406F-AE50-0847E1E9F474}] => (Allow) D:\SteamLibrary\SteamApps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{E65E3FAF-35D4-46D4-80ED-E087BA5D272F}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{18F64F93-1FF9-41A7-B59B-5F247D9BA43F}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8A5E308A-5666-4158-BF5F-C538CF61F011}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{21221994-C711-461A-8E26-7F0525DD3B04}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{2A8E854D-F5F5-4174-AEE9-E8E4C1DDBBC0}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{496091D6-103C-4529-A28B-7751ABF8FD9E}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{3F23D402-7417-4613-9B04-BD58B83C3DC1}] => (Allow) D:\SteamLibrary\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{513C69D1-82D5-46D6-B395-954D16AA6FBD}] => (Allow) D:\SteamLibrary\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{FFD9FCA9-1581-45A8-8EA5-F4FD839A22D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [{8C0F2F13-8BBE-4A1C-9668-DFF33EEB55DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [TCP Query User{6A512906-03A8-43B3-85C2-C3AD63D6F3E8}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{18EC6233-01D6-4D9E-8781-5698EEC4E480}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{32A20775-FB16-4001-A88B-CA3DDB09339B}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{7DA30828-EB45-4D32-AC9F-A6313CC11489}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [TCP Query User{822D2936-F7A0-40C8-86A7-E8E21B32DE9B}C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{8A352B2F-5C50-440F-8A21-6ED9F0DAC46F}C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{28CBD259-74AD-45E5-92A4-90753623E7CC}C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{8FBC607B-EF0E-4588-9354-B0B112AE3A20}C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [{F56DF98E-71A5-4F1B-B0FB-A631F369ECAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{63B9AE73-B38B-4D2A-8D7A-2AE3EDB5502B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{DF51A55B-E650-4347-9DFD-49F81C65A2AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{05DC04FE-46AD-46A7-9E92-597A4CB3E74D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{694A2567-BF99-4231-815F-54311F2B40B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{8CA33E44-B825-4012-B7EF-63C0306A67F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{60523A6F-425B-484A-95F1-77A37074AEEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{F1760015-2A1F-4ED5-AA6D-C135F3D5EA11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{02ECD52B-8361-4572-9DFA-931D5074EC11}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{BD0171CA-62D3-4F7B-8DFA-2BF967BCEC37}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{5EBE0459-A5FB-4541-A3DC-90FDBB3DCBCE}D:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{F7753444-E627-4916-92E6-2BB4F8969BE0}D:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{CF24B18D-5FAB-427C-BDE3-57DBB6503EBD}] => (Allow) D:\SteamLibrary\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{581B5A5E-9C50-40EF-8B9D-1ECDFF735174}] => (Allow) D:\SteamLibrary\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [TCP Query User{9E6E9009-C509-4EAE-9567-89883955278E}F:\age of empires ii\age2_x1\age2_x2.exe] => (Allow) F:\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{51770D2D-A407-4FA5-AD86-577576904361}F:\age of empires ii\age2_x1\age2_x2.exe] => (Allow) F:\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{FB47DAF7-2E46-41F6-8C42-740B145F3B6A}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{B8FCA55F-5119-4507-8C35-FCE13F42B2D0}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [TCP Query User{5A52BD26-C98E-4A27-8E56-03C30DF3B9C7}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{8B5CD25B-3130-400A-9AB2-F529E708AC41}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{D42CC75B-34F5-4028-8387-755E23ACEB0B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{1085C83C-7A0E-4FF2-86AC-FA6A9082C1E9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{52298F3B-52CD-4DEA-B46A-A20E24C55F76}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DD17F9EA-ABF2-421E-8693-A2288B469804}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AEB893B-649A-4368-BEC1-DC28C7E97D9D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{765C2ABF-37F1-400A-A808-A7B446CEE03B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{73F932C5-62CE-46EC-8BFE-8811D6837E3E}D:\steamlibrary\steamapps\common\total war arena\arena.exe] => (Allow) D:\steamlibrary\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{356F4EA2-5661-4195-9D5E-C36B3B2A5DA1}D:\steamlibrary\steamapps\common\total war arena\arena.exe] => (Allow) D:\steamlibrary\steamapps\common\total war arena\arena.exe
FirewallRules: [TCP Query User{2878A5B5-EA29-49B2-918F-6CC8FF189931}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E27AA324-946E-48AA-A0B0-E8B22877446A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E9AAA7E2-3AD8-4680-B3D8-71F95C18BF9F}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{B936C548-246A-47AA-9745-92D528FDF3D6}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{6F1F7089-F5C9-4735-A9C5-0204872B0263}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{8ED8B60F-DD0D-4712-8986-E1A1491E7B4F}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{22E33B08-EFF0-40C6-9AEA-E322C6AE0850}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{DEC41335-1C9B-4BA6-AEC4-B6A9309300D2}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{4CC67B61-55C7-498D-AF1F-D7D9AF191D8E}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{2541505D-B924-47D8-8D7F-903FFBBD9AE1}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{B41436DD-A23E-4D7A-BAD1-CB9478E17069}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{74D345F4-161B-4EB7-9889-F88E40560548}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{531BD2DD-BC8B-41B3-9439-E60EBE85D4DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{3BC4847D-52AB-4E99-9209-FE229AB5A764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{DB27E84F-A00D-4DEC-9E7A-B3469310CF19}] => (Allow) D:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{2B5C8A8B-693F-4580-B164-30063D40404E}] => (Allow) D:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{01823279-A15D-471F-A775-62D23EC1447B}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{9336760F-2095-47C1-8B80-8FD2514FC08F}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{CAB2E1E9-4958-4D44-A16E-8A5E1FBDC730}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Block) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1F421AF0-7FFE-4ADE-8C83-2F7311E331FB}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Block) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [{3B82F3C9-D81E-4A92-B3BA-C88AA872D06E}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C7732A81-5B75-4A49-83AE-D5D969269E08}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A4B6424E-085B-431D-A365-55131FBF08FA}] => (Allow) D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BABEBCF0-772D-45A6-83CD-F54BB3AC02EF}] => (Allow) D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3290CF6B-956E-47D8-8EA7-207840641A2F}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Miscreated.exe
FirewallRules: [{B5F977D6-408C-41B1-8DC8-6D5CE7E9E657}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Miscreated.exe
FirewallRules: [{F3DEE0EE-B325-4B04-B35D-03C86BCB20E2}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{AF529E2E-D9C8-453B-B7E3-7BE762A0B0D9}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{660D87AF-2EE9-4D16-A4DC-B5208E1C6F22}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{4FA19E5D-5B0D-473A-9BAB-CBDC86B520FA}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{614BCC86-9741-4E71-9873-06BE87B472F3}] => (Allow) D:\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{FC3BF8D1-B326-4645-8DA1-A1305B10C11B}] => (Allow) D:\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{14FC4374-0995-4135-9404-DE0AEDF4597D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4C0C2627-E58F-406C-935E-8F5241082B8E}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{E1A450A6-AF5F-4946-AE0E-FC77FA33E762}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{02D7F3E6-A3CA-4C6D-8D0E-2B13B258154F}] => (Allow) D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{D3820B1F-4786-4C7B-8C66-E205F04B39EC}] => (Allow) D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{4D154960-2DCF-4F6D-A61B-E1816706D997}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{4F9D5454-69FB-4477-805D-E8E039436829}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{D320B643-A305-457B-BF6A-E4DE6CBDD870}] => (Allow) D:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{31459CD2-1A3F-4A8B-AE6A-EC7BDC481021}] => (Allow) D:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{13C0C097-359F-4BC2-946C-AE880DBF2573}] => (Allow) D:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{4689CB01-E185-4FFC-9674-45B675B4496B}] => (Allow) D:\BF4\Battlefield 4\bf4.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/22/2015 03:16:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x1140
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5
Error: (07/22/2015 03:16:41 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Aus einem der folgenden Gründe kann nicht auf die Datei "" zugegriffen werden:
Es besteht ein Problem mit der Netzwerkverbindung, dem Datenträger mit der gespeicherten Datei bzw. den auf dem Computer installierten
Speichertreibern, oder der Datenträger fehlt.
Das Programm GWXUX wurde wegen dieses Fehlers geschlossen.
Programm: GWXUX
Datei:
Der Fehlerwert ist im Abschnitt "Zusätzliche Dateien" aufgelistet.
Benutzeraktion
1. Öffnen Sie die Datei erneut.
Diese Situation ist eventuell ein temporäres Problem, das selbstständig behoben wird, wenn das Programm erneut ausgeführt wird.
2.
Wenn Sie weiterhin nicht auf die Datei zugreifen können und
- diese sich im Netzwerk befindet,
dann sollte der Netzwerkadministrator überprüfen, dass kein Netzwerkproblem besteht und dass eine Verbindung mit dem Server hergestellt werden kann.
- diese sich auf einem Wechseldatenträger, wie z. B. einer Diskette oder einer CD, befindet, überprüfen Sie, ob der Datenträger richtig in den Computer eingelegt ist.
3. Überprüfen und reparieren Sie das Dateisystem, indem Sie CHKDSK ausführen. Klicken Sie dazu im Menü "Start" auf "Ausführen", geben Sie CMD ein, und klicken Sie auf "OK". Geben Sie an der Eingabeaufforderung CHKDSK /F ein, und drücken Sie die EINGABETASTE.
4. Stellen Sie die Datei von einer Sicherungskopie wieder her, wenn das Problem weiterhin besteht.
5. Überprüfen Sie, ob andere Dateien auf demselben Datenträger geöffnet werden können. Falls dies nicht möglich ist, ist der Datenträger eventuell beschädigt.
Wenden Sie sich an den Administrator oder den Hersteller der Computerhardware, um weitere Unterstützung zu erhalten, wenn es sich um eine Festplatte handelt.
Zusätzliche Daten
Fehlerwert: 00000000
Datenträgertyp: 0
Error: (07/22/2015 03:16:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.17924, Zeitstempel: 0x5595a0f4
Ausnahmecode: 0xc000001d
Fehleroffset: 0x0000000000a126c0
ID des fehlerhaften Prozesses: 0x2a54
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5
Error: (07/22/2015 03:01:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSUAMain.exe, Version: 4.0.0.644, Zeitstempel: 0x53d152c9
Name des fehlerhaften Moduls: NdkApi.License.dll, Version: 4.0.0.553, Zeitstempel: 0x53d1430d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00006bca
ID des fehlerhaften Prozesses: 0x13e0
Startzeit der fehlerhaften Anwendung: 0xPSUAMain.exe0
Pfad der fehlerhaften Anwendung: PSUAMain.exe1
Pfad des fehlerhaften Moduls: PSUAMain.exe2
Berichtskennung: PSUAMain.exe3
Vollständiger Name des fehlerhaften Pakets: PSUAMain.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSUAMain.exe5
Error: (07/22/2015 02:54:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm PSUAMain.exe, Version 4.0.0.644 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 101c
Startzeit: 01d0c47817c5b30e
Endzeit: 130
Anwendungspfad: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Berichts-ID: cb542be0-3070-11e5-8321-448a5b2faa3b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (07/22/2015 02:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: PSUAMain.exe, Version: 4.0.0.644, Zeitstempel: 0x53d152c9
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f42c2
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001df63
ID des fehlerhaften Prozesses: 0x14c0
Startzeit der fehlerhaften Anwendung: 0xPSUAMain.exe0
Pfad der fehlerhaften Anwendung: PSUAMain.exe1
Pfad des fehlerhaften Moduls: PSUAMain.exe2
Berichtskennung: PSUAMain.exe3
Vollständiger Name des fehlerhaften Pakets: PSUAMain.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: PSUAMain.exe5
Error: (07/22/2015 02:05:34 PM) (Source: ESENT) (EventID: 536) (User: )
Description: taskhost (4184) Fehler beim Versuch, die temporäre Datenbank 'C:\ProgramData\Microsoft\RAC\StateData\tmp.edb' zu erstellen: -1808.
Error: (07/22/2015 02:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e12e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005e2d30
ID des fehlerhaften Prozesses: 0x1260
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (07/22/2015 02:03:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x168c
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5
Error: (07/22/2015 02:00:00 PM) (Source: ESENT) (EventID: 428) (User: )
Description: svchost (1612) SRUJet: Das Datenbankmodul kann keine Aktualisierungen akzeptieren, weil die Festplatte, auf der sich die Protokolldatei der Datenbank befindet, über zu wenig freien Speicherplatz verfügt .
System errors:
=============
Error: (07/22/2015 03:01:24 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20. Der Windows-SChannel-Fehlerstatus lautet: 960.
Error: (07/22/2015 02:58:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20. Der Windows-SChannel-Fehlerstatus lautet: 960.
Error: (07/22/2015 02:13:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: microsoft.windowscommunicationsapps
Error: (07/22/2015 02:02:39 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (07/22/2015 02:02:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 22.07.2015 um 13:28:46 unerwartet heruntergefahren.
Error: (07/22/2015 01:40:19 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 23) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat einen Fehler (Auflösung=112) beim Initialisieren der Protokollierung der Ressourcen für Kanal "Microsoft-Windows-CodeIntegrity/Operational" erkannt.
Error: (07/22/2015 01:28:49 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (07/22/2015 06:50:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: microsoft.windowscommunicationsapps
Error: (07/22/2015 06:50:30 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingSports
Error: (07/22/2015 06:50:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneMusic
Microsoft Office:
=========================
Error: (07/22/2015 03:16:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b114001d0c480a7fdd7a7C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dlle5bc25cd-3073-11e5-8321-448a5b2faa3b
Error: (07/22/2015 03:16:41 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: GWXUX000000000
Error: (07/22/2015 03:16:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290mshtml.dll11.0.9600.179245595a0f4c000001d0000000000a126c02a5401d0c480a5a1b65dC:\Windows\System32\GWX\GWXUX.exeC:\Windows\System32\mshtml.dlle38651bc-3073-11e5-8321-448a5b2faa3b
Error: (07/22/2015 03:01:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSUAMain.exe4.0.0.64453d152c9NdkApi.License.dll4.0.0.55353d1430dc000000500006bca13e001d0c476526dd7a5C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exeC:\Program Files (x86)\Panda Security\Panda Security Protection\NdkApi.License.dllb848af77-3071-11e5-8321-448a5b2faa3b
Error: (07/22/2015 02:54:34 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: PSUAMain.exe4.0.0.644101c01d0c47817c5b30e130C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.execb542be0-3070-11e5-8321-448a5b2faa3b
Error: (07/22/2015 02:50:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: PSUAMain.exe4.0.0.64453d152c9ntdll.dll6.3.9600.17736550f42c2c00000050001df6314c001d0c47d07db1d5fC:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exeC:\Windows\SYSTEM32\ntdll.dll470116ff-3070-11e5-8321-448a5b2faa3b
Error: (07/22/2015 02:05:34 PM) (Source: ESENT) (EventID: 536) (User: )
Description: taskhost4184C:\ProgramData\Microsoft\RAC\StateData\tmp.edb-1808
Error: (07/22/2015 02:03:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.05254e12eclr.dll4.0.30319.342095348a1efc000000500000000005e2d30126001d0c47651b3d5a2C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dlla4467c44-3069-11e5-8321-448a5b2faa3b
Error: (07/22/2015 02:03:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b168c01d0c4765ccff090C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll9aac4e5d-3069-11e5-8321-448a5b2faa3b
Error: (07/22/2015 02:00:00 PM) (Source: ESENT) (EventID: 428) (User: )
Description: svchost1612SRUJet:
==================== Memory info ===========================
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 39%
Total physical RAM: 4044.05 MB
Available physical RAM: 2431.52 MB
Total Virtual: 8140.05 MB
Available Virtual: 6068.43 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:111.45 GB) (Free:0 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:616.68 GB) NTFS
==================== MBR & Partition Table ==================
==================== End of log ============================
|
|
23.07.2015, 07:11
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? FRST bitte nochmal, unsere Tools brauchen immer Adminrechte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.07.2015, 13:41
| #5 |
| | Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? Also ich habe nun den Account meiner Eltern benutzt da er Administationsrechte hat, die probleme sind aber auch auf diesem vorhanden. FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:20-07-2015
Ran by Michel´s Daddelkiste (administrator) on MICHEL on 23-07-2015 14:37:31
Running from C:\Users\Michel´s Daddelkiste\Downloads
Loaded Profiles: Michel´s Daddelkiste (Available Profiles: Michel´s Daddelkiste & Michel)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.22.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.87.22.0\OverwolfHelper64.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) D:\Steam\Steam.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) D:\Steam\bin\steamwebhelper.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.22.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.87.22.0\OverwolfBrowser.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [37624 2014-07-24] (Panda Security, S.L.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKU\S-1-5-21-345954769-3013140688-2023865255-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632112 2015-07-20] (Electronic Arts)
HKU\S-1-5-21-345954769-3013140688-2023865255-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-07-09] (Overwolf LTD)
HKU\S-1-5-21-345954769-3013140688-2023865255-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] ()
HKU\S-1-5-21-345954769-3013140688-2023865255-1001\...\Run: [Gyazo] => [X]
HKU\S-1-5-21-345954769-3013140688-2023865255-1001\...\Run: [Steam] => D:\Steam\steam.exe [2895552 2015-07-21] (Valve Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-345954769-3013140688-2023865255-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2014-08-18] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2014-08-18] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\..\Interfaces\{40D9973B-D9BA-4D7F-81FC-437D9B8814FF}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{47F13971-5B56-44E3-970D-BB007E42DE19}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{589FE36D-803B-44F7-B87A-DE05F6E2BC69}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{A3ABE923-81B6-4C68-8271-89DC5EB0422C}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{EE2ABEC4-C104-4B80-AE1F-6ADCEE1FD3F9}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2014-08-18] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2014-08-18] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
Chrome:
=======
CHR Profile: C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-18]
CHR Extension: (Google Drive) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-18]
CHR Extension: (YouTube) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-18]
CHR Extension: (Adblock Plus) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-08-18]
CHR Extension: (Google Search) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-18]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-23]
CHR Extension: (Skype Click to Call) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-07-23]
CHR Extension: (Google Wallet) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-18]
CHR Extension: (Gmail) - C:\Users\Michel´s Daddelkiste\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-18]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-06-18] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-06-20] (EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [141560 2014-07-24] (Panda Security, S.L.)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-20] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1001200 2015-07-09] (Overwolf LTD)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [61688 2014-07-23] (Panda Security, S.L.)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-02-24] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-04-11] ()
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2014-07-24] (Panda Security, S.L.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 NNSALPC; C:\Windows\System32\DRIVERS\NNSAlpc.sys [96800 2014-06-04] (Panda Security, S.L.)
R1 NNSHTTP; C:\Windows\System32\DRIVERS\NNSHttp.sys [162336 2014-06-18] (Panda Security, S.L.)
R1 NNSHTTPS; C:\Windows\System32\DRIVERS\NNSHttps.sys [112160 2014-06-04] (Panda Security, S.L.)
R1 NNSIDS; C:\Windows\System32\DRIVERS\NNSIds.sys [115232 2014-06-04] (Panda Security, S.L.)
R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [47360 2014-01-16] (Panda Security, S.L.)
R1 NNSPICC; C:\Windows\System32\DRIVERS\NNSPicc.sys [95776 2014-06-04] (Panda Security, S.L.)
R1 NNSPIHSW; C:\Windows\System32\DRIVERS\NNSPihsw.sys [70176 2014-06-04] (Panda Security, S.L.)
R1 NNSPOP3; C:\Windows\System32\DRIVERS\NNSPop3.sys [125984 2014-06-04] (Panda Security, S.L.)
R1 NNSPROT; C:\Windows\System32\DRIVERS\NNSProt.sys [306720 2014-06-04] (Panda Security, S.L.)
R1 NNSPRV; C:\Windows\System32\DRIVERS\NNSPrv.sys [169504 2014-06-04] (Panda Security, S.L.)
R1 NNSSMTP; C:\Windows\System32\DRIVERS\NNSSmtp.sys [115744 2014-06-04] (Panda Security, S.L.)
R1 NNSSTRM; C:\Windows\System32\DRIVERS\NNSStrm.sys [261152 2014-06-04] (Panda Security, S.L.)
R1 NNSTLSC; C:\Windows\System32\DRIVERS\NNSTlsc.sys [109088 2014-06-04] (Panda Security, S.L.)
R2 PSINAflt; C:\Windows\System32\DRIVERS\PSINAflt.sys [160800 2014-07-24] (Panda Security, S.L.)
R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [120352 2014-07-24] (Panda Security, S.L.)
R1 PSINKNC; C:\Windows\System32\DRIVERS\psinknc.sys [195616 2014-07-24] (Panda Security, S.L.)
R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [122400 2014-07-24] (Panda Security, S.L.)
R2 PSINProt; C:\Windows\System32\DRIVERS\PSINProt.sys [132128 2014-07-24] (Panda Security, S.L.)
R2 PSINReg; C:\Windows\System32\DRIVERS\PSINReg.sys [106016 2014-07-24] (Panda Security, S.L.)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [60400 2014-03-25] (Panda Security, S.L.)
R3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 xb1usb; C:\Windows\System32\drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-23 14:37 - 2015-07-23 14:37 - 00018167 _____ C:\Users\Michel´s Daddelkiste\Downloads\FRST.txt
2015-07-23 14:36 - 2015-07-23 14:37 - 02135552 _____ (Farbar) C:\Users\Michel´s Daddelkiste\Downloads\FRST64.exe
2015-07-23 14:34 - 2015-07-23 14:36 - 00000000 ____D C:\Users\Michel´s Daddelkiste\AppData\Roaming\TS3Client
2015-07-23 14:34 - 2015-07-23 14:34 - 00001304 _____ C:\Users\Michel´s Daddelkiste\Desktop\TeamSpeak 3 Client.lnk
2015-07-23 14:34 - 2015-07-23 14:34 - 00000000 ____D C:\Users\Michel´s Daddelkiste\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-07-23 14:34 - 2015-07-23 14:34 - 00000000 ____D C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client
2015-07-23 14:17 - 2015-07-23 14:30 - 30014480 _____ (TeamSpeak Systems GmbH) C:\Users\Michel´s Daddelkiste\Downloads\TeamSpeak3-Client-win64-3.0.16.exe
2015-07-23 14:15 - 2015-07-23 14:15 - 00000000 ____D C:\Users\Michel´s Daddelkiste\AppData\Local\CEF
2015-07-22 21:37 - 2015-07-22 21:37 - 00000116 _____ C:\Windows\setupact.log
2015-07-22 21:37 - 2015-07-22 21:37 - 00000000 _____ C:\Windows\setuperr.log
2015-07-22 21:17 - 2015-07-22 21:17 - 00003464 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachineDaily
2015-07-22 21:16 - 2015-07-22 21:16 - 00000000 ____D C:\Users\Michel\AppData\Local\CEF
2015-07-22 21:16 - 2015-07-22 21:16 - 00000000 ____D C:\ProgramData\Gyazo
2015-07-22 21:10 - 2015-07-23 14:28 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-345954769-3013140688-2023865255-1001
2015-07-22 21:09 - 2015-07-22 21:09 - 00000526 _____ C:\Users\Public\Desktop\Steam.lnk
2015-07-22 21:02 - 2015-07-22 21:02 - 00000000 ____D C:\Users\Michel´s Daddelkiste\AppData\Local\GWX
2015-07-22 15:26 - 2015-07-22 15:26 - 00049519 _____ C:\Users\Michel\Downloads\Addition.txt
2015-07-22 15:25 - 2015-07-23 14:37 - 00000000 ____D C:\FRST
2015-07-22 15:25 - 2015-07-22 15:26 - 00041609 _____ C:\Users\Michel\Downloads\FRST.txt
2015-07-22 15:24 - 2015-07-22 15:24 - 02135552 _____ (Farbar) C:\Users\Michel\Downloads\FRST64.exe
2015-07-21 18:06 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 18:06 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-21 18:06 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 18:06 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 15:23 - 2015-07-20 15:23 - 00000000 ____D C:\Program Files (x86)\Battlelog Web Plugins
2015-07-18 09:31 - 2015-07-18 12:08 - 00000000 ____D C:\Users\Michel\Documents\Stronghold Crusader
2015-07-18 09:28 - 2015-07-18 11:40 - 00000000 ____D C:\Users\Michel\Documents\gothic3
2015-07-16 17:55 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-16 17:55 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-16 17:55 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-16 17:55 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-16 17:55 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-16 17:55 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-16 17:55 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-16 17:55 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-16 17:55 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-16 17:55 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-16 17:55 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-16 17:55 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-16 17:55 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-16 17:55 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-16 17:55 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-16 17:55 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-16 17:54 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-16 17:54 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-16 17:54 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-16 17:54 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-16 17:54 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-16 17:54 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-16 17:54 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-16 17:54 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-16 17:54 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-16 17:54 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-16 17:54 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-16 17:54 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-16 17:54 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-16 17:54 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-16 17:54 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-16 17:54 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-16 17:54 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-16 17:54 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-16 17:54 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-16 17:54 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-16 17:54 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-16 17:54 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-16 17:54 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-16 17:54 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-16 17:54 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-16 17:54 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-16 17:54 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-16 17:54 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-16 17:54 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-16 17:54 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-16 17:54 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-16 17:54 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-16 17:54 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-16 17:54 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-16 17:54 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-16 17:54 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-16 17:54 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-16 17:54 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-16 17:54 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 17:54 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-16 17:54 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-16 17:54 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-16 17:54 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-16 17:54 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-16 17:54 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-16 17:54 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-16 17:54 - 2014-11-04 21:25 - 00059712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-16 17:54 - 2014-11-04 21:25 - 00051008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-16 17:54 - 2014-11-04 08:55 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-16 17:54 - 2014-11-04 08:54 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-16 17:54 - 2014-11-04 08:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-16 17:54 - 2014-11-04 08:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-16 17:53 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-16 17:53 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-16 17:53 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-16 17:53 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-16 17:53 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-16 17:53 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-16 17:53 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-16 17:53 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-16 17:53 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-16 17:53 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-16 17:53 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-16 17:53 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-16 17:53 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-16 17:53 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-16 17:53 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-16 17:53 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-16 17:53 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-16 17:53 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-16 17:53 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-16 17:53 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-16 17:53 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-16 17:53 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-16 17:53 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-16 17:53 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-16 17:53 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-16 17:53 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-16 17:53 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-16 17:52 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-16 17:52 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-16 17:52 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-16 17:52 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-16 17:52 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-16 17:52 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-16 17:52 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-16 17:52 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-16 17:52 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-16 17:52 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-16 17:52 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-16 17:52 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-16 17:36 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-16 17:36 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-16 17:36 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-16 17:36 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-16 17:36 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-16 17:36 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-16 17:36 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-16 17:36 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-16 17:36 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-16 17:33 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-16 17:32 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-16 17:32 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-16 17:32 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-16 17:32 - 2015-05-02 01:33 - 00410739 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-14 15:48 - 2015-07-14 15:49 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Trove
2015-07-01 18:00 - 2015-07-22 15:37 - 00000166 _____ C:\Users\Michel\Documents\ClownfishForTeamspeak.ini
2015-07-01 17:58 - 2015-07-01 17:58 - 00237268 _____ C:\Users\Michel\Downloads\ClownfishVoiceChanger-v1.50 (1).ts3_plugin
2015-07-01 17:57 - 2015-07-01 17:58 - 00237268 _____ C:\Users\Michel\Downloads\ClownfishVoiceChanger-v1.50.ts3_plugin
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-23 14:32 - 2014-08-18 04:21 - 01650972 _____ C:\Windows\WindowsUpdate.log
2015-07-23 14:23 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-07-23 14:16 - 2014-08-18 09:34 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-23 14:15 - 2015-04-07 20:40 - 00000000 ____D C:\Users\Michel´s Daddelkiste\AppData\Local\Overwolf
2015-07-23 14:15 - 2014-09-09 08:36 - 00000000 ____D C:\Users\Michel´s Daddelkiste\AppData\Local\LogMeIn Hamachi
2015-07-23 14:15 - 2014-08-19 22:42 - 00000000 ____D C:\ProgramData\Origin
2015-07-23 14:15 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-07-23 14:14 - 2014-08-18 09:34 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-23 14:13 - 2014-11-10 20:40 - 00000000 ____D C:\Users\Michel\AppData\Local\LogMeIn Hamachi
2015-07-22 21:53 - 2014-11-14 21:28 - 00000000 ____D C:\Users\Michel\AppData\Roaming\TS3Client
2015-07-22 21:48 - 2014-08-21 03:40 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-07-22 21:43 - 2014-08-18 04:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-22 21:43 - 2013-08-23 01:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2015-07-22 21:43 - 2013-08-23 01:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2015-07-22 21:42 - 2015-04-23 21:59 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-345954769-3013140688-2023865255-1006
2015-07-22 21:42 - 2014-08-18 04:22 - 00000000 ____D C:\Users\Michel´s Daddelkiste
2015-07-22 21:37 - 2014-08-18 09:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-22 21:37 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-22 21:36 - 2015-06-03 17:16 - 00000000 ____D C:\Program Files (x86)\Gyazo
2015-07-22 21:17 - 2015-06-03 17:16 - 00003338 _____ C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2015-07-22 21:11 - 2015-04-07 20:43 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-07-22 21:01 - 2014-08-18 09:24 - 00002273 _____ C:\Users\Michel´s Daddelkiste\Desktop\Google Chrome.lnk
2015-07-22 16:27 - 2014-11-13 18:43 - 00000000 ____D C:\Users\Michel\AppData\Roaming\.minecraft
2015-07-22 15:18 - 2014-08-21 03:40 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-07-22 14:56 - 2014-08-17 22:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-22 14:08 - 2014-12-21 16:34 - 00000000 ____D C:\Users\Michel\Downloads\Musik
2015-07-22 13:28 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-21 22:03 - 2013-08-22 16:44 - 00454200 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 19:32 - 2014-11-25 09:25 - 00000000 ____D C:\Users\Michel\Documents\irgendwas
2015-07-21 18:55 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-21 17:20 - 2014-08-21 20:41 - 00348360 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-07-21 16:20 - 2014-08-19 22:23 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-21 15:00 - 2015-06-18 17:08 - 00000000 ____D C:\Users\Michel\AppData\Local\Arma 3
2015-07-20 15:26 - 2014-11-12 16:16 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Origin
2015-07-20 15:26 - 2014-08-19 22:41 - 00000000 ____D C:\Program Files (x86)\Origin
2015-07-20 15:18 - 2014-11-22 10:20 - 00000000 __SHD C:\Users\Michel\AppData\Local\EmieBrowserModeList
2015-07-20 15:18 - 2014-11-12 16:26 - 00000000 __SHD C:\Users\Michel\AppData\Local\EmieUserList
2015-07-20 15:18 - 2014-11-12 16:26 - 00000000 __SHD C:\Users\Michel\AppData\Local\EmieSiteList
2015-07-18 13:52 - 2014-11-27 18:08 - 00000000 ____D C:\Users\Michel\Documents\Mount&Blade Warband Savegames
2015-07-17 23:52 - 2015-04-07 10:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-17 23:52 - 2015-04-07 10:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 21:20 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-16 21:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-16 21:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-16 19:19 - 2015-04-16 20:52 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 19:19 - 2015-03-15 08:52 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-16 19:19 - 2014-08-18 10:25 - 00000000 ____D C:\Windows\system32\MRT
2015-07-16 18:11 - 2015-05-18 20:23 - 00004104 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-16 18:11 - 2015-05-18 20:23 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-16 17:30 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-13 23:10 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 19:45 - 2015-06-18 17:07 - 00000000 ____D C:\Users\Michel\AppData\Local\Arma 3 Launcher
2015-07-06 20:50 - 2015-04-28 17:13 - 00000000 ____D C:\Users\Michel\AppData\Roaming\Skype
2015-07-05 20:50 - 2015-05-30 20:14 - 00000000 ____D C:\Users\Michel\Documents\My Games
2015-07-03 08:43 - 2014-08-18 10:25 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-29 19:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF
2015-06-25 13:41 - 2014-11-10 20:39 - 00002273 _____ C:\Users\Michel\Desktop\Google Chrome.lnk
Some files in TEMP:
====================
C:\Users\Michel´s Daddelkiste\AppData\Local\Temp\ose00000.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-21 18:55
==================== End of log ============================
[CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:20-07-2015
Ran by Michel´s Daddelkiste at 2015-07-23 14:38:01
Running from C:\Users\Michel´s Daddelkiste\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-345954769-3013140688-2023865255-500 - Administrator - Disabled)
Gast (S-1-5-21-345954769-3013140688-2023865255-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-345954769-3013140688-2023865255-1003 - Limited - Enabled)
Michel (S-1-5-21-345954769-3013140688-2023865255-1006 - Limited - Enabled) => C:\Users\Michel
Michel´s Daddelkiste (S-1-5-21-345954769-3013140688-2023865255-1001 - Administrator - Enabled) => C:\Users\Michel´s Daddelkiste
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Free Antivirus (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Free Antivirus (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Enabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Age of Empires III - The Asian Dynasties (HKLM-x32\...\InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III - The Asian Dynasties (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Age of Empires III (HKLM-x32\...\InstallShield_{A8CF5C37-8EC5-4C33-BB4A-87F468B77D45}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version: - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.30944 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.1 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - Torn Banner Studios)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{668B7711-6DAF-465F-9BE2-F3C07C962131}) (Version: 0.92.117 - Dotjosh Studios)
DayZLauncher version 0.0.0.13 (HKLM-x32\...\{E31045B4-9DB5-9EBD-44DF-BD4E6CFD40DF}_is1) (Version: 0.0.0.13 - Maca134)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Empire Earth (HKLM-x32\...\{2447500B-22D7-47BD-9B13-1A927F43A267}) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Gothic 3 (HKLM-x32\...\Steam App 39500) (Version: - Piranha – Bytes)
Gyazo 3.1.4 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
HyperSnap 7 (HKLM-x32\...\HyperSnap 7) (Version: 7.29.03 - Hyperionics Technology LLC)
Interstellar Marines (HKLM-x32\...\Steam App 236370) (Version: - Zero Point Software)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 11 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418011FF}) (Version: 8.0.110 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Medieval II: Total War (HKLM-x32\...\Steam App 4700) (Version: - The Creative Assembly)
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version: - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version: - )
Microsoft Office 2010 Service Pack 1 (SP1) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}) (Version: - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Miscreated (HKLM-x32\...\Steam App 299740) (Version: - Entrada Interactive LLC)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version: - TaleWorlds Entertainment)
Napoleon: Total War (HKLM-x32\...\Steam App 34030) (Version: - The Creative Assembly)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version: - Cryptic Studios)
Nidhogg v1.0 (HKLM-x32\...\Nidhogg v1.01.0) (Version: 1.0 - Friends in War)
Origin (HKLM-x32\...\Origin) (Version: 9.4.20.386 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.87.22.0 - Overwolf Ltd.)
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.03 - Panda Security)
Panda Devices Agent (x32 Version: 1.05.00 - Panda Security) Hidden
Panda Free Antivirus (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 15.00.01.0000 - Panda Security)
Panda Free Antivirus (Version: 7.23.00.0000 - Panda Security) Hidden
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Starbound (HKLM-x32\...\Steam App 211820) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stranded Deep (HKLM-x32\...\Steam App 313120) (Version: - Beam Team Games)
Stronghold Crusader Extreme HD (HKLM-x32\...\Steam App 16700) (Version: - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version: - FireFly Studios)
TeamSpeak 3 Client (HKU\S-1-5-21-345954769-3013140688-2023865255-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Forest (HKLM-x32\...\Steam App 242760) (Version: - Endnight Games Ltd)
Toribash (HKLM-x32\...\Steam App 248570) (Version: - Nabi Studios)
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly)
Trove (HKLM-x32\...\Steam App 304050) (Version: - Trion Worlds)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
War of the Roses (HKLM-x32\...\Steam App 42160) (Version: - Fatshark)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-345954769-3013140688-2023865255-1001_Classes\CLSID\{4a30e683-5254-45a8-a825-0f70908a86d4}\InprocServer32 -> C:\Users\Michel´s Daddelkiste\Documents\HyperSnap 7\x64\ThumbDhs64.dll ()
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {33ECC859-F4F1-49B5-BA8D-DB61BB1B6792} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-07-16] ()
Task: {472D991A-47C0-404C-8349-B89E0B11FAA3} - \Optimize Start Menu Cache Files-S-1-5-21-345954769-3013140688-2023865255-1005 No Task File <==== ATTENTION
Task: {5FD96B53-488E-4360-8AF4-21F7D0561E84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-18] (Google Inc.)
Task: {6B6035E9-DF55-4750-A261-EB7A6953EB32} - System32\Tasks\Microsoft\Windows Embedded\Embedded App Launcher Startup => C:\Windows\system32\embeddedapplauncher.exe [2014-10-29] (Microsoft Corporation)
Task: {6BF2F076-E39B-4E65-8E2F-7931115273A8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] ()
Task: {7D8C35BC-F82D-46EF-A5D1-290815012C2B} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {85952270-5181-448B-BEBB-A9442F26973C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8976BD1F-3595-493B-B6AB-6E17EC8031F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-08-18] (Google Inc.)
Task: {A77D30F5-9BB2-4EC3-9069-F7056FA16163} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {BD2701D2-56D9-4F18-BB6E-842DEC07BD2F} - System32\Tasks\GyazoUpdateTaskMachineDaily => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2015-07-16] ()
Task: {EBDA9296-973E-4ECB-A7B1-0F0DFC8E593E} - \Overwolf Updater Task No Task File <==== ATTENTION
Task: {FE6AA9C4-83F4-4760-82C5-C518A8EEBD11} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2009-11-19 03:34 - 2009-11-19 03:34 - 00022016 _____ () C:\Windows\System32\suge1l6.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2013-07-26 06:59 - 2013-07-26 06:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-08-21 03:40 - 2015-04-11 13:00 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-28 11:14 - 2014-02-28 11:14 - 00173568 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 01080832 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00833024 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00102344 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00108488 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00030208 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00233984 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:46 - 2014-08-04 15:46 - 00563656 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-27 16:51 - 2014-02-27 16:51 - 00159232 _____ () C:\Users\Michel´s Daddelkiste\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-12 19:23 - 2013-04-12 19:23 - 00612664 _____ () C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-08-19 22:46 - 2015-07-20 15:25 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2015-07-14 20:32 - 2015-07-13 23:55 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libglesv2.dll
2015-07-14 20:32 - 2015-07-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.134\libegl.dll
2015-07-09 17:00 - 2015-07-09 17:00 - 40555008 _____ () C:\Program Files (x86)\Overwolf\0.87.22.0\libcef.DLL
2015-07-09 17:00 - 2015-07-09 17:00 - 00146432 _____ () C:\Program Files (x86)\Overwolf\0.87.22.0\OWGameEventsConsumer.dll
2015-07-22 21:16 - 2015-07-03 18:12 - 00778240 _____ () D:\Steam\SDL2.dll
2015-07-22 21:16 - 2015-07-03 18:12 - 04962816 _____ () D:\Steam\v8.dll
2015-07-22 21:16 - 2015-07-21 21:32 - 02410176 _____ () D:\Steam\video.dll
2015-07-22 21:16 - 2015-07-03 18:12 - 01556992 _____ () D:\Steam\icui18n.dll
2015-07-22 21:16 - 2015-07-03 18:12 - 01187840 _____ () D:\Steam\icuuc.dll
2015-07-22 21:16 - 2014-12-01 23:31 - 02396672 _____ () D:\Steam\libavcodec-56.dll
2015-07-22 21:16 - 2014-12-01 23:31 - 00479744 _____ () D:\Steam\libavformat-56.dll
2015-07-22 21:16 - 2014-12-01 23:31 - 00332800 _____ () D:\Steam\libavresample-2.dll
2015-07-22 21:16 - 2014-12-01 23:31 - 00442880 _____ () D:\Steam\libavutil-54.dll
2015-07-22 21:16 - 2014-12-01 23:31 - 00485888 _____ () D:\Steam\libswscale-3.dll
2015-07-22 21:16 - 2015-07-21 21:32 - 00703168 _____ () D:\Steam\bin\chromehtml.DLL
2015-07-22 21:16 - 2015-07-07 22:41 - 00169984 _____ () D:\Steam\bin\openvr_api.dll
2015-07-22 21:16 - 2015-07-03 18:12 - 39553928 _____ () D:\Steam\bin\libcef.dll
2015-07-09 17:00 - 2015-07-09 17:00 - 00985088 _____ () C:\Program Files (x86)\Overwolf\0.87.22.0\ffmpegsumo.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSUAService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NanoServiceMain => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PSUAService => ""="Service"
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-345954769-3013140688-2023865255-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [{48EA31DF-DE71-48E0-B983-0D419A6281E5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D1B78C42-CA90-4D95-B71F-E7AA75C506B6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FC321896-58D2-44CA-BF44-CC3D30F0F327}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EABF85EF-56AE-43BA-ADC3-1E0A16CB79F3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7A72799B-A873-4328-8C82-94ABA45FE432}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{F3C1D98A-3011-442E-AE3F-A1578EE104F6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8326E0BA-63A3-4939-97D5-D7E52D75E59C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{981A7D93-28B9-4176-94B4-C7E3DB3C8F3A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CF2C9E58-6EA2-4F9A-9E11-2A2EBC7AFCEE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{D11B53A8-F45C-4F8E-8C80-3D59DA824701}C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe] => (Block) C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe
FirewallRules: [UDP Query User{8684B433-DFD8-4597-988A-E33E48E2E12D}C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe] => (Block) C:\users\michel\desktop\broforce_v04.07.14\broforce_beta.exe
FirewallRules: [{CB22F8A8-425D-40A4-8D60-A2343B745CFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{36450553-7CBF-4898-898C-E1AD70B39E2D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{D87D6380-D093-4E17-95BB-FFFA17858DF4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DC0BD242-B329-4C76-8018-84DECFBD76E7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F377ECBE-CA7E-4304-8BC3-396F31AE9B42}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{8E86FDEA-564B-4259-A1CA-5E953FF1D5C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [TCP Query User{422993D7-72E9-406C-AF53-2EBAA6FEB9EC}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{E5CC1D3B-35E0-490C-8372-00B5C6F28CC6}C:\program files\java\jre8\bin\javaw.exe] => (Block) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [TCP Query User{B0AEC8CF-393C-45D4-9440-EBD8028D69B7}C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{6BBDF20D-22F6-4AF5-BB1F-A6EC5F40B281}C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe] => (Allow) C:\users\michel\desktop\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{308AF660-AF8D-4A7F-A03B-749B753BC663}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{CC95F6DB-E215-4A4F-8356-18D5C01A1A93}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{522589A0-C049-4B29-9C1B-176341586D03}D:\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{0F94F54A-1604-43D9-96AD-7E9FD87EA6B1}D:\call of duty 4 - modern warfare\iw3mp.exe] => (Allow) D:\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{97217A7D-4776-4C30-9C6F-62398E0F0E47}D:\counter strike 1.6 [portable]\root\cstrike.exe] => (Allow) D:\counter strike 1.6 [portable]\root\cstrike.exe
FirewallRules: [UDP Query User{38C656E6-E7CE-44BA-83BF-FF73365A5262}D:\counter strike 1.6 [portable]\root\cstrike.exe] => (Allow) D:\counter strike 1.6 [portable]\root\cstrike.exe
FirewallRules: [TCP Query User{F4F4801E-7A8E-4D6A-B250-9BEFB56FECE9}D:\day of defeat source [portable]\hl2.exe] => (Allow) D:\day of defeat source [portable]\hl2.exe
FirewallRules: [UDP Query User{811E8FB4-96C0-4A30-AEAF-588EDB0D6822}D:\day of defeat source [portable]\hl2.exe] => (Allow) D:\day of defeat source [portable]\hl2.exe
FirewallRules: [TCP Query User{2939A04C-5688-45CC-AB2C-6D17F7C69DEA}D:\day of defeat source [portable]\srcds.exe] => (Allow) D:\day of defeat source [portable]\srcds.exe
FirewallRules: [UDP Query User{C852E898-2000-4910-AFAC-8E1F7CB4A284}D:\day of defeat source [portable]\srcds.exe] => (Allow) D:\day of defeat source [portable]\srcds.exe
FirewallRules: [TCP Query User{C56BF3DF-3611-45F6-B663-30C242EEF24A}D:\quake3 [portable]\quake3.exe] => (Allow) D:\quake3 [portable]\quake3.exe
FirewallRules: [UDP Query User{B05A938D-783D-49E8-8E51-C1B2407393EE}D:\quake3 [portable]\quake3.exe] => (Allow) D:\quake3 [portable]\quake3.exe
FirewallRules: [TCP Query User{44A9645E-BF03-45CA-91E1-504AC8FD80E8}D:\team fortress 2 [portable]\hl2.exe] => (Allow) D:\team fortress 2 [portable]\hl2.exe
FirewallRules: [UDP Query User{A76E0FEB-DE3A-431F-937C-33B7B8E3D02D}D:\team fortress 2 [portable]\hl2.exe] => (Allow) D:\team fortress 2 [portable]\hl2.exe
FirewallRules: [TCP Query User{1DDF2AFA-F3CE-41A6-919E-459153B1FEB5}D:\warcraft iii + frozen throne [portable]\war3.exe] => (Allow) D:\warcraft iii + frozen throne [portable]\war3.exe
FirewallRules: [UDP Query User{6C6463C4-8C77-4D16-B845-051A89CB7141}D:\warcraft iii + frozen throne [portable]\war3.exe] => (Allow) D:\warcraft iii + frozen throne [portable]\war3.exe
FirewallRules: [TCP Query User{54672DFC-0EA4-4F4D-A4C5-FAC8DD7EFE73}D:\cod4 - install\setup\data\iw3mp.exe] => (Allow) D:\cod4 - install\setup\data\iw3mp.exe
FirewallRules: [UDP Query User{D849D1AB-EA47-43C6-B3AA-0FD35FD47FC0}D:\cod4 - install\setup\data\iw3mp.exe] => (Allow) D:\cod4 - install\setup\data\iw3mp.exe
FirewallRules: [{6888A420-632B-42CA-9991-0495FDEF34F4}] => (Allow) D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{3E0F50A7-E715-4265-9604-6E8070F4B9A0}] => (Allow) D:\SteamLibrary\SteamApps\common\Mount & Blade With Fire and Sword\mb_wfas.exe
FirewallRules: [{CA85EDBC-DEE7-41C1-80FE-CD6C3477C6F0}] => (Allow) D:\BF4\Battlefield 3\bf3.exe
FirewallRules: [{F4914610-4F63-467D-8366-86A1BB2400E9}] => (Allow) D:\BF4\Battlefield 3\bf3.exe
FirewallRules: [{5D62F0E9-E1C7-43DE-BD78-0B051C9E2F2D}] => (Allow) D:\SteamLibrary\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{E02161A5-DD3D-4CE3-ACE2-D89827E5A41E}] => (Allow) D:\SteamLibrary\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{0A5EAF3F-7F02-4739-AF11-172A906B047B}] => (Allow) D:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{3138FD1A-B956-4D5D-830B-493C3783FA45}] => (Allow) D:\SteamLibrary\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{350068E0-61F9-4BB4-9A25-C99D5B115FDA}] => (Allow) D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{664DDB74-F2A7-4834-93DC-968417CB3BC4}] => (Allow) D:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{9BBD13CA-9404-437C-AD83-AE03D8E15B20}D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{46B9DB84-649B-4A2C-8EDC-D238858032B4}D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) D:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{0B95740C-7B09-4D26-98E0-54BFCB947438}] => (Allow) D:\SteamLibrary\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{4426E978-E42E-4305-A319-6CEC075D4B2E}] => (Allow) D:\SteamLibrary\SteamApps\common\War of the Roses\run_game.exe
FirewallRules: [{0CE0BE62-7662-4273-8DCE-FBE18DEE1C88}] => (Allow) D:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{08971E34-1940-4FFC-BA5F-C45EEFEA6F2A}] => (Allow) D:\SteamLibrary\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{9FBC3462-A6DC-46E3-A1A8-3E5940CF7210}] => (Allow) D:\SteamLibrary\SteamApps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{7D250C55-9A12-406F-AE50-0847E1E9F474}] => (Allow) D:\SteamLibrary\SteamApps\common\Stranded Deep\Stranded_Deep_x64.exe
FirewallRules: [{E65E3FAF-35D4-46D4-80ED-E087BA5D272F}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{18F64F93-1FF9-41A7-B59B-5F247D9BA43F}] => (Allow) D:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{8A5E308A-5666-4158-BF5F-C538CF61F011}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{21221994-C711-461A-8E26-7F0525DD3B04}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{2A8E854D-F5F5-4174-AEE9-E8E4C1DDBBC0}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{496091D6-103C-4529-A28B-7751ABF8FD9E}] => (Allow) D:\SteamLibrary\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{3F23D402-7417-4613-9B04-BD58B83C3DC1}] => (Allow) D:\SteamLibrary\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{513C69D1-82D5-46D6-B395-954D16AA6FBD}] => (Allow) D:\SteamLibrary\SteamApps\common\Napoleon Total War\Napoleon.exe
FirewallRules: [{FFD9FCA9-1581-45A8-8EA5-F4FD839A22D6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [{8C0F2F13-8BBE-4A1C-9668-DFF33EEB55DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Interstellar Marines\InterstellarMarines.exe
FirewallRules: [TCP Query User{6A512906-03A8-43B3-85C2-C3AD63D6F3E8}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{18EC6233-01D6-4D9E-8781-5698EEC4E480}C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\zenimax online\launcher\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{32A20775-FB16-4001-A88B-CA3DDB09339B}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{7DA30828-EB45-4D32-AC9F-A6313CC11489}C:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) C:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [TCP Query User{822D2936-F7A0-40C8-86A7-E8E21B32DE9B}C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{8A352B2F-5C50-440F-8A21-6ED9F0DAC46F}C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\program files (x86)\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [TCP Query User{28CBD259-74AD-45E5-92A4-90753623E7CC}C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [UDP Query User{8FBC607B-EF0E-4588-9354-B0B112AE3A20}C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe] => (Allow) C:\users\michel\desktop\the elder scrolls online\launcher\bethesda.net_launcher.exe
FirewallRules: [{F56DF98E-71A5-4F1B-B0FB-A631F369ECAE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{63B9AE73-B38B-4D2A-8D7A-2AE3EDB5502B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{DF51A55B-E650-4347-9DFD-49F81C65A2AF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{05DC04FE-46AD-46A7-9E92-597A4CB3E74D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{694A2567-BF99-4231-815F-54311F2B40B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{8CA33E44-B825-4012-B7EF-63C0306A67F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{60523A6F-425B-484A-95F1-77A37074AEEF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{F1760015-2A1F-4ED5-AA6D-C135F3D5EA11}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{02ECD52B-8361-4572-9DFA-931D5074EC11}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{BD0171CA-62D3-4F7B-8DFA-2BF967BCEC37}] => (Allow) D:\SteamLibrary\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{5EBE0459-A5FB-4541-A3DC-90FDBB3DCBCE}D:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [UDP Query User{F7753444-E627-4916-92E6-2BB4F8969BE0}D:\steamlibrary\steamapps\common\dayz\dayz.exe] => (Allow) D:\steamlibrary\steamapps\common\dayz\dayz.exe
FirewallRules: [{CF24B18D-5FAB-427C-BDE3-57DBB6503EBD}] => (Allow) D:\SteamLibrary\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [{581B5A5E-9C50-40EF-8B9D-1ECDFF735174}] => (Allow) D:\SteamLibrary\SteamApps\common\Medieval II Total War\medieval2.exe
FirewallRules: [TCP Query User{9E6E9009-C509-4EAE-9567-89883955278E}F:\age of empires ii\age2_x1\age2_x2.exe] => (Allow) F:\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [UDP Query User{51770D2D-A407-4FA5-AD86-577576904361}F:\age of empires ii\age2_x1\age2_x2.exe] => (Allow) F:\age of empires ii\age2_x1\age2_x2.exe
FirewallRules: [TCP Query User{FB47DAF7-2E46-41F6-8C42-740B145F3B6A}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [UDP Query User{B8FCA55F-5119-4507-8C35-FCE13F42B2D0}C:\sierra\empire earth\empire earth.exe] => (Allow) C:\sierra\empire earth\empire earth.exe
FirewallRules: [TCP Query User{5A52BD26-C98E-4A27-8E56-03C30DF3B9C7}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{8B5CD25B-3130-400A-9AB2-F529E708AC41}C:\program files (x86)\microsoft games\age of empires ii\empires2.exe] => (Allow) C:\program files (x86)\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{D42CC75B-34F5-4028-8387-755E23ACEB0B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{1085C83C-7A0E-4FF2-86AC-FA6A9082C1E9}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3y.exe
FirewallRules: [{52298F3B-52CD-4DEA-B46A-A20E24C55F76}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DD17F9EA-ABF2-421E-8693-A2288B469804}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3AEB893B-649A-4368-BEC1-DC28C7E97D9D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{765C2ABF-37F1-400A-A808-A7B446CEE03B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{73F932C5-62CE-46EC-8BFE-8811D6837E3E}D:\steamlibrary\steamapps\common\total war arena\arena.exe] => (Allow) D:\steamlibrary\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{356F4EA2-5661-4195-9D5E-C36B3B2A5DA1}D:\steamlibrary\steamapps\common\total war arena\arena.exe] => (Allow) D:\steamlibrary\steamapps\common\total war arena\arena.exe
FirewallRules: [TCP Query User{2878A5B5-EA29-49B2-918F-6CC8FF189931}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E27AA324-946E-48AA-A0B0-E8B22877446A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E9AAA7E2-3AD8-4680-B3D8-71F95C18BF9F}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{B936C548-246A-47AA-9745-92D528FDF3D6}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{6F1F7089-F5C9-4735-A9C5-0204872B0263}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{8ED8B60F-DD0D-4712-8986-E1A1491E7B4F}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
FirewallRules: [{22E33B08-EFF0-40C6-9AEA-E322C6AE0850}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{DEC41335-1C9B-4BA6-AEC4-B6A9309300D2}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{4CC67B61-55C7-498D-AF1F-D7D9AF191D8E}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{2541505D-B924-47D8-8D7F-903FFBBD9AE1}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
FirewallRules: [{B41436DD-A23E-4D7A-BAD1-CB9478E17069}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{74D345F4-161B-4EB7-9889-F88E40560548}] => (Allow) D:\SteamLibrary\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{531BD2DD-BC8B-41B3-9439-E60EBE85D4DF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{3BC4847D-52AB-4E99-9209-FE229AB5A764}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CastleCrashers\castle.exe
FirewallRules: [{DB27E84F-A00D-4DEC-9E7A-B3469310CF19}] => (Allow) D:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{2B5C8A8B-693F-4580-B164-30063D40404E}] => (Allow) D:\SteamLibrary\SteamApps\common\The Forest\TheForest.exe
FirewallRules: [{01823279-A15D-471F-A775-62D23EC1447B}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{9336760F-2095-47C1-8B80-8FD2514FC08F}] => (Allow) D:\SteamLibrary\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{CAB2E1E9-4958-4D44-A16E-8A5E1FBDC730}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Block) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{1F421AF0-7FFE-4ADE-8C83-2F7311E331FB}D:\steamlibrary\steamapps\common\arma 3\arma3.exe] => (Block) D:\steamlibrary\steamapps\common\arma 3\arma3.exe
FirewallRules: [{3B82F3C9-D81E-4A92-B3BA-C88AA872D06E}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{C7732A81-5B75-4A49-83AE-D5D969269E08}] => (Allow) D:\SteamLibrary\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{A4B6424E-085B-431D-A365-55131FBF08FA}] => (Allow) D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{BABEBCF0-772D-45A6-83CD-F54BB3AC02EF}] => (Allow) D:\SteamLibrary\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{3290CF6B-956E-47D8-8EA7-207840641A2F}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Miscreated.exe
FirewallRules: [{B5F977D6-408C-41B1-8DC8-6D5CE7E9E657}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Miscreated.exe
FirewallRules: [{F3DEE0EE-B325-4B04-B35D-03C86BCB20E2}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{AF529E2E-D9C8-453B-B7E3-7BE762A0B0D9}] => (Allow) D:\SteamLibrary\SteamApps\common\Miscreated\Bin64\Miscreated.exe
FirewallRules: [{660D87AF-2EE9-4D16-A4DC-B5208E1C6F22}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{4FA19E5D-5B0D-473A-9BAB-CBDC86B520FA}] => (Allow) D:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{614BCC86-9741-4E71-9873-06BE87B472F3}] => (Allow) D:\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{FC3BF8D1-B326-4645-8DA1-A1305B10C11B}] => (Allow) D:\SteamLibrary\SteamApps\common\Trove\GlyphClient.exe
FirewallRules: [{14FC4374-0995-4135-9404-DE0AEDF4597D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4C0C2627-E58F-406C-935E-8F5241082B8E}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{E1A450A6-AF5F-4946-AE0E-FC77FA33E762}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{02D7F3E6-A3CA-4C6D-8D0E-2B13B258154F}] => (Allow) D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{D3820B1F-4786-4C7B-8C66-E205F04B39EC}] => (Allow) D:\SteamLibrary\SteamApps\common\Gothic 3\Gothic3.exe
FirewallRules: [{4D154960-2DCF-4F6D-A61B-E1816706D997}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{4F9D5454-69FB-4477-805D-E8E039436829}] => (Allow) D:\SteamLibrary\SteamApps\common\Stronghold Crusader Extreme\Stronghold_Crusader_Extreme.exe
FirewallRules: [{D320B643-A305-457B-BF6A-E4DE6CBDD870}] => (Allow) D:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{31459CD2-1A3F-4A8B-AE6A-EC7BDC481021}] => (Allow) D:\BF4\Battlefield 4\bf4_x86.exe
FirewallRules: [{13C0C097-359F-4BC2-946C-AE880DBF2573}] => (Allow) D:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{4689CB01-E185-4FFC-9674-45B675B4496B}] => (Allow) D:\BF4\Battlefield 4\bf4.exe
FirewallRules: [{11F5029F-50FA-450B-97EA-C76172BA8DDA}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{93BAFA84-76B8-4037-BFEA-4CE9F2B6FCAA}] => (Allow) D:\Steam\Steam.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/23/2015 02:20:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (07/23/2015 02:20:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (07/23/2015 02:16:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michel)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (07/23/2015 02:15:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e12e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005e2d30
ID des fehlerhaften Prozesses: 0x1848
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (07/23/2015 02:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000005473b
ID des fehlerhaften Prozesses: 0x1a08
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5
Error: (07/23/2015 02:14:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michel)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (07/23/2015 02:14:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e12e
Name des fehlerhaften Moduls: clr.dll, Version: 4.0.30319.34209, Zeitstempel: 0x5348a1ef
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000005e2d30
ID des fehlerhaften Prozesses: 0x1748
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
Error: (07/23/2015 02:14:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GWXUX.exe, Version: 6.3.9600.17924, Zeitstempel: 0x55959290
Name des fehlerhaften Moduls: mshtml.dll, Version: 11.0.9600.17924, Zeitstempel: 0x5595a0f4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000a126c0
ID des fehlerhaften Prozesses: 0xab0
Startzeit der fehlerhaften Anwendung: 0xGWXUX.exe0
Pfad der fehlerhaften Anwendung: GWXUX.exe1
Pfad des fehlerhaften Moduls: GWXUX.exe2
Berichtskennung: GWXUX.exe3
Vollständiger Name des fehlerhaften Pakets: GWXUX.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GWXUX.exe5
Error: (07/22/2015 09:38:33 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michel)
Description: Produkt: Adobe Reader XI - Deutsch - Update "{AC76BA86-7AD7-0000-2550-7A8C40011012}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (07/22/2015 09:38:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: CCC.exe, Version: 4.5.0.0, Zeitstempel: 0x5254e12e
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.17736, Zeitstempel: 0x550f4336
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000054719
ID des fehlerhaften Prozesses: 0x1398
Startzeit der fehlerhaften Anwendung: 0xCCC.exe0
Pfad der fehlerhaften Anwendung: CCC.exe1
Pfad des fehlerhaften Moduls: CCC.exe2
Berichtskennung: CCC.exe3
Vollständiger Name des fehlerhaften Pakets: CCC.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: CCC.exe5
System errors:
=============
Error: (07/22/2015 09:53:30 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5
Error: (07/22/2015 09:48:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: microsoft.windowscommunicationsapps
Error: (07/22/2015 09:48:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.BingSports
Error: (07/22/2015 09:48:20 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070002 fehlgeschlagen: Microsoft.ZuneMusic
Error: (07/22/2015 09:43:23 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 43. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (07/22/2015 09:38:14 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 43. Der Windows-SChannel-Fehlerstatus lautet: 252.
Error: (07/22/2015 09:37:08 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Error: (07/22/2015 09:37:06 PM) (Source: volsnap) (EventID: 35) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Error: (07/22/2015 09:37:00 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 22.07.2015 um 21:00:04 unerwartet heruntergefahren.
Error: (07/22/2015 09:16:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office:
=========================
Error: (07/23/2015 02:20:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (07/23/2015 02:20:11 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Error: (07/23/2015 02:16:23 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michel)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)
Error: (07/23/2015 02:15:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.05254e12eclr.dll4.0.30319.342095348a1efc000000500000000005e2d30184801d0c5413cf5e4a4C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll8f712980-3134-11e5-8324-448a5b2faa3b
Error: (07/23/2015 02:15:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290ntdll.dll6.3.9600.17736550f4336c0000005000000000005473b1a0801d0c5413e588f79C:\Windows\System32\GWX\GWXUX.exeC:\Windows\SYSTEM32\ntdll.dll7c255cad-3134-11e5-8324-448a5b2faa3b
Error: (07/23/2015 02:14:31 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michel)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)
Error: (07/23/2015 02:14:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.05254e12eclr.dll4.0.30319.342095348a1efc000000500000000005e2d30174801d0c541037e27eeC:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\Microsoft.NET\Framework64\v4.0.30319\clr.dll564a6105-3134-11e5-8324-448a5b2faa3b
Error: (07/23/2015 02:14:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: GWXUX.exe6.3.9600.1792455959290mshtml.dll11.0.9600.179245595a0f4c00000050000000000a126c0ab001d0c54110370e5eC:\Windows\System32\GWX\GWXUX.exeC:\Windows\System32\mshtml.dll4e15a9ac-3134-11e5-8324-448a5b2faa3b
Error: (07/22/2015 09:38:33 PM) (Source: MsiInstaller) (EventID: 1024) (User: Michel)
Description: Adobe Reader XI - Deutsch{AC76BA86-7AD7-0000-2550-7A8C40011012}1625(NULL)(NULL)(NULL)
Error: (07/22/2015 09:38:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CCC.exe4.5.0.05254e12entdll.dll6.3.9600.17736550f4336c00000050000000000054719139801d0c4b5d5fae8a2C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exeC:\Windows\SYSTEM32\ntdll.dll28b30616-30a9-11e5-8324-448a5b2faa3b
==================== Memory info ===========================
Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 40%
Total physical RAM: 4044.05 MB
Available physical RAM: 2394.09 MB
Total Virtual: 8140.05 MB
Available Virtual: 6258.7 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:111.45 GB) (Free:1.76 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:602.3 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 51531BE5)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.4 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1CC864AB)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of log ============================
|
|
24.07.2015, 06:44
| #6 |
| /// the machine /// TB-Ausbilder | Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? |
|
24.07.2015, 14:20
| #7 |
| | Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? Hier die 2 logfiles: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.24.05
rootkit: v2015.07.22.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17905
Michel´s Daddelkiste :: MICHEL [administrator]
24.07.2015 14:56:27
mbar-log-2015-07-24 (14-56-27).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 416628
Time elapsed: 12 minute(s), 22 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 15:13:03.0399 0x1cc0 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:13:11.0180 0x1cc0 ============================================================
15:13:11.0180 0x1cc0 Current date / time: 2015/07/24 15:13:11.0180
15:13:11.0180 0x1cc0 SystemInfo:
15:13:11.0180 0x1cc0
15:13:11.0180 0x1cc0 OS Version: 6.3.9600 ServicePack: 0.0
15:13:11.0180 0x1cc0 Product type: Workstation
15:13:11.0180 0x1cc0 ComputerName: MICHEL
15:13:11.0180 0x1cc0 UserName: Michel´s Daddelkiste
15:13:11.0180 0x1cc0 Windows directory: C:\Windows
15:13:11.0180 0x1cc0 System windows directory: C:\Windows
15:13:11.0180 0x1cc0 Running under WOW64
15:13:11.0180 0x1cc0 Processor architecture: Intel x64
15:13:11.0180 0x1cc0 Number of processors: 6
15:13:11.0180 0x1cc0 Page size: 0x1000
15:13:11.0180 0x1cc0 Boot type: Normal boot
15:13:11.0180 0x1cc0 ============================================================
15:13:11.0258 0x1cc0 KLMD registered as C:\Windows\system32\drivers\40533871.sys
15:13:11.0323 0x1cc0 System UUID: {338EF6A8-A346-4FA8-2CFC-5E38082E1AB4}
15:13:11.0629 0x1cc0 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:13:11.0640 0x1cc0 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:13:11.0653 0x1cc0 ============================================================
15:13:11.0653 0x1cc0 \Device\Harddisk0\DR0:
15:13:11.0653 0x1cc0 MBR partitions:
15:13:11.0653 0x1cc0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
15:13:11.0653 0x1cc0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xDEE4800
15:13:11.0653 0x1cc0 \Device\Harddisk1\DR1:
15:13:11.0653 0x1cc0 MBR partitions:
15:13:11.0653 0x1cc0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:13:11.0654 0x1cc0 ============================================================
15:13:11.0654 0x1cc0 C: <-> \Device\Harddisk0\DR0\Partition2
15:13:11.0670 0x1cc0 D: <-> \Device\Harddisk1\DR1\Partition1
15:13:11.0670 0x1cc0 ============================================================
15:13:11.0670 0x1cc0 Initialize success
15:13:11.0670 0x1cc0 ============================================================
15:14:01.0443 0x04cc ============================================================
15:14:01.0443 0x04cc Scan started
15:14:01.0443 0x04cc Mode: Manual; SigCheck; TDLFS;
15:14:01.0443 0x04cc ============================================================
15:14:01.0443 0x04cc KSN ping started
15:14:03.0777 0x04cc KSN ping finished: true
15:14:04.0484 0x04cc ================ Scan system memory ========================
15:14:04.0484 0x04cc System memory - ok
15:14:04.0485 0x04cc ================ Scan services =============================
15:14:04.0524 0x04cc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
15:14:04.0589 0x04cc 1394ohci - ok
15:14:04.0603 0x04cc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
15:14:04.0617 0x04cc 3ware - ok
15:14:04.0637 0x04cc [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:14:04.0668 0x04cc ACPI - ok
15:14:04.0675 0x04cc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
15:14:04.0687 0x04cc acpiex - ok
15:14:04.0692 0x04cc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
15:14:04.0705 0x04cc acpipagr - ok
15:14:04.0710 0x04cc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
15:14:04.0722 0x04cc AcpiPmi - ok
15:14:04.0727 0x04cc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
15:14:04.0739 0x04cc acpitime - ok
15:14:04.0749 0x04cc [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:14:04.0758 0x04cc AdobeARMservice - ok
15:14:04.0782 0x04cc [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:14:04.0797 0x04cc AdobeFlashPlayerUpdateSvc - ok
15:14:04.0821 0x04cc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
15:14:04.0858 0x04cc ADP80XX - ok
15:14:04.0870 0x04cc [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:14:04.0890 0x04cc AeLookupSvc - ok
15:14:04.0910 0x04cc [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
15:14:04.0938 0x04cc AFD - ok
15:14:04.0945 0x04cc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:14:04.0957 0x04cc agp440 - ok
15:14:04.0963 0x04cc [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
15:14:04.0977 0x04cc ahcache - ok
15:14:04.0986 0x04cc [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
15:14:04.0999 0x04cc ALG - ok
15:14:05.0011 0x04cc [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:14:05.0043 0x04cc AMD External Events Utility - ok
15:14:05.0048 0x04cc AMD FUEL Service - ok
15:14:05.0057 0x04cc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
15:14:05.0071 0x04cc AmdK8 - ok
15:14:05.0390 0x04cc [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:14:05.0775 0x04cc amdkmdag - ok
15:14:05.0818 0x04cc [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:14:05.0853 0x04cc amdkmdap - ok
15:14:05.0861 0x04cc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
15:14:05.0874 0x04cc AmdPPM - ok
15:14:05.0884 0x04cc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:14:05.0895 0x04cc amdsata - ok
15:14:05.0906 0x04cc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:14:05.0925 0x04cc amdsbs - ok
15:14:05.0930 0x04cc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:14:05.0940 0x04cc amdxata - ok
15:14:05.0944 0x04cc [ E8CCB797DAF80779C768BD3A9FC8FCAF, 781BD878CA34D8B6D2FE238439CD173E95449260428859BEA92866D41B1284F4 ] AODDriver4.2.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
15:14:05.0967 0x04cc AODDriver4.2.0 - ok
15:14:05.0973 0x04cc [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
15:14:05.0987 0x04cc AppID - ok
15:14:05.0996 0x04cc [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:14:06.0008 0x04cc AppIDSvc - ok
15:14:06.0016 0x04cc [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
15:14:06.0031 0x04cc Appinfo - ok
15:14:06.0036 0x04cc [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:14:06.0044 0x04cc Apple Mobile Device - ok
15:14:06.0052 0x04cc [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:14:06.0070 0x04cc AppMgmt - ok
15:14:06.0088 0x04cc [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
15:14:06.0116 0x04cc AppReadiness - ok
15:14:06.0157 0x04cc [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
15:14:06.0206 0x04cc AppXSvc - ok
15:14:06.0216 0x04cc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:14:06.0230 0x04cc arcsas - ok
15:14:06.0235 0x04cc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
15:14:06.0245 0x04cc atapi - ok
15:14:06.0256 0x04cc [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
15:14:06.0274 0x04cc AudioEndpointBuilder - ok
15:14:06.0300 0x04cc [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:14:06.0336 0x04cc Audiosrv - ok
15:14:06.0344 0x04cc [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:14:06.0358 0x04cc AxInstSV - ok
15:14:06.0380 0x04cc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:14:06.0407 0x04cc b06bdrv - ok
15:14:06.0415 0x04cc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
15:14:06.0427 0x04cc BasicDisplay - ok
15:14:06.0433 0x04cc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
15:14:06.0448 0x04cc BasicRender - ok
15:14:06.0456 0x04cc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
15:14:06.0463 0x04cc bcmfn2 - ok
15:14:06.0475 0x04cc [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\Windows\System32\bdesvc.dll
15:14:06.0497 0x04cc BDESVC - ok
15:14:06.0504 0x04cc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
15:14:06.0516 0x04cc Beep - ok
15:14:06.0547 0x04cc [ C88B130365524EC69F6B8E0D31D7561D, 5D3797C93420477F4509C037511D497448EFDA7D567E15CB623FB5EEE9209146 ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
15:14:06.0582 0x04cc BEService - ok
15:14:06.0608 0x04cc [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\Windows\System32\bfe.dll
15:14:06.0644 0x04cc BFE - ok
15:14:06.0670 0x04cc [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
15:14:06.0711 0x04cc BITS - ok
15:14:06.0728 0x04cc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:14:06.0745 0x04cc Bonjour Service - ok
15:14:06.0753 0x04cc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:14:06.0767 0x04cc bowser - ok
15:14:06.0780 0x04cc [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
15:14:06.0799 0x04cc BrokerInfrastructure - ok
15:14:06.0810 0x04cc [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
15:14:06.0825 0x04cc Browser - ok
15:14:06.0832 0x04cc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
15:14:06.0844 0x04cc BthAvrcpTg - ok
15:14:06.0854 0x04cc [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
15:14:06.0866 0x04cc BthHFEnum - ok
15:14:06.0872 0x04cc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
15:14:06.0884 0x04cc bthhfhid - ok
15:14:06.0902 0x04cc [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
15:14:06.0923 0x04cc BthHFSrv - ok
15:14:06.0933 0x04cc [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
15:14:06.0945 0x04cc BTHMODEM - ok
15:14:06.0954 0x04cc [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
15:14:06.0968 0x04cc bthserv - ok
15:14:07.0004 0x04cc [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
15:14:07.0047 0x04cc c2cautoupdatesvc - ok
15:14:07.0092 0x04cc [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
15:14:07.0143 0x04cc c2cpnrsvc - ok
15:14:07.0152 0x04cc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:14:07.0170 0x04cc cdfs - ok
15:14:07.0181 0x04cc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
15:14:07.0195 0x04cc cdrom - ok
15:14:07.0204 0x04cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
15:14:07.0220 0x04cc CertPropSvc - ok
15:14:07.0227 0x04cc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
15:14:07.0240 0x04cc circlass - ok
15:14:07.0257 0x04cc [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
15:14:07.0278 0x04cc CLFS - ok
15:14:07.0290 0x04cc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
15:14:07.0302 0x04cc CmBatt - ok
15:14:07.0319 0x04cc [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\Windows\system32\Drivers\cng.sys
15:14:07.0346 0x04cc CNG - ok
15:14:07.0355 0x04cc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
15:14:07.0367 0x04cc CompositeBus - ok
15:14:07.0376 0x04cc COMSysApp - ok
15:14:07.0381 0x04cc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
15:14:07.0396 0x04cc condrv - ok
15:14:07.0409 0x04cc [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:14:07.0426 0x04cc CryptSvc - ok
15:14:07.0445 0x04cc [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\Windows\system32\drivers\csc.sys
15:14:07.0472 0x04cc CSC - ok
15:14:07.0496 0x04cc [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\Windows\System32\cscsvc.dll
15:14:07.0528 0x04cc CscService - ok
15:14:07.0534 0x04cc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
15:14:07.0545 0x04cc dam - ok
15:14:07.0551 0x04cc [ D06E443457FADC6B1AFAF3AA4B6936F6, 109B4D05E156604AFB3D63B380CC063B900AEB12F57A1D235B9F9399EE0909C7 ] dc3d C:\Windows\System32\drivers\dc3d.sys
15:14:07.0562 0x04cc dc3d - ok
15:14:07.0586 0x04cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:14:07.0620 0x04cc DcomLaunch - ok
15:14:07.0639 0x04cc [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
15:14:07.0666 0x04cc defragsvc - ok
15:14:07.0681 0x04cc [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
15:14:07.0706 0x04cc DeviceAssociationService - ok
15:14:07.0716 0x04cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
15:14:07.0733 0x04cc DeviceInstall - ok
15:14:07.0741 0x04cc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
15:14:07.0757 0x04cc Dfsc - ok
15:14:07.0773 0x04cc [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
15:14:07.0795 0x04cc Dhcp - ok
15:14:07.0834 0x04cc [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\Windows\system32\diagtrack.dll
15:14:07.0884 0x04cc DiagTrack - ok
15:14:07.0894 0x04cc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
15:14:07.0908 0x04cc disk - ok
15:14:07.0913 0x04cc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
15:14:07.0925 0x04cc dmvsc - ok
15:14:07.0937 0x04cc [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:14:07.0955 0x04cc Dnscache - ok
15:14:07.0967 0x04cc [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
15:14:07.0986 0x04cc dot3svc - ok
15:14:07.0997 0x04cc [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
15:14:08.0015 0x04cc DPS - ok
15:14:08.0020 0x04cc [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:14:08.0030 0x04cc drmkaud - ok
15:14:08.0038 0x04cc [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
15:14:08.0056 0x04cc DsmSvc - ok
15:14:08.0099 0x04cc [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:14:08.0160 0x04cc DXGKrnl - ok
15:14:08.0170 0x04cc [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
15:14:08.0186 0x04cc Eaphost - ok
15:14:08.0190 0x04cc EasyAntiCheat - ok
15:14:08.0272 0x04cc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:14:08.0392 0x04cc ebdrv - ok
15:14:08.0403 0x04cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
15:14:08.0415 0x04cc EFS - ok
15:14:08.0421 0x04cc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
15:14:08.0433 0x04cc EhStorClass - ok
15:14:08.0441 0x04cc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
15:14:08.0454 0x04cc EhStorTcgDrv - ok
15:14:08.0459 0x04cc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
15:14:08.0469 0x04cc ErrDev - ok
15:14:08.0494 0x04cc [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
15:14:08.0530 0x04cc EventSystem - ok
15:14:08.0540 0x04cc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
15:14:08.0567 0x04cc exfat - ok
15:14:08.0585 0x04cc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:14:08.0603 0x04cc fastfat - ok
15:14:08.0623 0x04cc [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
15:14:08.0654 0x04cc Fax - ok
15:14:08.0661 0x04cc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
15:14:08.0673 0x04cc fdc - ok
15:14:08.0680 0x04cc [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
15:14:08.0693 0x04cc fdPHost - ok
15:14:08.0700 0x04cc [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
15:14:08.0714 0x04cc FDResPub - ok
15:14:08.0725 0x04cc [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
15:14:08.0742 0x04cc fhsvc - ok
15:14:08.0750 0x04cc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:14:08.0762 0x04cc FileInfo - ok
15:14:08.0767 0x04cc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:14:08.0785 0x04cc Filetrace - ok
15:14:08.0791 0x04cc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
15:14:08.0802 0x04cc flpydisk - ok
15:14:08.0818 0x04cc [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:14:08.0839 0x04cc FltMgr - ok
15:14:08.0876 0x04cc [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\Windows\system32\FntCache.dll
15:14:08.0926 0x04cc FontCache - ok
15:14:08.0935 0x04cc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:14:08.0944 0x04cc FontCache3.0.0.0 - ok
15:14:08.0950 0x04cc [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:14:08.0961 0x04cc FsDepends - ok
15:14:08.0966 0x04cc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:14:08.0977 0x04cc Fs_Rec - ok
15:14:08.0996 0x04cc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:14:09.0024 0x04cc fvevol - ok
15:14:09.0031 0x04cc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
15:14:09.0043 0x04cc FxPPM - ok
15:14:09.0053 0x04cc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:14:09.0064 0x04cc gagp30kx - ok
15:14:09.0070 0x04cc [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:14:09.0077 0x04cc GEARAspiWDM - ok
15:14:09.0082 0x04cc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
15:14:09.0093 0x04cc gencounter - ok
15:14:09.0104 0x04cc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
15:14:09.0118 0x04cc GPIOClx0101 - ok
15:14:09.0154 0x04cc [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
15:14:09.0207 0x04cc gpsvc - ok
15:14:09.0215 0x04cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:14:09.0224 0x04cc gupdate - ok
15:14:09.0229 0x04cc [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:14:09.0237 0x04cc gupdatem - ok
15:14:09.0242 0x04cc [ 7797D1580D933056023B822BB5CD0FE2, 24585AAFB43862AE4B9228B513658D906550EC8A475C67182933FB233621A85D ] Hamachi C:\Windows\system32\DRIVERS\Hamdrv.sys
15:14:09.0251 0x04cc Hamachi - ok
15:14:09.0311 0x04cc [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
15:14:09.0375 0x04cc Hamachi2Svc - ok
15:14:09.0397 0x04cc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:14:09.0424 0x04cc HdAudAddService - ok
15:14:09.0433 0x04cc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
15:14:09.0446 0x04cc HDAudBus - ok
15:14:09.0452 0x04cc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
15:14:09.0462 0x04cc HidBatt - ok
15:14:09.0471 0x04cc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
15:14:09.0488 0x04cc HidBth - ok
15:14:09.0493 0x04cc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
15:14:09.0505 0x04cc hidi2c - ok
15:14:09.0512 0x04cc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
15:14:09.0524 0x04cc HidIr - ok
15:14:09.0529 0x04cc [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
15:14:09.0542 0x04cc hidserv - ok
15:14:09.0549 0x04cc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
15:14:09.0562 0x04cc HidUsb - ok
15:14:09.0571 0x04cc [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
15:14:09.0589 0x04cc hkmsvc - ok
15:14:09.0604 0x04cc [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:14:09.0625 0x04cc HomeGroupListener - ok
15:14:09.0646 0x04cc [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:14:09.0670 0x04cc HomeGroupProvider - ok
15:14:09.0681 0x04cc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:14:09.0692 0x04cc HpSAMD - ok
15:14:09.0718 0x04cc [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:14:09.0758 0x04cc HTTP - ok
15:14:09.0765 0x04cc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:14:09.0774 0x04cc hwpolicy - ok
15:14:09.0779 0x04cc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
15:14:09.0789 0x04cc hyperkbd - ok
15:14:09.0794 0x04cc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
15:14:09.0805 0x04cc HyperVideo - ok
15:14:09.0811 0x04cc [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
15:14:09.0826 0x04cc i8042prt - ok
15:14:09.0831 0x04cc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
15:14:09.0839 0x04cc iaLPSSi_GPIO - ok
15:14:09.0848 0x04cc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
15:14:09.0857 0x04cc iaLPSSi_I2C - ok
15:14:09.0878 0x04cc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
15:14:09.0902 0x04cc iaStorAV - ok
15:14:09.0918 0x04cc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:14:09.0942 0x04cc iaStorV - ok
15:14:09.0948 0x04cc [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:14:09.0957 0x04cc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:14:12.0272 0x04cc Detect skipped due to KSN trusted
15:14:12.0272 0x04cc IDriverT - ok
15:14:12.0278 0x04cc IEEtwCollectorService - ok
15:14:12.0313 0x04cc [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\Windows\System32\ikeext.dll
15:14:12.0355 0x04cc IKEEXT - ok
15:14:12.0363 0x04cc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
15:14:12.0373 0x04cc intelide - ok
15:14:12.0378 0x04cc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
15:14:12.0389 0x04cc intelpep - ok
15:14:12.0396 0x04cc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
15:14:12.0410 0x04cc intelppm - ok
15:14:12.0421 0x04cc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:14:12.0439 0x04cc IpFilterDriver - ok
15:14:12.0472 0x04cc [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:14:12.0510 0x04cc iphlpsvc - ok
15:14:12.0520 0x04cc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
15:14:12.0534 0x04cc IPMIDRV - ok
15:14:12.0543 0x04cc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:14:12.0559 0x04cc IPNAT - ok
15:14:12.0579 0x04cc [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:14:12.0600 0x04cc iPod Service - ok
15:14:12.0605 0x04cc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:14:12.0620 0x04cc IRENUM - ok
15:14:12.0625 0x04cc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:14:12.0634 0x04cc isapnp - ok
15:14:12.0647 0x04cc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
15:14:12.0667 0x04cc iScsiPrt - ok
15:14:12.0672 0x04cc [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
15:14:12.0683 0x04cc kbdclass - ok
15:14:12.0688 0x04cc [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
15:14:12.0699 0x04cc kbdhid - ok
15:14:12.0706 0x04cc [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
15:14:12.0716 0x04cc kbldfltr - ok
15:14:12.0721 0x04cc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
15:14:12.0734 0x04cc kdnic - ok
15:14:12.0743 0x04cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
15:14:12.0754 0x04cc KeyIso - ok
15:14:12.0761 0x04cc [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:14:12.0773 0x04cc KSecDD - ok
15:14:12.0781 0x04cc [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:14:12.0796 0x04cc KSecPkg - ok
15:14:12.0801 0x04cc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:14:12.0813 0x04cc ksthunk - ok
15:14:12.0827 0x04cc [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:14:12.0849 0x04cc KtmRm - ok
15:14:12.0862 0x04cc [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
15:14:12.0884 0x04cc LanmanServer - ok
15:14:12.0895 0x04cc [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:14:12.0918 0x04cc LanmanWorkstation - ok
15:14:12.0939 0x04cc [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
15:14:12.0965 0x04cc lfsvc - ok
15:14:12.0971 0x04cc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:14:12.0986 0x04cc lltdio - ok
15:14:12.0998 0x04cc [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:14:13.0018 0x04cc lltdsvc - ok
15:14:13.0025 0x04cc [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:14:13.0038 0x04cc lmhosts - ok
15:14:13.0051 0x04cc [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
15:14:13.0066 0x04cc LMIGuardianSvc - ok
15:14:13.0076 0x04cc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:14:13.0089 0x04cc LSI_SAS - ok
15:14:13.0096 0x04cc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:14:13.0108 0x04cc LSI_SAS2 - ok
15:14:13.0114 0x04cc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
15:14:13.0125 0x04cc LSI_SAS3 - ok
15:14:13.0131 0x04cc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
15:14:13.0143 0x04cc LSI_SSS - ok
15:14:13.0164 0x04cc [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
15:14:13.0197 0x04cc LSM - ok
15:14:13.0208 0x04cc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
15:14:13.0224 0x04cc luafv - ok
15:14:13.0229 0x04cc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
15:14:13.0240 0x04cc megasas - ok
15:14:13.0259 0x04cc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
15:14:13.0289 0x04cc megasr - ok
15:14:13.0294 0x04cc Microsoft SharePoint Workspace Audit Service - ok
15:14:13.0303 0x04cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
15:14:13.0319 0x04cc MMCSS - ok
15:14:13.0327 0x04cc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
15:14:13.0342 0x04cc Modem - ok
15:14:13.0348 0x04cc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
15:14:13.0359 0x04cc monitor - ok
15:14:13.0366 0x04cc [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
15:14:13.0377 0x04cc mouclass - ok
15:14:13.0382 0x04cc [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
15:14:13.0393 0x04cc mouhid - ok
15:14:13.0401 0x04cc [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:14:13.0413 0x04cc mountmgr - ok
15:14:13.0419 0x04cc [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:14:13.0433 0x04cc mpsdrv - ok
15:14:13.0462 0x04cc [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
15:14:13.0501 0x04cc MpsSvc - ok
15:14:13.0510 0x04cc [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:14:13.0525 0x04cc MRxDAV - ok
15:14:13.0540 0x04cc [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:14:13.0562 0x04cc mrxsmb - ok
15:14:13.0573 0x04cc [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:14:13.0592 0x04cc mrxsmb10 - ok
15:14:13.0606 0x04cc [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:14:13.0625 0x04cc mrxsmb20 - ok
15:14:13.0635 0x04cc [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
15:14:13.0648 0x04cc MsBridge - ok
15:14:13.0656 0x04cc [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
15:14:13.0673 0x04cc MSDTC - ok
15:14:13.0685 0x04cc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:14:13.0698 0x04cc Msfs - ok
15:14:13.0704 0x04cc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
15:14:13.0714 0x04cc msgpiowin32 - ok
15:14:13.0718 0x04cc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:14:13.0731 0x04cc mshidkmdf - ok
15:14:13.0737 0x04cc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
15:14:13.0748 0x04cc mshidumdf - ok
15:14:13.0757 0x04cc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:14:13.0767 0x04cc msisadrv - ok
15:14:13.0775 0x04cc [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:14:13.0795 0x04cc MSiSCSI - ok
15:14:13.0799 0x04cc msiserver - ok
15:14:13.0805 0x04cc [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
15:14:13.0819 0x04cc MsKeyboardFilter - ok
15:14:13.0823 0x04cc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:14:13.0838 0x04cc MSKSSRV - ok
15:14:13.0844 0x04cc [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
15:14:13.0857 0x04cc MsLldp - ok
15:14:13.0861 0x04cc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:14:13.0873 0x04cc MSPCLOCK - ok
15:14:13.0877 0x04cc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:14:13.0889 0x04cc MSPQM - ok
15:14:13.0907 0x04cc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:14:13.0928 0x04cc MsRPC - ok
15:14:13.0936 0x04cc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
15:14:13.0946 0x04cc mssmbios - ok
15:14:13.0951 0x04cc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:14:13.0963 0x04cc MSTEE - ok
15:14:13.0969 0x04cc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
15:14:13.0981 0x04cc MTConfig - ok
15:14:13.0989 0x04cc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
15:14:14.0001 0x04cc Mup - ok
15:14:14.0006 0x04cc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
15:14:14.0017 0x04cc mvumis - ok
15:14:14.0025 0x04cc [ 0FC64133A8FB5342C6876982B01FA37F, FCF8CE0D3095ECB25242E1A18F16A70BA1D0BC64C6525D4497672AF1F0043C9E ] NanoServiceMain C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
15:14:14.0035 0x04cc NanoServiceMain - ok
15:14:14.0050 0x04cc [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
15:14:14.0076 0x04cc napagent - ok
15:14:14.0094 0x04cc [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:14:14.0117 0x04cc NativeWifiP - ok
15:14:14.0130 0x04cc [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
15:14:14.0147 0x04cc NcaSvc - ok
15:14:14.0159 0x04cc [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
15:14:14.0180 0x04cc NcbService - ok
15:14:14.0189 0x04cc [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
15:14:14.0204 0x04cc NcdAutoSetup - ok
15:14:14.0232 0x04cc [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:14:14.0276 0x04cc NDIS - ok
15:14:14.0283 0x04cc [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:14:14.0297 0x04cc NdisCap - ok
15:14:14.0305 0x04cc [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
15:14:14.0320 0x04cc NdisImPlatform - ok
15:14:14.0325 0x04cc [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:14:14.0337 0x04cc NdisTapi - ok
15:14:14.0343 0x04cc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:14:14.0356 0x04cc Ndisuio - ok
15:14:14.0362 0x04cc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
15:14:14.0376 0x04cc NdisVirtualBus - ok
15:14:14.0388 0x04cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:14.0407 0x04cc NdisWan - ok
15:14:14.0415 0x04cc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
15:14:14.0433 0x04cc NdisWanLegacy - ok
15:14:14.0439 0x04cc [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:14:14.0452 0x04cc NDProxy - ok
15:14:14.0461 0x04cc [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
15:14:14.0476 0x04cc Ndu - ok
15:14:14.0484 0x04cc [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:14:14.0497 0x04cc NetBIOS - ok
15:14:14.0514 0x04cc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:14:14.0535 0x04cc NetBT - ok
15:14:14.0543 0x04cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
15:14:14.0555 0x04cc Netlogon - ok
15:14:14.0565 0x04cc [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
15:14:14.0586 0x04cc Netman - ok
15:14:14.0604 0x04cc [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
15:14:14.0635 0x04cc netprofm - ok
15:14:14.0661 0x04cc [ F3A1D8B7317939813568992D1BFDDE37, 816829E4B8DF5C6A2B09685ED45E844D8DE2C2721C90490A2957227025D057A0 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
15:14:14.0687 0x04cc netr7364 - ok
15:14:14.0696 0x04cc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:14:14.0711 0x04cc NetTcpPortSharing - ok
15:14:14.0717 0x04cc [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
15:14:14.0732 0x04cc netvsc - ok
15:14:14.0748 0x04cc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
15:14:14.0772 0x04cc NlaSvc - ok
15:14:14.0781 0x04cc [ ACC47D60E202EBA0A8A80768EC5D3C97, 3A26BA0A97201B55151D649DBCF048E0D72A933D4DDBE5FD415AB772C7C6C250 ] NNSALPC C:\Windows\system32\DRIVERS\NNSAlpc.sys
15:14:14.0791 0x04cc NNSALPC - ok
15:14:14.0800 0x04cc [ 4C7EAD79B914ADE44D68171AFEEF2AB3, 78D805FFC0DF4EB3D36B43CFD05CF7F5AFCC81B196224A09834EB17FA4D29838 ] NNSHTTP C:\Windows\system32\DRIVERS\NNSHttp.sys
15:14:14.0811 0x04cc NNSHTTP - ok
15:14:14.0819 0x04cc [ B40C57451477334E8A66F4823BE04AE3, B3E52FA1570D569F2C40716ED925E3D588489DF37D9639E3BA5B5C0AAFE91543 ] NNSHTTPS C:\Windows\system32\DRIVERS\NNSHttps.sys
15:14:14.0830 0x04cc NNSHTTPS - ok
15:14:14.0836 0x04cc [ 222CF23D6FCEB616CA48BBA55FC4D5C0, DB61FEA4126005A226E88FD6590BC57B440047DFAC6531B3C91AFFEFB0AD6F6C ] NNSIDS C:\Windows\system32\DRIVERS\NNSIds.sys
15:14:14.0847 0x04cc NNSIDS - ok
15:14:14.0852 0x04cc [ 34944C0D7595E99FADF85F808E508EA3, ED8484DB7C6A012A20E23CCC057AE5553FE487D2BFF3F58D1CBFFA4059ED09F4 ] NNSNAHSL C:\Windows\system32\DRIVERS\NNSNAHSL.sys
15:14:14.0860 0x04cc NNSNAHSL - ok
15:14:14.0867 0x04cc [ C5332A1FB751B8D5FD9D424D330BC91B, B2FEBEA06252457FF87B74D693E75B29CCF6839EA6FFD60007996B23A6D80154 ] NNSPICC C:\Windows\system32\DRIVERS\NNSPicc.sys
15:14:14.0876 0x04cc NNSPICC - ok
15:14:14.0882 0x04cc [ AA1A311C019288FFCCF3661B5EA27A99, BC91048E82C820CECBBDEDD9D9F7EDDBF6CBC88CE1D9C83A12C4A0E59CFAAC76 ] NNSPIHSW C:\Windows\system32\DRIVERS\NNSPihsw.sys
15:14:14.0891 0x04cc NNSPIHSW - ok
15:14:14.0898 0x04cc [ EB153B4FA5200D1D3352D6C3FB7C9C38, 306805080F8FDB5D9299E93C7074F3B46F8E4B6623A3A75A83E98E6EB0E5BDC5 ] NNSPOP3 C:\Windows\system32\DRIVERS\NNSPop3.sys
15:14:14.0908 0x04cc NNSPOP3 - ok
15:14:14.0920 0x04cc [ 425356A7A3657174C206AA3FDB3DDD35, 9634D9A2271C57051BBEC58020082B4CCF2A6583B8FB3C6AC22E9C81728E10F8 ] NNSPROT C:\Windows\system32\DRIVERS\NNSProt.sys
15:14:14.0935 0x04cc NNSPROT - ok
15:14:14.0943 0x04cc [ FFDF3257F83A094941005EE607B8A905, D3E676A13175D329E2F3677D9B56ED7B4DCDCE6794C96025171B24140B543EDC ] NNSPRV C:\Windows\system32\DRIVERS\NNSPrv.sys
15:14:14.0954 0x04cc NNSPRV - ok
15:14:14.0960 0x04cc [ DE87A11CB1767ABDDE223D4CC0F7C221, 3D24BC83E4D88174CA08281C0B3E3E7BC44218F4C6950D28D37029AE39F68E50 ] NNSSMTP C:\Windows\system32\DRIVERS\NNSSmtp.sys
15:14:14.0970 0x04cc NNSSMTP - ok
15:14:14.0980 0x04cc [ 537FB2F711E65475562FE29877F108E1, D2B486CBF3D4CF4AB5D6CCF34CAA57725C3027A2C3E0A1CF628D33546ACBF072 ] NNSSTRM C:\Windows\system32\DRIVERS\NNSStrm.sys
15:14:14.0994 0x04cc NNSSTRM - ok
15:14:15.0001 0x04cc [ 4F37DC4420A00BC6E9D22E3590806BFC, C65CEE11AFA68F9B870FB256AB53A04C32C1F73F6F4F209944815CC96F8FEB17 ] NNSTLSC C:\Windows\system32\DRIVERS\NNSTlsc.sys
15:14:15.0010 0x04cc NNSTLSC - ok
15:14:15.0016 0x04cc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:14:15.0029 0x04cc Npfs - ok
15:14:15.0034 0x04cc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
15:14:15.0045 0x04cc npsvctrig - ok
15:14:15.0052 0x04cc [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
15:14:15.0067 0x04cc nsi - ok
15:14:15.0074 0x04cc [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:14:15.0086 0x04cc nsiproxy - ok
15:14:15.0146 0x04cc [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:14:15.0223 0x04cc Ntfs - ok
15:14:15.0231 0x04cc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
15:14:15.0244 0x04cc Null - ok
15:14:15.0252 0x04cc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:14:15.0266 0x04cc nvraid - ok
15:14:15.0274 0x04cc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:14:15.0288 0x04cc nvstor - ok
15:14:15.0295 0x04cc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:14:15.0308 0x04cc nv_agp - ok
15:14:15.0355 0x04cc [ E55351CE3462A91414E0597CAEBFB39E, DC67267AF9474765B774B0011CA95EFD4DE9D61E699CE75E8AB5687B3CB3E682 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
15:14:15.0409 0x04cc Origin Client Service - ok
15:14:15.0420 0x04cc [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:14:15.0432 0x04cc ose - ok
15:14:15.0549 0x04cc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:14:15.0691 0x04cc osppsvc - ok
15:14:15.0726 0x04cc [ F07F3364F8AA1C6205230E0444A227F7, 008D9C6C2F3DA0641A78973CC644B6E1560DFDA7DFE6EC1B921CE8B582E4864D ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
15:14:15.0760 0x04cc OverwolfUpdater - ok
15:14:15.0775 0x04cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:14:15.0799 0x04cc p2pimsvc - ok
15:14:15.0815 0x04cc [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
15:14:15.0841 0x04cc p2psvc - ok
15:14:15.0866 0x04cc [ A6B78F395F57E927A0F981D51A00CC5D, D06BFDCF435F80F64F97D225159AFCD3BD77D7D0D9FD6C90E7B89FF47BAC47F0 ] PandaAgent C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
15:14:15.0874 0x04cc PandaAgent - ok
15:14:15.0881 0x04cc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
15:14:15.0894 0x04cc Parport - ok
15:14:15.0902 0x04cc [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:14:15.0913 0x04cc partmgr - ok
15:14:15.0930 0x04cc [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:14:15.0958 0x04cc PcaSvc - ok
15:14:15.0973 0x04cc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
15:14:15.0993 0x04cc pci - ok
15:14:15.0998 0x04cc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
15:14:16.0008 0x04cc pciide - ok
15:14:16.0016 0x04cc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:14:16.0030 0x04cc pcmcia - ok
15:14:16.0035 0x04cc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
15:14:16.0046 0x04cc pcw - ok
15:14:16.0052 0x04cc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
15:14:16.0063 0x04cc pdc - ok
15:14:16.0084 0x04cc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:14:16.0115 0x04cc PEAUTH - ok
15:14:16.0174 0x04cc [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:14:16.0256 0x04cc PeerDistSvc - ok
15:14:16.0280 0x04cc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:14:16.0295 0x04cc PerfHost - ok
15:14:16.0343 0x04cc [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
15:14:16.0402 0x04cc pla - ok
15:14:16.0411 0x04cc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:14:16.0427 0x04cc PlugPlay - ok
15:14:16.0434 0x04cc [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA C:\Windows\system32\PnkBstrA.exe
15:14:16.0444 0x04cc PnkBstrA - ok
15:14:16.0449 0x04cc [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:14:16.0462 0x04cc PNRPAutoReg - ok
15:14:16.0480 0x04cc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:14:16.0501 0x04cc PNRPsvc - ok
15:14:16.0509 0x04cc [ E4799B87675C59AA1F620DE5C6F113BB, 094EE16D4CEC68DB316002994482344A6BFCFDE399131F7FA11BB46C2DCBF218 ] Point64 C:\Windows\System32\drivers\point64.sys
15:14:16.0519 0x04cc Point64 - ok
15:14:16.0532 0x04cc [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:14:16.0557 0x04cc PolicyAgent - ok
15:14:16.0567 0x04cc [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
15:14:16.0583 0x04cc Power - ok
15:14:16.0657 0x04cc [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
15:14:16.0750 0x04cc PrintNotify - ok
15:14:16.0762 0x04cc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
15:14:16.0776 0x04cc Processor - ok
15:14:16.0785 0x04cc [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc C:\Windows\system32\profsvc.dll
15:14:16.0804 0x04cc ProfSvc - ok
15:14:16.0813 0x04cc [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:14:16.0828 0x04cc Psched - ok
15:14:16.0838 0x04cc [ C6FBFC8B41D51A80433D97337515DA39, 10B0DF9E476FE5DED6ABD42372A9F38288207AB11606C03C814FCEF457D4F9BC ] PSINAflt C:\Windows\system32\DRIVERS\PSINAflt.sys
15:14:16.0849 0x04cc PSINAflt - ok
15:14:16.0856 0x04cc [ 65D5DB4FA4C17795860DC736B1054EA2, 422B6FF6588355D1774803293EF77F2B8BF22F769244DD575675430C7116EAA7 ] PSINFile C:\Windows\system32\DRIVERS\PSINFile.sys
15:14:16.0866 0x04cc PSINFile - ok
15:14:16.0875 0x04cc [ 305FCF2F725B806BC5E69AC95340A271, FCA0EF28DE5F4DAF8E3E4BB70C7668A0E1990CC080D52BA711DFB9CC5C369230 ] PSINKNC C:\Windows\system32\DRIVERS\psinknc.sys
15:14:16.0888 0x04cc PSINKNC - ok
15:14:16.0894 0x04cc [ ED6B1CDE5B178B057F64B2AF682EB45A, BDD46380BF51A48982E81F1D5EDAC2D9B16D2C03E886144279F4505ADA247EE2 ] PSINProc C:\Windows\system32\DRIVERS\PSINProc.sys
15:14:16.0904 0x04cc PSINProc - ok
15:14:16.0911 0x04cc [ 171F1C6F49142F2D1C174B817F46EC0F, 96F6B021CBEA2F0787A01E323EED626B380DAD13FC91EE4552F4DEEEC95DBD2C ] PSINProt C:\Windows\system32\DRIVERS\PSINProt.sys
15:14:16.0921 0x04cc PSINProt - ok
15:14:16.0929 0x04cc [ E962316E38ABC537821C3651AAC0B7CC, 80821A37A035F662CC20C5E8EA8D06E1106F24EA0B6DB35995C6174601E21AFD ] PSINReg C:\Windows\system32\DRIVERS\PSINReg.sys
15:14:16.0939 0x04cc PSINReg - ok
15:14:16.0944 0x04cc [ 105ACC469DF34C8BD0D5E68A70C774E5, 983A759339E058AAE779EB9476EC2AEE8B379F0C60E5E2FD73826155827F5518 ] PSKMAD C:\Windows\system32\DRIVERS\PSKMAD.sys
15:14:16.0953 0x04cc PSKMAD - ok
15:14:16.0958 0x04cc [ 586823A8CF9F975CE994EA5E05569156, B4AFA337417001CCE867EB809D3F766B2C6B14C53D1C59DE649068557702F88E ] PSUAService C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
15:14:16.0965 0x04cc PSUAService - ok
15:14:16.0977 0x04cc [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
15:14:16.0998 0x04cc QWAVE - ok
15:14:17.0006 0x04cc [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:14:17.0018 0x04cc QWAVEdrv - ok
15:14:17.0025 0x04cc [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:14:17.0036 0x04cc RasAcd - ok
15:14:17.0043 0x04cc [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
15:14:17.0059 0x04cc RasAuto - ok
15:14:17.0078 0x04cc [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
15:14:17.0107 0x04cc RasMan - ok
15:14:17.0116 0x04cc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:14:17.0131 0x04cc RasPppoe - ok
15:14:17.0147 0x04cc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:14:17.0171 0x04cc rdbss - ok
15:14:17.0181 0x04cc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
15:14:17.0194 0x04cc rdpbus - ok
15:14:17.0204 0x04cc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:14:17.0221 0x04cc RDPDR - ok
15:14:17.0233 0x04cc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:14:17.0243 0x04cc RdpVideoMiniport - ok
15:14:17.0253 0x04cc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:14:17.0270 0x04cc rdyboost - ok
15:14:17.0298 0x04cc [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
15:14:17.0337 0x04cc ReFS - ok
15:14:17.0350 0x04cc [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:14:17.0368 0x04cc RemoteAccess - ok
15:14:17.0378 0x04cc [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:14:17.0395 0x04cc RemoteRegistry - ok
15:14:17.0406 0x04cc [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:14:17.0421 0x04cc RpcEptMapper - ok
15:14:17.0426 0x04cc [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
15:14:17.0439 0x04cc RpcLocator - ok
15:14:17.0462 0x04cc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
15:14:17.0495 0x04cc RpcSs - ok
15:14:17.0503 0x04cc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:14:17.0519 0x04cc rspndr - ok
15:14:17.0542 0x04cc [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
15:14:17.0570 0x04cc RTL8168 - ok
15:14:17.0576 0x04cc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
15:14:17.0587 0x04cc s3cap - ok
15:14:17.0595 0x04cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
15:14:17.0607 0x04cc SamSs - ok
15:14:17.0615 0x04cc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:14:17.0628 0x04cc sbp2port - ok
15:14:17.0637 0x04cc [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:14:17.0662 0x04cc SCardSvr - ok
15:14:17.0673 0x04cc [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
15:14:17.0691 0x04cc ScDeviceEnum - ok
15:14:17.0698 0x04cc [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:14:17.0712 0x04cc scfilter - ok
15:14:17.0750 0x04cc [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\Windows\system32\schedsvc.dll
15:14:17.0798 0x04cc Schedule - ok
15:14:17.0808 0x04cc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:14:17.0824 0x04cc SCPolicySvc - ok
15:14:17.0838 0x04cc [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
15:14:17.0857 0x04cc sdbus - ok
15:14:17.0864 0x04cc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
15:14:17.0876 0x04cc sdstor - ok
15:14:17.0881 0x04cc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:14:17.0893 0x04cc secdrv - ok
15:14:17.0900 0x04cc [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
15:14:17.0914 0x04cc seclogon - ok
15:14:17.0922 0x04cc [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
15:14:17.0939 0x04cc SENS - ok
15:14:17.0951 0x04cc [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:14:17.0971 0x04cc SensrSvc - ok
15:14:17.0979 0x04cc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
15:14:17.0991 0x04cc SerCx - ok
15:14:17.0999 0x04cc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
15:14:18.0013 0x04cc SerCx2 - ok
15:14:18.0018 0x04cc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
15:14:18.0030 0x04cc Serenum - ok
15:14:18.0038 0x04cc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
15:14:18.0052 0x04cc Serial - ok
15:14:18.0061 0x04cc [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
15:14:18.0073 0x04cc sermouse - ok
15:14:18.0093 0x04cc [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
15:14:18.0120 0x04cc SessionEnv - ok
15:14:18.0129 0x04cc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
15:14:18.0141 0x04cc sfloppy - ok
15:14:18.0159 0x04cc [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:14:18.0183 0x04cc SharedAccess - ok
15:14:18.0203 0x04cc [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:14:18.0235 0x04cc ShellHWDetection - ok
15:14:18.0241 0x04cc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:14:18.0252 0x04cc SiSRaid2 - ok
15:14:18.0258 0x04cc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:14:18.0270 0x04cc SiSRaid4 - ok
15:14:18.0281 0x04cc [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:14:18.0299 0x04cc SkypeUpdate - ok
15:14:18.0304 0x04cc [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
15:14:18.0316 0x04cc smphost - ok
15:14:18.0330 0x04cc [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:14:18.0344 0x04cc SNMPTRAP - ok
15:14:18.0362 0x04cc [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
15:14:18.0386 0x04cc spaceport - ok
15:14:18.0393 0x04cc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
15:14:18.0404 0x04cc SpbCx - ok
15:14:18.0427 0x04cc [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
15:14:18.0464 0x04cc Spooler - ok
15:14:18.0618 0x04cc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
15:14:18.0820 0x04cc sppsvc - ok
15:14:18.0845 0x04cc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:14:18.0868 0x04cc srv - ok
15:14:18.0887 0x04cc [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:14:18.0916 0x04cc srv2 - ok
15:14:18.0930 0x04cc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:14:18.0948 0x04cc srvnet - ok
15:14:18.0958 0x04cc [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:14:18.0977 0x04cc SSDPSRV - ok
15:14:18.0982 0x04cc [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT C:\Windows\system32\Drivers\SSPORT.sys
15:14:18.0989 0x04cc SSPORT - ok
15:14:18.0997 0x04cc [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:14:19.0013 0x04cc SstpSvc - ok
15:14:19.0039 0x04cc [ 914CE17FE3E542ACFE5ACD6646E2DFDB, B2F443C07686E75A06DD49645C544D792F438EEC8ACE715818775E60FFEFA720 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:14:19.0065 0x04cc Steam Client Service - ok
15:14:19.0072 0x04cc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:14:19.0082 0x04cc stexstor - ok
15:14:19.0103 0x04cc [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
15:14:19.0136 0x04cc stisvc - ok
15:14:19.0144 0x04cc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
15:14:19.0158 0x04cc storahci - ok
15:14:19.0163 0x04cc [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
15:14:19.0173 0x04cc storflt - ok
15:14:19.0179 0x04cc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
15:14:19.0190 0x04cc stornvme - ok
15:14:19.0195 0x04cc [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
15:14:19.0208 0x04cc StorSvc - ok
15:14:19.0213 0x04cc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
15:14:19.0223 0x04cc storvsc - ok
15:14:19.0233 0x04cc [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\Windows\System32\drivers\storvsp.sys
15:14:19.0245 0x04cc storvsp - ok
15:14:19.0252 0x04cc [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
15:14:19.0264 0x04cc svsvc - ok
15:14:19.0274 0x04cc [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
15:14:19.0284 0x04cc swenum - ok
15:14:19.0304 0x04cc [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
15:14:19.0336 0x04cc swprv - ok
15:14:19.0374 0x04cc [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\Windows\system32\sysmain.dll
15:14:19.0421 0x04cc SysMain - ok
15:14:19.0434 0x04cc [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
15:14:19.0454 0x04cc SystemEventsBroker - ok
15:14:19.0465 0x04cc [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:14:19.0482 0x04cc TabletInputService - ok
15:14:19.0495 0x04cc [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
15:14:19.0517 0x04cc TapiSrv - ok
15:14:19.0581 0x04cc [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:14:19.0671 0x04cc Tcpip - ok
15:14:19.0737 0x04cc [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:14:19.0819 0x04cc TCPIP6 - ok
15:14:19.0830 0x04cc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:14:19.0842 0x04cc tcpipreg - ok
15:14:19.0850 0x04cc [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:14:19.0864 0x04cc tdx - ok
15:14:19.0872 0x04cc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
15:14:19.0882 0x04cc terminpt - ok
15:14:19.0910 0x04cc [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
15:14:19.0950 0x04cc TermService - ok
15:14:19.0960 0x04cc [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
15:14:19.0974 0x04cc Themes - ok
15:14:19.0984 0x04cc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
15:14:19.0997 0x04cc THREADORDER - ok
15:14:20.0010 0x04cc [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
15:14:20.0029 0x04cc TimeBroker - ok
15:14:20.0039 0x04cc [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
15:14:20.0054 0x04cc TPM - ok
15:14:20.0061 0x04cc [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
15:14:20.0077 0x04cc TrkWks - ok
15:14:20.0085 0x04cc [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:14:20.0100 0x04cc TrustedInstaller - ok
15:14:20.0107 0x04cc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:14:20.0119 0x04cc TsUsbFlt - ok
15:14:20.0129 0x04cc [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
15:14:20.0140 0x04cc TsUsbGD - ok
15:14:20.0151 0x04cc [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:14:20.0169 0x04cc tunnel - ok
15:14:20.0178 0x04cc [ A070ABB9D85582B2BECADBE6FCD12350, 3EBFA349F87933E20C4EADA2FA2E64206CCAC70DFB8B52C2E41670FFB16D7336 ] t_mouse.sys C:\Windows\system32\DRIVERS\t_mouse.sys
15:14:20.0189 0x04cc t_mouse.sys - ok
15:14:20.0195 0x04cc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:14:20.0206 0x04cc uagp35 - ok
15:14:20.0213 0x04cc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
15:14:20.0225 0x04cc UASPStor - ok
15:14:20.0235 0x04cc [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
15:14:20.0251 0x04cc UCX01000 - ok
15:14:20.0263 0x04cc [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:14:20.0281 0x04cc udfs - ok
15:14:20.0287 0x04cc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
15:14:20.0297 0x04cc UEFI - ok
15:14:20.0306 0x04cc [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:14:20.0319 0x04cc UI0Detect - ok
15:14:20.0330 0x04cc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:14:20.0342 0x04cc uliagpkx - ok
15:14:20.0348 0x04cc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
15:14:20.0359 0x04cc umbus - ok
15:14:20.0369 0x04cc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
15:14:20.0380 0x04cc UmPass - ok
15:14:20.0392 0x04cc [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
15:14:20.0413 0x04cc UmRdpService - ok
15:14:20.0432 0x04cc [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
15:14:20.0458 0x04cc upnphost - ok
15:14:20.0465 0x04cc [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\System32\Drivers\usbaapl64.sys
15:14:20.0476 0x04cc USBAAPL64 - ok
15:14:20.0484 0x04cc [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
15:14:20.0498 0x04cc usbaudio - ok
15:14:20.0509 0x04cc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
15:14:20.0523 0x04cc usbccgp - ok
15:14:20.0530 0x04cc [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
15:14:20.0544 0x04cc usbcir - ok
15:14:20.0554 0x04cc [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
15:14:20.0567 0x04cc usbehci - ok
15:14:20.0584 0x04cc [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
15:14:20.0608 0x04cc usbhub - ok
15:14:20.0626 0x04cc [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
15:14:20.0652 0x04cc USBHUB3 - ok
15:14:20.0658 0x04cc [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
15:14:20.0672 0x04cc usbohci - ok
15:14:20.0680 0x04cc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
15:14:20.0693 0x04cc usbprint - ok
15:14:20.0704 0x04cc [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\System32\drivers\usbscan.sys
15:14:20.0717 0x04cc usbscan - ok
15:14:20.0730 0x04cc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
15:14:20.0746 0x04cc USBSTOR - ok
15:14:20.0752 0x04cc [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
15:14:20.0764 0x04cc usbuhci - ok
15:14:20.0778 0x04cc [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
15:14:20.0798 0x04cc USBXHCI - ok
15:14:20.0805 0x04cc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
15:14:20.0816 0x04cc VaultSvc - ok
15:14:20.0823 0x04cc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:14:20.0834 0x04cc vdrvroot - ok
15:14:20.0869 0x04cc [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
15:14:20.0918 0x04cc vds - ok
15:14:20.0930 0x04cc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
15:14:20.0945 0x04cc VerifierExt - ok
15:14:20.0965 0x04cc [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
15:14:20.0994 0x04cc vhdmp - ok
15:14:21.0000 0x04cc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
15:14:21.0010 0x04cc viaide - ok
15:14:21.0020 0x04cc [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys
15:14:21.0037 0x04cc Vid - ok
15:14:21.0044 0x04cc [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
15:14:21.0056 0x04cc vmbus - ok
15:14:21.0060 0x04cc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
15:14:21.0070 0x04cc VMBusHID - ok
15:14:21.0080 0x04cc [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
15:14:21.0093 0x04cc vmbusr - ok
15:14:21.0114 0x04cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
15:14:21.0142 0x04cc vmicguestinterface - ok
15:14:21.0160 0x04cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
15:14:21.0184 0x04cc vmicheartbeat - ok
15:14:21.0204 0x04cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
15:14:21.0228 0x04cc vmickvpexchange - ok
15:14:21.0244 0x04cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
15:14:21.0268 0x04cc vmicrdv - ok
15:14:21.0288 0x04cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
15:14:21.0312 0x04cc vmicshutdown - ok
15:14:21.0329 0x04cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
15:14:21.0352 0x04cc vmictimesync - ok
15:14:21.0371 0x04cc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
15:14:21.0395 0x04cc vmicvss - ok
15:14:21.0404 0x04cc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:14:21.0417 0x04cc volmgr - ok
15:14:21.0431 0x04cc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:14:21.0454 0x04cc volmgrx - ok
15:14:21.0471 0x04cc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:14:21.0493 0x04cc volsnap - ok
15:14:21.0500 0x04cc [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
15:14:21.0511 0x04cc vpci - ok
15:14:21.0517 0x04cc [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
15:14:21.0529 0x04cc vpcivsp - ok
15:14:21.0538 0x04cc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:14:21.0552 0x04cc vsmraid - ok
15:14:21.0589 0x04cc [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe
15:14:21.0642 0x04cc VSS - ok
15:14:21.0660 0x04cc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
15:14:21.0680 0x04cc VSTXRAID - ok
15:14:21.0687 0x04cc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:14:21.0699 0x04cc vwifibus - ok
15:14:21.0714 0x04cc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:14:21.0727 0x04cc vwififlt - ok
15:14:21.0738 0x04cc [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:14:21.0749 0x04cc vwifimp - ok
15:14:21.0771 0x04cc [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
15:14:21.0795 0x04cc W32Time - ok
15:14:21.0801 0x04cc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
15:14:21.0813 0x04cc WacomPen - ok
15:14:21.0863 0x04cc [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
15:14:21.0923 0x04cc wbengine - ok
15:14:21.0943 0x04cc [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:14:21.0971 0x04cc WbioSrvc - ok
15:14:21.0985 0x04cc [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
15:14:22.0008 0x04cc Wcmsvc - ok
15:14:22.0026 0x04cc [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:14:22.0052 0x04cc wcncsvc - ok
15:14:22.0061 0x04cc [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:14:22.0075 0x04cc WcsPlugInService - ok
15:14:22.0081 0x04cc [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
15:14:22.0092 0x04cc WdBoot - ok
15:14:22.0117 0x04cc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:14:22.0151 0x04cc Wdf01000 - ok
15:14:22.0164 0x04cc [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
15:14:22.0183 0x04cc WdFilter - ok
15:14:22.0191 0x04cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:14:22.0207 0x04cc WdiServiceHost - ok
15:14:22.0215 0x04cc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:14:22.0231 0x04cc WdiSystemHost - ok
15:14:22.0241 0x04cc [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
15:14:22.0254 0x04cc WdNisDrv - ok
15:14:22.0257 0x04cc WdNisSvc - ok
15:14:22.0267 0x04cc [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\Windows\System32\webclnt.dll
15:14:22.0286 0x04cc WebClient - ok
15:14:22.0296 0x04cc [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:14:22.0315 0x04cc Wecsvc - ok
15:14:22.0322 0x04cc [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
15:14:22.0335 0x04cc WEPHOSTSVC - ok
15:14:22.0342 0x04cc [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:14:22.0361 0x04cc wercplsupport - ok
15:14:22.0368 0x04cc [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
15:14:22.0384 0x04cc WerSvc - ok
15:14:22.0396 0x04cc [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
15:14:22.0409 0x04cc WFPLWFS - ok
15:14:22.0416 0x04cc [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
15:14:22.0430 0x04cc WiaRpc - ok
15:14:22.0439 0x04cc [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:14:22.0449 0x04cc WIMMount - ok
15:14:22.0452 0x04cc WinDefend - ok
15:14:22.0480 0x04cc [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
15:14:22.0515 0x04cc WinHttpAutoProxySvc - ok
15:14:22.0528 0x04cc [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:14:22.0547 0x04cc Winmgmt - ok
15:14:22.0615 0x04cc [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
15:14:22.0704 0x04cc WinRM - ok
15:14:22.0725 0x04cc [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\System32\drivers\WinUsb.sys
15:14:22.0745 0x04cc WinUsb - ok
15:14:22.0795 0x04cc [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
15:14:22.0854 0x04cc WlanSvc - ok
15:14:22.0921 0x04cc [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
15:14:23.0006 0x04cc wlidsvc - ok
15:14:23.0015 0x04cc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
15:14:23.0028 0x04cc WmiAcpi - ok
15:14:23.0046 0x04cc [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:14:23.0063 0x04cc wmiApSrv - ok
15:14:23.0071 0x04cc WMPNetworkSvc - ok
15:14:23.0079 0x04cc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
15:14:23.0094 0x04cc Wof - ok
15:14:23.0137 0x04cc [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
15:14:23.0195 0x04cc workfolderssvc - ok
15:14:23.0204 0x04cc [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
15:14:23.0215 0x04cc wpcfltr - ok
15:14:23.0220 0x04cc [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:14:23.0234 0x04cc WPCSvc - ok
15:14:23.0246 0x04cc [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:14:23.0262 0x04cc WPDBusEnum - ok
15:14:23.0273 0x04cc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
15:14:23.0283 0x04cc WpdUpFltr - ok
15:14:23.0288 0x04cc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:14:23.0303 0x04cc ws2ifsl - ok
15:14:23.0316 0x04cc [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
15:14:23.0335 0x04cc wscsvc - ok
15:14:23.0343 0x04cc [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys
15:14:23.0356 0x04cc WSDPrintDevice - ok
15:14:23.0364 0x04cc [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\Windows\System32\drivers\WSDScan.sys
15:14:23.0377 0x04cc WSDScan - ok
15:14:23.0387 0x04cc WSearch - ok
15:14:23.0472 0x04cc [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
15:14:23.0604 0x04cc WSService - ok
15:14:23.0696 0x04cc [ 50CEC061C6D6FD2B9C89BECD08991CCB, 31EB1601426223E712C4E4AA29410EDFC81E020996A402BD3E850A2EAF127286 ] wuauserv C:\Windows\system32\wuaueng.dll
15:14:23.0810 0x04cc wuauserv - ok
15:14:23.0823 0x04cc [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:14:23.0838 0x04cc WudfPf - ok
15:14:23.0848 0x04cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
15:14:23.0865 0x04cc WUDFRd - ok
15:14:23.0880 0x04cc [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:14:23.0896 0x04cc wudfsvc - ok
15:14:23.0905 0x04cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
15:14:23.0920 0x04cc WUDFWpdFs - ok
15:14:23.0932 0x04cc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\System32\drivers\WUDFRd.sys
15:14:23.0947 0x04cc WUDFWpdMtp - ok
15:14:23.0971 0x04cc [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:14:24.0001 0x04cc WwanSvc - ok
15:14:24.0008 0x04cc [ AAAF81690C24E2F1EE59F1B2AED5B632, 446AE85300FCB1CDEBFF2BDD69F6B322922F40EB688EF152F853B3AB6F4D4A6A ] xb1usb C:\Windows\System32\drivers\xb1usb.sys
15:14:24.0022 0x04cc xb1usb - ok
15:14:24.0034 0x04cc [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22 C:\Windows\System32\drivers\xusb22.sys
15:14:24.0048 0x04cc xusb22 - ok
15:14:24.0074 0x04cc ================ Scan global ===============================
15:14:24.0079 0x04cc [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
15:14:24.0089 0x04cc [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
15:14:24.0101 0x04cc [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
15:14:24.0116 0x04cc [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
15:14:24.0126 0x04cc [ Global ] - ok
15:14:24.0127 0x04cc ================ Scan MBR ==================================
15:14:24.0129 0x04cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:16:27.0674 0x04cc \Device\Harddisk0\DR0 - ok
15:16:27.0698 0x04cc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:16:27.0776 0x04cc \Device\Harddisk1\DR1 - ok
15:16:27.0776 0x04cc ================ Scan VBR ==================================
15:16:27.0779 0x04cc [ 5A73949675BEAC947EBC5724BA6CD3F7 ] \Device\Harddisk0\DR0\Partition1
15:16:27.0781 0x04cc \Device\Harddisk0\DR0\Partition1 - ok
15:16:27.0783 0x04cc [ FDC2B0C5C3925A2F9BCE0BFC71FF2F90 ] \Device\Harddisk0\DR0\Partition2
15:16:27.0785 0x04cc \Device\Harddisk0\DR0\Partition2 - ok
15:16:27.0788 0x04cc [ BAEDA9A14487E3552BFF2AFEB4FCC2B9 ] \Device\Harddisk1\DR1\Partition1
15:16:27.0821 0x04cc \Device\Harddisk1\DR1\Partition1 - ok
15:16:27.0822 0x04cc ================ Scan generic autorun ======================
15:16:27.0832 0x04cc [ DB367E8C8F46C26A05BA982715CC0DB5, 63AE8DD8E41260123E8C98905BD3D444BED86AEA6353F690483E5CB116433AC2 ] C:\Windows\system32\TiltWheelMouse.exe
15:16:27.0853 0x04cc MouseDriver - ok
15:16:27.0882 0x04cc [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
15:16:27.0908 0x04cc XboxStat - ok
15:16:27.0933 0x04cc [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
15:16:27.0962 0x04cc StartCCC - ok
15:16:27.0993 0x04cc [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:16:28.0022 0x04cc Adobe ARM - ok
15:16:28.0033 0x04cc [ D9F4805A18CB455CA72F6F1E86C40AD4, A10742F1F533A152F954EDA5D4DF1CF5AAE773ABA5F2ECA6AB5734F97DF579FE ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:16:28.0044 0x04cc SunJavaUpdateSched - ok
15:16:28.0051 0x04cc [ 3B5045DDD039FAB9782851BC486FD92B, 12C59F9E79EB37F26FE0805585EA6B0DAFB41FB8A4FAE972774BC8E3815A1673 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
15:16:28.0060 0x04cc iTunesHelper - ok
15:16:28.0065 0x04cc [ BF52C0C77799E091AC68D339BED0C11D, 9590A875598BAA16BAE2DC1C0C4A2C57A249C1E86DE53B97CCA0913DA46DFA28 ] C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
15:16:28.0072 0x04cc PSUAMain - ok
15:16:28.0170 0x04cc [ F4A755E3A99F4F2324FC2138D30F01B4, EFA955082404977B13754E0DA9CAFF304CA9B87C8B0F2C7166A55ECDF1482DB4 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
15:16:28.0273 0x04cc LogMeIn Hamachi Ui - ok
15:16:28.0363 0x04cc [ BF0A59C983A1E5763482522516879F14, EED42DE8384859705EB539843156967F223A1DB1C3E724F6BDD7A87D57FE2914 ] C:\Program Files (x86)\Origin\Origin.exe
15:16:28.0458 0x04cc EADM - ok
15:16:28.0467 0x04cc [ 2B39039281237EF53F781BAEE2DF367D, 0C2B37AE79118C92467C04D774E011C9605C5A74A37869AF55C687147DCD3D0A ] C:\Program Files (x86)\Overwolf\Overwolf.exe
15:16:28.0474 0x04cc Overwolf - ok
15:16:28.0477 0x04cc Skype - ok
15:16:28.0723 0x04cc [ AA12056CF4286DAA1D0FD6D592E4F980, 7C1A324371B4D18293A00F157EB732B4F932DF6B41F4CCDDCA2F6A26B9F4B999 ] D:\Steam\steam.exe
15:16:28.0835 0x04cc Steam - ok
15:16:28.0914 0x04cc [ C8E4A780358B818DA93F3687B54D70E0, EE581AD9BF0525F685C6E10A75AAF0CE95D421448E59E4BD8B97E15EEA2A97FA ] C:\Program Files (x86)\Gyazo\GyStation.exe
15:16:29.0005 0x04cc Gyazo - ok
15:16:29.0011 0x04cc Waiting for KSN requests completion. In queue: 12
15:16:30.0012 0x04cc Waiting for KSN requests completion. In queue: 12
15:16:31.0013 0x04cc Waiting for KSN requests completion. In queue: 12
15:16:32.0068 0x04cc AV detected via SS2: Panda Free Antivirus, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71000 ( enabled : updated )
15:16:32.0069 0x04cc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
15:16:32.0070 0x04cc FW detected via SS2: Panda Firewall, C:\Program Files (x86)\Panda Security\Panda Security Protection\PAV3WSC.exe ( 6.0.0.0 ), 0x71010 ( enabled )
15:16:35.0047 0x04cc ============================================================
15:16:35.0047 0x04cc Scan finished
15:16:35.0047 0x04cc ============================================================
15:16:35.0057 0x1c08 Detected object count: 0
15:16:35.0057 0x1c08 Actual detected object count: 0
|
|
25.07.2015, 10:38
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 8.1 Microsoft Mouse and Keyboard Center Problem / Virus? |
| absturz, aktiv, antivirus, aufsetzen, beim starten, center, einfach, falsch, falsche, fehlermeldung, forum, free, langsam, microsoft, neu, nicht mehr, panda, problem, probleme, programm, programme, starten, virus, virus?, windows |
Linear-Darstellung
