| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: WEB.de Mails werden ungewollt verschicktWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.09.2015, 12:56
| #1 |
| |  WEB.de Mails werden ungewollt verschickt Hallo zusammen, ich hab ein riesiges Problem. Seit gestern Nacht verschickt meine web.de Adresse an Freunde / allen von denen ich schon mal Mails bekommen habe, ungewollt Mails mit meiner Mail Adresse als return path und auch an mich selbst. Die Mails sind mit Namen von meinen Freunden / von Leuten die mir Mails geschickt haben versehen (Bspw. im unteren Beispiel mit dem Namen des UPS Dienstes von dem ich mal ein Paket bekommen habe). Anbei der Kopf so einer Mail Code:
ATTFilter Return-Path: <a.H****@web.de>
Received: (qmail 17432 invoked from network); 10 Sep 2015 11:07:58 -0000
Received: from abts-mp-dynamic-166.191.70.182.airtelbroadband.in (HELO WORLDST-UQ3K9Q0) (f***@wbhsi.com@182.70.191.166)
by mailfe3.zcorum.com with (DHE-RSA-AES256-GCM-SHA384 encrypted) SMTP
(1e9f8f04-57ac-11e5-bfef-000c29da42d3); Thu, 10 Sep 2015 07:07:58 -0400
From: UPS Quantum View <A.H****@web.de>
To: *** **** H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, *** **** H**** <a.H****@web.de>,
a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>,
a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>,
a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, WEB.DE Nutzer
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>, a.H**** <a.H****@web.de>, a.H**** <a.H****@web.de>, A*
D*** H**** <a.H****@web.de>, *** **** H**** <a.H****@web.de>, *** **** H****
<a.H****@web.de>, y*** <y***@amarok.tv>, a.H**** <a.H****@web.de>, a.H****
<a.H****@web.de>,
Subject: Fw: important
Date: Thu, 10 Sep 2015 13:07:31 +0200
Message-ID: <74e0d9b4b33f50ad.59c59364afed6583@web.de>
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_88c0_fcd2_6da4"
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AdDmxLLP4OOWQ6zDmBKeAFPiVwdjuQ==
Content-Language: en-us
X-MagicMail-OS: Inactive
X-MagicMail-UUID: 1e9f8f04-57ac-11e5-bfef-000c29da42d3
X-MagicMail-Authenticated: f***@wbhsi.com
X-
Ich rufe die Mails nur mit meinem privaten Rechner + Privates Handy ab. Ich hab auch schon das Passwort zu meiner Mail Adresse geändert und gerade die IMAP Anbindung zu meinem Handy getrennt. Ich hab echt keine Idee mehr was das ist und wie ich es wegbekomme. Ich hoffe ihr könnt mir helfen. Viele Grüße uNh0Ly Geändert von cosinus (11.09.2015 um 09:25 Uhr) Grund: Namen in Mailheader unkenntlich gemacht |
|
10.09.2015, 13:09
| #2 |
| /// the machine /// TB-Ausbilder    | WEB.de Mails werden ungewollt verschickt hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
10.09.2015, 13:32
| #3 |
| | WEB.de Mails werden ungewollt verschickt Hi,
__________________vielen Dank für die schnelle Antwort. wie gewünscht Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:10-09-2015
durchgeführt von Huynh Anh Dung (Administrator) auf CHIMAERA (10-09-2015 14:24:00)
Gestartet von C:\Users\Huynh Anh Dung\Downloads
Geladene Profile: Huynh Anh Dung (Verfügbare Profile: Huynh Anh Dung)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(DTS, Inc) C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dropbox, Inc.) C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Valve Corporation) D:\games\Steam\Steam.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Valve Corporation) D:\games\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() D:\games\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
(Valve Corporation) D:\games\Steam\GameOverlayUI.exe
(Valve Corporation) D:\games\Steam\bin\steamwebhelper.exe
() D:\games\League of Legends\RADS\system\rads_user_kernel.exe
() D:\games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.254\deploy\LoLLauncher.exe
() D:\games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.38\deploy\LoLPatcher.exe
() D:\games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.159\deploy\LolClient.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Valve Corporation) D:\games\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
() C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1232528 2014-10-23] (Highresolution Enterprises)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2486204871-2054122207-644660283-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [8854880 2014-09-10] (Binary Fortress Software)
HKU\S-1-5-21-2486204871-2054122207-644660283-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony)
HKU\S-1-5-21-2486204871-2054122207-644660283-1000\...\Run: [Dropbox Update] => C:\Users\Huynh Anh Dung\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-16] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
Startup: C:\Users\Huynh Anh Dung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-11-17]
ShortcutTarget: Dropbox.lnk -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\..\Interfaces\{0E082CC3-5D77-4A0D-8EA8-52C5B37B5281}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{8B3AAC43-3772-4E3E-85CA-603BE23566EA}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKU\S-1-5-21-2486204871-2054122207-644660283-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-06-04] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-06-04] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Huynh Anh Dung\AppData\Roaming\Mozilla\Firefox\Profiles\uzp21l8w.default-1430512675824
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2486204871-2054122207-644660283-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Huynh Anh Dung\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [5278064 2014-09-10] (Binary Fortress Software)
R2 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [240576 2013-10-07] (DTS, Inc)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\System32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-10 14:22 - 2015-09-10 14:22 - 00000000 ____D C:\Users\Huynh Anh Dung\Downloads\FRST-OlderVersion
2015-09-10 13:52 - 2015-09-10 13:52 - 00000000 ____D C:\Program Files (x86)\ESET
2015-09-10 13:16 - 2015-09-10 13:16 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\Huynh Anh Dung\Downloads\tdsskiller.exe
2015-09-10 02:40 - 2015-09-10 02:42 - 00055894 _____ C:\Users\Huynh Anh Dung\Downloads\Addition.txt
2015-09-10 02:39 - 2015-09-10 14:24 - 00016926 _____ C:\Users\Huynh Anh Dung\Downloads\FRST.txt
2015-09-10 02:39 - 2015-09-10 14:24 - 00000000 ____D C:\FRST
2015-09-10 02:39 - 2015-09-10 14:22 - 02190848 _____ (Farbar) C:\Users\Huynh Anh Dung\Downloads\FRST64.exe
2015-09-10 02:21 - 2015-09-10 10:49 - 00000000 ____D C:\AdwCleaner
2015-09-10 02:21 - 2015-09-10 02:21 - 01660416 _____ C:\Users\Huynh Anh Dung\Downloads\AdwCleaner_5.007.exe
2015-09-08 22:44 - 2015-08-18 03:42 - 00393304 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-09-08 22:44 - 2015-08-18 03:14 - 00344168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-09-08 22:44 - 2015-08-15 08:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-09-08 22:44 - 2015-08-15 08:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-09-08 22:44 - 2015-08-15 08:18 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-09-08 22:44 - 2015-08-15 08:18 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-09-08 22:44 - 2015-08-15 08:17 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-09-08 22:44 - 2015-08-15 08:17 - 00585216 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-09-08 22:44 - 2015-08-15 08:10 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-09-08 22:44 - 2015-08-15 08:09 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-09-08 22:44 - 2015-08-15 08:06 - 19856896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-09-08 22:44 - 2015-08-15 08:06 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-09-08 22:44 - 2015-08-15 08:04 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-09-08 22:44 - 2015-08-15 08:04 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-09-08 22:44 - 2015-08-15 07:57 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-09-08 22:44 - 2015-08-15 07:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-09-08 22:44 - 2015-08-15 07:53 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-09-08 22:44 - 2015-08-15 07:46 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-09-08 22:44 - 2015-08-15 07:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-09-08 22:44 - 2015-08-15 07:40 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-09-08 22:44 - 2015-08-15 07:40 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-09-08 22:44 - 2015-08-15 07:39 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-09-08 22:44 - 2015-08-15 07:39 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-09-08 22:44 - 2015-08-15 07:39 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-09-08 22:44 - 2015-08-15 07:38 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-09-08 22:44 - 2015-08-15 07:35 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-09-08 22:44 - 2015-08-15 07:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-09-08 22:44 - 2015-08-15 07:32 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-09-08 22:44 - 2015-08-15 07:30 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-09-08 22:44 - 2015-08-15 07:29 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-09-08 22:44 - 2015-08-15 07:29 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-09-08 22:44 - 2015-08-15 07:29 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-09-08 22:44 - 2015-08-15 07:24 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-09-08 22:44 - 2015-08-15 07:23 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-09-08 22:44 - 2015-08-15 07:22 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-09-08 22:44 - 2015-08-15 07:21 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-09-08 22:44 - 2015-08-15 07:16 - 14451712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-09-08 22:44 - 2015-08-15 07:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-09-08 22:44 - 2015-08-15 07:14 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-09-08 22:44 - 2015-08-15 07:12 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-09-08 22:44 - 2015-08-15 07:11 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-09-08 22:44 - 2015-08-15 07:10 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-09-08 22:44 - 2015-08-15 07:04 - 12857344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-09-08 22:44 - 2015-08-15 07:02 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-09-08 22:44 - 2015-08-15 07:01 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-09-08 22:44 - 2015-08-15 07:01 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-09-08 22:44 - 2015-08-15 06:55 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-09-08 22:44 - 2015-08-15 06:43 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-09-08 22:44 - 2015-08-15 06:43 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-09-08 22:44 - 2015-08-15 06:39 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-09-08 22:44 - 2015-08-15 06:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-09-08 22:44 - 2015-08-05 19:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-09-08 22:44 - 2015-08-05 19:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-09-08 22:44 - 2015-08-05 19:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-09-08 22:44 - 2015-08-05 19:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-09-08 22:44 - 2015-07-15 05:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-09-08 22:44 - 2015-07-15 04:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-09-08 22:44 - 2015-07-09 19:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-09-08 22:44 - 2015-07-09 19:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-09-08 22:44 - 2015-07-09 19:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-09-08 22:44 - 2015-07-09 19:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-09-08 22:43 - 2015-09-02 05:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-09-08 22:43 - 2015-09-02 05:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-09-08 22:43 - 2015-09-02 05:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-09-08 22:43 - 2015-09-02 05:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-09-08 22:43 - 2015-09-02 04:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-09-08 22:43 - 2015-09-02 04:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-09-08 22:43 - 2015-09-02 04:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-09-08 22:43 - 2015-09-02 04:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-09-08 22:43 - 2015-09-02 03:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-09-08 22:43 - 2015-09-02 03:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-09-08 22:43 - 2015-09-02 03:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-09-08 22:43 - 2015-08-27 20:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-09-08 22:43 - 2015-08-27 20:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-09-08 22:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-09-08 22:43 - 2015-08-27 20:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-09-08 22:43 - 2015-08-27 19:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-09-08 22:43 - 2015-08-27 19:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-09-08 22:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-09-08 22:43 - 2015-08-27 19:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-09-08 22:43 - 2015-08-26 20:07 - 03165696 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-09-08 22:43 - 2015-08-26 20:07 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-09-08 22:43 - 2015-08-26 20:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-09-08 22:43 - 2015-08-26 20:07 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-09-08 22:43 - 2015-08-26 20:07 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-09-08 22:43 - 2015-08-26 20:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-09-08 22:43 - 2015-08-26 20:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-09-08 22:43 - 2015-08-26 20:06 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-09-08 22:43 - 2015-08-26 20:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-09-08 22:43 - 2015-08-26 20:06 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-09-08 22:43 - 2015-08-26 20:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-09-08 22:43 - 2015-08-26 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-09-08 22:43 - 2015-08-26 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-09-08 22:43 - 2015-08-26 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-09-08 22:43 - 2015-08-26 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-09-08 22:43 - 2015-08-26 19:55 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-09-08 22:43 - 2015-08-15 08:48 - 25190400 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-09-08 22:43 - 2015-08-15 08:17 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-09-08 22:43 - 2015-08-15 08:17 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-09-08 22:43 - 2015-08-15 08:04 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-09-08 22:43 - 2015-08-15 08:04 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-09-08 22:43 - 2015-08-15 08:00 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-09-08 22:43 - 2015-08-15 07:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-09-08 22:43 - 2015-08-15 07:22 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-09-08 22:43 - 2015-08-15 07:07 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-09-08 22:43 - 2015-08-04 20:03 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-09-08 22:43 - 2015-08-04 20:00 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-09-08 22:43 - 2015-08-04 19:56 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-09-08 22:43 - 2015-08-04 19:56 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-09-08 22:43 - 2015-08-04 19:56 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-09-08 22:43 - 2015-08-04 19:55 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-09-08 22:43 - 2015-08-04 19:55 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-09-08 22:43 - 2015-08-04 19:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-09-08 22:43 - 2015-08-04 18:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-09-08 22:43 - 2015-07-23 02:06 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-09-08 22:43 - 2015-07-23 02:06 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-09-08 22:43 - 2015-07-23 02:06 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-09-08 22:43 - 2015-07-23 02:03 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-09-08 22:43 - 2015-07-23 02:03 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-09-08 22:43 - 2015-07-23 02:03 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-09-08 22:43 - 2015-07-23 02:03 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-09-08 22:43 - 2015-07-23 02:03 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-09-08 22:43 - 2015-07-23 02:02 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-09-08 22:43 - 2015-07-23 02:02 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-09-08 22:43 - 2015-07-23 02:02 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-09-08 22:43 - 2015-07-23 02:01 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-09-08 22:43 - 2015-07-23 02:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-09-08 22:43 - 2015-07-23 02:01 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-09-08 22:43 - 2015-07-23 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-09-08 22:43 - 2015-07-23 01:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:52 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-09-08 22:43 - 2015-07-23 01:51 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-09-08 22:43 - 2015-07-22 19:57 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-09-08 22:43 - 2015-07-22 19:57 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-09-08 22:43 - 2015-07-22 19:54 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-09-08 22:43 - 2015-07-22 19:53 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-09-08 22:43 - 2015-07-22 19:52 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-09-08 22:43 - 2015-07-22 19:52 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-09-08 22:43 - 2015-07-22 19:52 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-09-08 22:43 - 2015-07-22 19:52 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-09-08 22:43 - 2015-07-22 19:52 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-09-08 22:43 - 2015-07-22 19:52 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-09-08 22:43 - 2015-07-22 19:52 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-09-08 22:43 - 2015-07-22 19:47 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-09-08 22:43 - 2015-07-22 19:46 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 19:42 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 18:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-09-08 22:43 - 2015-07-22 18:45 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-09-08 22:43 - 2015-07-22 18:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-09-08 22:43 - 2015-07-22 18:44 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-09-08 22:43 - 2015-07-22 18:34 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-09-08 22:43 - 2015-07-22 18:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-09-08 22:43 - 2015-07-22 18:31 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 18:31 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 18:31 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-09-08 22:43 - 2015-07-22 18:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-09-08 22:43 - 2015-06-25 12:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-09-08 22:43 - 2015-06-25 12:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-09-08 22:43 - 2015-06-25 12:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-09-08 22:43 - 2015-06-25 11:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-09-04 05:50 - 2015-09-04 05:50 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-02 21:36 - 2015-08-25 16:08 - 00574072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-09-02 21:35 - 2015-08-25 20:46 - 42840368 _____ C:\Windows\system32\nvcompiler.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 37819184 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 22525560 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 18543736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 16637336 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 15512888 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 14936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 13661160 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 12185152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 11089200 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-09-02 21:35 - 2015-08-25 20:46 - 02940720 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 02627704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 01898288 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435582.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 01558648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435582.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 01106672 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 01075320 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 01064752 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00986232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00945456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00944736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00512904 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00364336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-09-02 21:35 - 2015-08-25 20:46 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-09-02 21:31 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-09-02 21:31 - 2015-08-11 06:52 - 00050472 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-08-28 06:26 - 2015-08-29 20:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-21 07:51 - 2015-08-21 08:09 - 00000000 ____D C:\Users\Huynh Anh Dung\Documents\Outlook-Dateien
2015-08-15 17:58 - 2015-08-15 17:58 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-15 17:58 - 2015-08-15 17:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-15 17:58 - 2015-08-15 17:58 - 00000000 ____D C:\Program Files\iTunes
2015-08-15 17:58 - 2015-08-15 17:58 - 00000000 ____D C:\Program Files\iPod
2015-08-15 17:58 - 2015-08-15 17:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-14 14:13 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-14 14:13 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 02:57 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 02:57 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 02:57 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 02:57 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 02:57 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 02:57 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 02:57 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 02:57 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 02:57 - 2015-07-16 21:12 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 02:57 - 2015-07-16 21:12 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 02:57 - 2015-07-16 21:12 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 02:57 - 2015-07-16 21:11 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 02:57 - 2015-07-16 21:11 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 02:57 - 2015-07-16 21:11 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 02:57 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 02:57 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 02:57 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 02:57 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 02:57 - 2015-07-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-08-12 02:57 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 02:57 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 02:57 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 02:57 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 02:56 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 02:56 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 02:56 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 02:56 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 02:56 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 02:56 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 02:56 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 02:56 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 02:56 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 02:56 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 02:56 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-10 14:21 - 2014-11-17 18:43 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Roaming\TS3Client
2015-09-10 14:03 - 2015-06-16 18:52 - 00001260 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2486204871-2054122207-644660283-1000UA.job
2015-09-10 13:22 - 2014-11-17 15:32 - 01272401 _____ C:\Windows\WindowsUpdate.log
2015-09-10 12:59 - 2015-05-01 19:30 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-09-10 12:19 - 2009-07-14 06:45 - 00026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-10 12:19 - 2009-07-14 06:45 - 00026336 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-10 12:09 - 2009-07-14 19:58 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-09-10 12:09 - 2009-07-14 19:58 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-09-10 12:09 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-09-10 12:03 - 2015-02-06 08:16 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-10 12:03 - 2014-11-17 22:20 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox
2015-09-10 12:03 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-09-10 12:03 - 2009-07-14 06:51 - 00116442 _____ C:\Windows\setupact.log
2015-09-10 10:14 - 2015-06-16 18:52 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2486204871-2054122207-644660283-1000Core.job
2015-09-10 02:26 - 2015-05-02 08:14 - 02870984 _____ (ESET) C:\Users\Huynh Anh Dung\Downloads\esetsmartinstaller_deu.exe
2015-09-10 02:02 - 2014-11-17 18:36 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Local\Battle.net
2015-09-09 04:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-09-09 03:24 - 2009-07-14 06:45 - 00408240 _____ C:\Windows\system32\FNTCACHE.DAT
2015-09-09 03:23 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 03:23 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-09-09 03:08 - 2014-11-17 16:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 03:07 - 2014-11-17 16:10 - 00000000 ____D C:\Windows\system32\MRT
2015-09-09 03:03 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-09-08 22:16 - 2014-11-17 18:16 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Roaming\vlc
2015-09-06 18:21 - 2014-11-17 18:04 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Local\CrashDumps
2015-09-06 11:33 - 2014-11-23 15:38 - 00002996 _____ C:\Users\Huynh Anh Dung\Desktop\Neues Textdokument.txt
2015-09-05 17:24 - 2014-11-29 17:13 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Roaming\dvdcss
2015-09-02 21:37 - 2015-02-06 08:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-09-02 21:37 - 2015-01-24 17:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-09-02 21:37 - 2015-01-20 18:00 - 00000000 ____D C:\Temp
2015-09-02 07:39 - 2014-11-17 18:18 - 00000000 ____D C:\Users\Huynh Anh Dung\AppData\Local\DisplayFusion
2015-08-29 20:19 - 2015-05-02 08:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-29 20:19 - 2014-11-17 15:56 - 00143890 _____ C:\Windows\PFRO.log
2015-08-28 21:28 - 2014-11-17 18:36 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-27 20:12 - 2014-11-17 15:28 - 00000000 ____D C:\Windows\Panther
2015-08-27 20:07 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT
2015-08-27 02:37 - 2015-02-06 08:16 - 01423120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-08-27 02:37 - 2015-02-06 08:16 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-08-27 02:36 - 2015-02-06 08:16 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-08-27 02:36 - 2015-02-06 08:16 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-08-26 18:37 - 2014-11-17 16:10 - 134753440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-25 20:46 - 2015-02-06 08:15 - 17082392 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-25 20:46 - 2015-02-06 08:15 - 14635792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-25 20:46 - 2015-02-06 08:15 - 12515016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-25 20:46 - 2015-02-06 08:15 - 03527696 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-25 20:46 - 2015-02-06 08:15 - 03112904 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-25 20:46 - 2015-02-06 08:15 - 00033025 _____ C:\Windows\system32\nvinfo.pb
2015-08-25 16:24 - 2015-02-06 08:16 - 06884984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-25 16:24 - 2015-02-06 08:16 - 03496752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-25 16:24 - 2015-02-06 08:16 - 02558584 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-25 16:24 - 2015-02-06 08:16 - 00937776 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-25 16:24 - 2015-02-06 08:16 - 00385144 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-25 16:24 - 2015-02-06 08:16 - 00062584 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-25 14:35 - 2015-02-06 08:16 - 05165808 _____ C:\Windows\system32\nvcoproc.bin
2015-08-20 18:18 - 2015-07-09 18:42 - 00002026 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2015-08-20 18:18 - 2015-05-30 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2015-08-20 18:18 - 2014-11-17 17:41 - 00196836 _____ C:\Windows\DPINST.LOG
2015-08-20 18:18 - 2014-11-17 17:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-15 19:38 - 2014-11-17 16:41 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-15 19:38 - 2014-11-17 16:41 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-15 17:58 - 2014-11-17 19:16 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-08-14 22:26 - 2014-12-10 08:27 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-14 22:26 - 2014-11-17 16:12 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-14 14:13 - 2014-12-11 03:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-14 14:12 - 2014-12-11 03:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-14 14:12 - 2014-12-11 03:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-11 06:52 - 2015-01-24 17:49 - 00072504 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-17 18:34 - 2014-11-17 18:34 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Huynh Anh Dung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcutttq.dll
C:\Users\Huynh Anh Dung\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Huynh Anh Dung\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Huynh Anh Dung\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Huynh Anh Dung\AppData\Local\Temp\nvStInst.exe
C:\Users\Huynh Anh Dung\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Huynh Anh Dung\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-02 19:29
==================== Ende von FRST.txt ============================
Vielen Dank schon mal. Vg |
|
10.09.2015, 13:33
| #4 |
| | WEB.de Mails werden ungewollt verschicktCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:10-09-2015
durchgeführt von Huynh Anh Dung (2015-09-10 14:24:23)
Gestartet von C:\Users\Huynh Anh Dung\Downloads
Windows 7 Professional Service Pack 1 (X64) (2014-11-17 13:34:48)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2486204871-2054122207-644660283-500 - Administrator - Disabled)
Gast (S-1-5-21-2486204871-2054122207-644660283-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2486204871-2054122207-644660283-1002 - Limited - Enabled)
Huynh Anh Dung (S-1-5-21-2486204871-2054122207-644660283-1000 - Administrator - Enabled) => C:\Users\Huynh Anh Dung
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version: - Hyper Hippo Games)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
DisplayFusion 6.1.2 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 6.1.2.0 - Binary Fortress Software)
Dropbox (HKU\S-1-5-21-2486204871-2054122207-644660283-1000\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Eternal Senia (HKLM-x32\...\Steam App 351640) (Version: - Holy Priest)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Lara Croft and the Temple of Osiris (HKLM-x32\...\Steam App 289690) (Version: - Crystal Dynamics)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 40.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 de)) (Version: 40.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.9.2 - Shark007)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
Sid Meier's Starships (HKLM-x32\...\Steam App 282210) (Version: - Firaxis Games)
Skype™ 7.2 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.2.103 - Skype Technologies S.A.)
Sony PC Companion 2.10.281 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.281 - Sony)
Star Wars X-Wing Alliance (HKLM\...\{a218c2db-d769-44eb-b757-b7fc41b6596c}.sdb) (Version: - )
STAR WARS™: X-Wing Alliance™ (HKLM-x32\...\Steam App 361670) (Version: - Totally Games)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Unity Web Player (HKU\S-1-5-21-2486204871-2054122207-644660283-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Windows Phone app for desktop (HKLM-x32\...\{19773614-FC22-4ACC-AAA3-E6BDA81ACF92}) (Version: 1.1.2726.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.20 beta 4 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.4 - win.rar GmbH)
x64 Components v4.9.2 (HKLM\...\Advanced x64Components_is1) (Version: 4.9.2 - Shark007)
X-Mouse Button Control 2.8.5 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.8.5 - Highresolution Enterprises)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2486204871-2054122207-644660283-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
29-08-2015 20:30:38 Windows Update
02-09-2015 14:09:18 Windows Update
05-09-2015 17:20:40 Windows Update
09-09-2015 03:00:27 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0C5FC6A0-D493-4F06-B1FC-E3C5F1F464C8} - System32\Tasks\{246F2A63-F002-4499-B348-6BEDECA62594} => E:\SW RB\SETUP.EXE [1998-03-07] ()
Task: {0C7D362B-AFC8-44A1-9C7A-15C4FD75827A} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {2E65DA98-08E6-4184-8B02-73E2E2BA5948} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {303BE300-B752-4091-AE13-DFA630283F14} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2486204871-2054122207-644660283-1000UA => C:\Users\Huynh Anh Dung\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
Task: {76CBA13B-20DD-4C19-926A-9D57F91A5AE9} - System32\Tasks\{C83404D0-375B-4F25-8C1A-D2A8194CF86B} => pcalua.exe -a "C:\Program Files (x86)\YouTube Accelerator\YTAUninstall.exe"
Task: {8F6449C2-1D73-41C5-8268-AB7548C42B01} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {B5CD166C-5865-4449-BE96-96B1A56F0523} - System32\Tasks\{5D00CA9E-F7D2-4BE8-8CE0-5DD3F062C5F5} => E:\SW RB\SETUP.EXE [1998-03-07] ()
Task: {C30D490B-ED9F-4B9B-825D-A9AF0FC32627} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {DA124FB6-99B8-4422-A36B-8FFA475C66F7} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2486204871-2054122207-644660283-1000Core => C:\Users\Huynh Anh Dung\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-16] (Dropbox, Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2486204871-2054122207-644660283-1000Core.job => C:\Users\Huynh Anh Dung\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2486204871-2054122207-644660283-1000UA.job => C:\Users\Huynh Anh Dung\AppData\Local\Dropbox\Update\DropboxUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-02-06 08:16 - 2015-08-25 16:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-19 19:49 - 2010-12-02 11:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-05-30 16:12 - 2015-06-10 11:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2015-05-17 19:48 - 2015-07-24 01:02 - 16104408 _____ () D:\games\Steam\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
2013-06-12 18:11 - 2013-08-03 10:49 - 01294336 _____ () D:\games\League of Legends\RADS\system\rads_user_kernel.exe
2015-09-04 20:41 - 2015-09-04 20:41 - 02371064 _____ () D:\games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.254\deploy\LoLLauncher.exe
2015-09-04 20:41 - 2015-09-04 20:41 - 04322808 _____ () D:\games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.38\deploy\LoLPatcher.exe
2013-08-03 11:12 - 2013-08-03 11:12 - 00074752 _____ () D:\games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.159\deploy\LolClient.exe
2014-02-28 11:14 - 2015-08-04 17:04 - 00179176 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2015-08-04 17:04 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2015-08-04 17:04 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2015-08-04 17:04 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-06-05 15:48 - 2015-08-04 17:04 - 00318976 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 15:48 - 2015-08-04 17:04 - 01718784 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-09-10 13:53 - 2015-05-14 11:54 - 00422600 _____ () C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2015-06-04 19:50 - 2015-08-27 02:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-30 16:12 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2015-05-30 16:12 - 2014-12-04 15:18 - 00241152 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2015-07-09 18:42 - 2015-06-30 16:21 - 00915968 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\deviceupdate_dll.dll
2015-09-10 12:03 - 2015-09-10 12:03 - 00071168 _____ () c:\Users\Huynh Anh Dung\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcutttq.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012800 _____ () C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00779776 _____ () C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-30 08:05 - 2015-08-05 07:26 - 00056320 _____ () C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-03-04 23:45 - 2015-08-05 07:26 - 00012288 _____ () C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll
2013-03-25 14:23 - 2015-07-03 18:12 - 00778240 _____ () D:\games\Steam\SDL2.dll
2015-01-20 14:06 - 2015-07-03 18:12 - 04962816 _____ () D:\games\Steam\v8.dll
2015-01-20 14:06 - 2015-07-03 18:12 - 01556992 _____ () D:\games\Steam\icui18n.dll
2015-01-20 14:06 - 2015-07-03 18:12 - 01187840 _____ () D:\games\Steam\icuuc.dll
2014-06-01 12:09 - 2015-08-19 22:39 - 02413248 _____ () D:\games\Steam\video.dll
2014-08-29 14:25 - 2014-12-01 23:31 - 02396672 _____ () D:\games\Steam\libavcodec-56.dll
2014-08-29 14:25 - 2014-12-01 23:31 - 00442880 _____ () D:\games\Steam\libavutil-54.dll
2014-08-29 14:25 - 2014-12-01 23:31 - 00479744 _____ () D:\games\Steam\libavformat-56.dll
2014-08-29 14:25 - 2014-12-01 23:31 - 00332800 _____ () D:\games\Steam\libavresample-2.dll
2014-08-29 14:25 - 2014-12-01 23:31 - 00485888 _____ () D:\games\Steam\libswscale-3.dll
2011-07-13 04:24 - 2015-08-19 22:39 - 00704192 _____ () D:\games\Steam\bin\chromehtml.DLL
2015-07-22 19:14 - 2015-07-27 03:13 - 00171008 _____ () D:\games\Steam\bin\openvr_api.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-11-20 00:34 - 2014-09-28 18:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2010-08-06 23:54 - 2015-07-03 18:12 - 39553928 _____ () D:\games\Steam\bin\libcef.dll
2008-06-17 07:46 - 2015-08-19 22:39 - 00373440 _____ () D:\games\Steam\steam.dll
2015-09-04 20:41 - 2015-09-04 20:41 - 01721336 _____ () D:\games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.38\deploy\RiotLauncher.dll
2013-08-03 11:09 - 2013-08-03 11:09 - 04774248 _____ () D:\games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.159\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2013-08-03 11:08 - 2013-08-03 11:09 - 16032616 _____ () D:\games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.159\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2015-08-15 19:38 - 2015-08-15 19:38 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2486204871-2054122207-644660283-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Huynh Anh Dung\AppData\Local\DisplayFusion\Wallpaper_1
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{BF4319FF-99A5-43CB-A02B-997FAD6CBA11}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{060F048C-5B6A-4C89-8E04-00CE1F71DCB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{592745FA-BEAD-4FCD-BA48-75BE51266CDD}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{02B1E6A3-0466-4CE4-AF00-8334B3BA8ED5}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{155AC91D-9964-4344-A948-65BC54D61DED}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{91570E5C-00FA-4C6F-8289-D775A771777B}D:\games\hearthstone\hearthstone.exe] => (Allow) D:\games\hearthstone\hearthstone.exe
FirewallRules: [{E76C9991-B5D3-4170-B176-2932C91E451A}] => (Allow) C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FC79355D-D0DC-4849-9C2E-0373095FB912}] => (Allow) C:\Users\Huynh Anh Dung\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A0FF306C-D5F5-4B2E-BB8E-82A05F2260FB}C:\users\huynh anh dung\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\huynh anh dung\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{00406D09-8F0A-41B2-9990-3BA70F5B5642}C:\users\huynh anh dung\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\huynh anh dung\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{9811605D-2D7B-4075-B931-CDD5B1489358}] => (Allow) D:\games\Steam\Steam.exe
FirewallRules: [{B9E6A256-4EA3-4367-88F3-42F98A78DA32}] => (Allow) D:\games\Steam\Steam.exe
FirewallRules: [{846794AA-9B66-44F0-9DAB-F04F9096BBAC}] => (Allow) D:\games\Steam\bin\steamwebhelper.exe
FirewallRules: [{D897E8E0-38C3-4C8A-8548-641756A7FC0A}] => (Allow) D:\games\Steam\bin\steamwebhelper.exe
FirewallRules: [{129736E1-54A7-43E8-B6DD-AD424566966E}] => (Allow) D:\games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{41F3C12F-F2A5-4522-A843-0BD1B4010575}] => (Allow) D:\games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{061B4658-03BD-411F-B44C-8C198554714E}D:\games\starcraft ii\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\games\starcraft ii\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{92FEAD8B-AACE-4474-88CC-3AE795B12D83}D:\games\starcraft ii\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\games\starcraft ii\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [TCP Query User{2CBC5EE5-AAA1-4C61-9B40-12B03D1E8ABA}D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{A7FA1805-A27B-4560-8F87-4930FFF79CDA}D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{45B2A506-781A-452C-A534-9169CD798CD9}D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{DBFBA27F-42D8-4E7C-B08A-9EE741FF82AE}D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) D:\games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{9E33008C-7435-491B-81FD-AF4D4AA9A279}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{8E08F4FA-F224-4408-A73A-F3BE65995D50}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{3F041B34-592A-45FF-828D-297A71139BAC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{FDC5CC09-5266-43C7-AB3F-835083C57BB2}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E5A36826-7B8F-41FC-9A3C-04EE97FDB187}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{20D113B2-F238-4AF5-BAC2-8AC10BE470B9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{87838A26-8CC3-4236-8453-3EC7E89AD1F4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{8A0761E0-4A73-46DD-99F0-8B6D44B0F9B4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{29557045-C2C0-45E7-AC02-6EAEC5145639}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{EF4FD969-B372-494B-A83A-591347EBDD13}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{064BFF93-5678-4C41-A3A6-CB641D416412}] => (Allow) D:\games\Steam\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe
FirewallRules: [{EBBE2E4A-26FC-432C-B0CE-7959FC49B60B}] => (Allow) D:\games\Steam\SteamApps\common\Lara Croft and the Temple of Osiris\LC2.exe
FirewallRules: [{E6408F89-9EA7-45F7-AF00-BCDB54EA5FBA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{DB3979C7-798E-4D1B-98FD-42A6D7DBDFF9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{0C5663F3-15F8-4A20-AA70-1FD1E368E1DE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{33667E6F-0C00-4CA4-8D52-785DDB07A1B5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Block) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{62B61FA0-0CA4-4922-8EFA-A45433CB5322}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{1647CBF3-FD1B-437E-B34F-93D3E35EEC96}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [TCP Query User{C151AEA2-BB0F-41D3-9DBB-8712F1662A1E}D:\games\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{550853C6-5F5F-468C-9DAA-6E21C24764C2}D:\games\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{7DA92F3B-0787-4407-87EA-2F923D76656B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{C7D38887-5281-4A64-B50F-7ADC4705F08F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{E63A27D1-9E07-4A57-B32E-246FEE16CECE}E:\games\diablo iii\diablo iii.exe] => (Allow) E:\games\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A24B00DD-E7FC-48E6-86BA-48D69EF92A14}E:\games\diablo iii\diablo iii.exe] => (Allow) E:\games\diablo iii\diablo iii.exe
FirewallRules: [{CF92004A-0DE6-43AE-89B0-9D6AD81E978B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{DF32EFF2-430F-42CD-8A9E-3AD0544395D2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{CE76F6C9-F203-4917-9D98-506BF8AFBB63}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{6A1D88A2-14D0-425C-BFE9-B6C9CDB32652}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{024FD5BD-E144-4CEE-9632-B930514DA560}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{D44D7E5A-71C7-4D03-AE2B-BB321FFE8B4B}C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [TCP Query User{7DD15E28-AF76-4B9D-A4E5-79031CD28932}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{A3E60A49-3683-42BC-A9AD-DD64B91BF20A}D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{752E691E-BE6A-4235-97ED-46DEB5B05E7D}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B0BA5F26-B4E1-49F1-92D4-85B867EA0CDE}D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\games\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{4F686986-5312-4185-94FA-311C2F0E5183}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{3CFB028A-244D-45DF-9DD4-517DB1EC6091}] => (Allow) D:\games\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{35CACF88-908B-48BD-B27E-7CFBBAA3A7B1}] => (Allow) D:\games\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{0F1DD105-E0DC-406F-A0A3-20C1EDE204B6}] => (Allow) D:\games\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{F378D8A5-B33D-4782-809E-850C6175C8B6}] => (Allow) D:\games\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{439A57A6-3B44-4BAF-AFA0-20787AA36703}] => (Allow) D:\games\Steam\SteamApps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [{BB817AA4-C62A-4E23-AC02-7D88FE912244}] => (Allow) D:\games\Steam\SteamApps\common\Sid Meier's Starships\Starships64.exe
FirewallRules: [TCP Query User{513A9284-D748-48E8-968B-79BA75E85FE0}D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B328B1FE-A9FA-4B88-97B1-DC139D6598E6}D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{687A405A-4636-406E-98EA-CE0A852D4D33}D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C536189F-3519-4B7B-A1F1-25BB3D3CA0F8}D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{DFFB71C9-CDAB-48A2-9E86-15B3FF3B8342}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{10FACE44-7732-4BBB-982C-D092AF907E1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C60BF0C1-EDC9-4ABF-AA14-10A1881F3383}] => (Allow) D:\games\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{397B629D-3B57-464F-872C-1A3C9A9B3ACA}] => (Allow) D:\games\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [TCP Query User{18B3D3B1-EBD2-4E20-B82C-99CA43DBA763}D:\games\znes\zsnesw.exe] => (Allow) D:\games\znes\zsnesw.exe
FirewallRules: [UDP Query User{661B9CD5-58DB-4307-9B95-1EE43E6DCCC5}D:\games\znes\zsnesw.exe] => (Allow) D:\games\znes\zsnesw.exe
FirewallRules: [TCP Query User{E7B2116E-18A7-4020-9F3F-FFD3ACFE7844}D:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7F2FFAF8-C24E-40A4-A44E-D17A99B27978}D:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) D:\games\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [{42065BEA-1566-4F89-9A00-9D8C76381E78}] => (Allow) D:\games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{33188FE7-E908-4132-9815-65C9F4BACBA6}] => (Allow) D:\games\Steam\SteamApps\common\Terraria\Terraria.exe
FirewallRules: [{789FF29B-2B6A-495C-9EF2-A674C75508E6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0A20D4C6-CB87-4823-A130-DCC41B79BF74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D5869DDF-6D68-46CF-A8A3-26244F154DA3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5D2C9FF4-A9E4-45DB-9595-3DB6439F9334}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1ABE89BB-29E2-4E56-BAA9-2CB5A1A60EF2}] => (Allow) D:\games\Steam\SteamApps\common\Eternal Senia\Game.exe
FirewallRules: [{D454C8A5-7D97-40DA-9F04-B57F3BDDB7CE}] => (Allow) D:\games\Steam\SteamApps\common\Eternal Senia\Game.exe
FirewallRules: [{94A1DBC8-D0E0-4825-B5F6-F5D915628342}] => (Allow) D:\games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{9F90176B-938C-432C-8CAB-0F1C8C8BA8C0}] => (Allow) D:\games\Steam\SteamApps\common\Counter-Strike Global Offensive\bin\SDKLauncher.exe
FirewallRules: [{C625F346-81FC-418A-B089-DDFD4F328EFA}] => (Allow) D:\games\Steam\SteamApps\common\Star Wars X-Wing Alliance\alliance.exe
FirewallRules: [{428610DB-57BC-4B39-B810-404E8E39EEA0}] => (Allow) D:\games\Steam\SteamApps\common\Star Wars X-Wing Alliance\alliance.exe
FirewallRules: [{28D8E325-3CAE-4224-AC01-8C832334DA5F}] => (Allow) D:\games\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{FF56F0D1-831E-4C3F-817D-92F008925536}] => (Allow) D:\games\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{743829C6-56DC-4FAB-B0F9-9B368BBF62A7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{339D4408-5F86-4102-A364-7CA398888FC7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A60EB1ED-E0FD-4483-AE08-1574FB29B079}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{8DBEA138-4C83-45DA-B0A8-3D085854DFEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C40574AC-BA2B-4699-BBE7-48D6480C3455}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5D7785C7-C695-4152-BA0E-B169ADD49BC6}] => (Allow) D:\games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{B8A655F3-92D5-41B0-8870-3767944FABFF}] => (Allow) D:\games\Steam\SteamApps\common\EvolveGame\Bin64_SteamRetail\Evolve.exe
FirewallRules: [{49B9766C-5E53-4914-A455-370122C7FE85}] => (Allow) D:\games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A6C06C88-AD08-4293-9EE4-A46B9FD4C68B}] => (Allow) D:\games\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{A6B43599-AFD4-444E-8135-98C4FD8C1CDA}] => (Allow) C:\Program Files\iTunes\iTunes.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Orbitdownloader\orbitdm.exe] => Enabled:Orbit
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Orbitdownloader\orbitnet.exe] => Enabled:Orbit
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Videocontroller für Multimedia
Description: Videocontroller für Multimedia
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/10/2015 01:52:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/10/2015 01:52:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/10/2015 01:52:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/10/2015 10:48:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/10/2015 02:26:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/10/2015 02:26:17 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (09/06/2015 06:21:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LolClient.exe, Version: 0.0.0.0, Zeitstempel: 0x515663e0
Name des fehlerhaften Moduls: WebKit.dll, Version: 6531.9.0.0, Zeitstempel: 0x51566370
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a9965
ID des fehlerhaften Prozesses: 0xd1c
Startzeit der fehlerhaften Anwendung: 0xLolClient.exe0
Pfad der fehlerhaften Anwendung: LolClient.exe1
Pfad des fehlerhaften Moduls: LolClient.exe2
Berichtskennung: LolClient.exe3
Error: (09/01/2015 08:55:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 40.0.3.5716, Zeitstempel: 0x55ddb213
Name des fehlerhaften Moduls: mozglue.dll, Version: 40.0.3.5716, Zeitstempel: 0x55dda062
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e250
ID des fehlerhaften Prozesses: 0x19e8
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (08/31/2015 08:58:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.92.69.85 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1aac
Startzeit: 01d0e41ed7b2043c
Endzeit: 9
Anwendungspfad: D:\games\Steam\Steam.exe
Berichts-ID: 3c2d453d-5012-11e5-be4d-60a44c64ac2e
Error: (08/30/2015 08:49:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
Systemfehler:
=============
Error: (09/10/2015 01:54:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/10/2015 01:54:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\HUYNHA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/10/2015 01:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/10/2015 01:54:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\HUYNHA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/10/2015 01:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/10/2015 01:54:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\HUYNHA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/10/2015 01:53:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/10/2015 01:53:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\HUYNHA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/10/2015 01:53:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (09/10/2015 01:53:11 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\HUYNHA~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office:
=========================
Error: (09/10/2015 01:52:30 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Huynh Anh Dung\Downloads\esetsmartinstaller_deu.exe
Error: (09/10/2015 01:52:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Huynh Anh Dung\Downloads\esetsmartinstaller_deu.exe
Error: (09/10/2015 01:52:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Huynh Anh Dung\Downloads\esetsmartinstaller_deu.exe
Error: (09/10/2015 10:48:44 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Huynh Anh Dung\Downloads\esetsmartinstaller_deu.exe
Error: (09/10/2015 02:26:22 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Huynh Anh Dung\Downloads\esetsmartinstaller_deu.exe
Error: (09/10/2015 02:26:17 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Huynh Anh Dung\Downloads\esetsmartinstaller_deu.exe
Error: (09/06/2015 06:21:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LolClient.exe0.0.0.0515663e0WebKit.dll6531.9.0.051566370c0000005000a9965d1c01d0e7fdb3513681D:\games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.158\deploy\LolClient.exeD:\games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.158\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll53ade64b-54b3-11e5-861a-60a44c64ac2e
Error: (09/01/2015 08:55:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe40.0.3.571655ddb213mozglue.dll40.0.3.571655dda062800000030000e25019e801d0e4e212a27328C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozglue.dllf70e276e-50da-11e5-a419-60a44c64ac2e
Error: (08/31/2015 08:58:39 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.92.69.851aac01d0e41ed7b2043c9D:\games\Steam\Steam.exe3c2d453d-5012-11e5-be4d-60a44c64ac2e
Error: (08/30/2015 08:49:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6022
CodeIntegrity:
===================================
Date: 2015-09-10 12:03:26.971
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-10 10:59:15.099
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-10 10:50:22.631
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-10 10:47:57.196
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-10 09:22:52.271
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-10 02:39:11.021
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-09-10 02:39:11.015
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-09-10 02:39:11.010
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-09-10 02:39:10.901
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
Date: 2015-09-10 02:39:10.893
Description: Die Integrität der Datei "\Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe" kann nicht geprüft werden, da das Signaturzertifikat gesperrt wurde. Erkundigen Sie sich beim Herausgeber, ob eine neue signierte Version des Kernelmoduls verfügbar ist.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X4 965 Processor
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8108.99 MB
Verfügbarer physikalischer RAM: 4133.86 MB
Summe virtueller Speicher: 16216.18 MB
Verfügbarer virtueller Speicher: 11728.14 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:119.14 GB) (Free:47.56 GB) NTFS
Drive d: () (Fixed) (Total:298.09 GB) (Free:102.2 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:360.53 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 8190BC6D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 168DBA87)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A76CA76C)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=42)
==================== Ende von Addition.txt ============================
|
|
11.09.2015, 06:22
| #5 |
| /// the machine /// TB-Ausbilder | WEB.de Mails werden ungewollt verschickt hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.09.2015, 08:46
| #6 |
| | WEB.de Mails werden ungewollt verschickt Hi, anbei wie gewünscht Malwarebytes Anti-Rootkit log Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.09.11.02
rootkit: v2015.08.16.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.18015
XXXXXXXXXX :: CHIMAERA [administrator]
11.09.2015 09:26:44
mbar-log-2015-09-11 (09-26-44).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 369538
Time elapsed: 10 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 09:39:14.0939 0x1f40 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
09:39:16.0968 0x1f40 ============================================================
09:39:16.0968 0x1f40 Current date / time: 2015/09/11 09:39:16.0968
09:39:16.0968 0x1f40 SystemInfo:
09:39:16.0968 0x1f40
09:39:16.0968 0x1f40 OS Version: 6.1.7601 ServicePack: 1.0
09:39:16.0968 0x1f40 Product type: Workstation
09:39:16.0968 0x1f40 ComputerName: CHIMAERA
09:39:16.0968 0x1f40 UserName: XXXXXXX
09:39:16.0968 0x1f40 Windows directory: C:\Windows
09:39:16.0968 0x1f40 System windows directory: C:\Windows
09:39:16.0968 0x1f40 Running under WOW64
09:39:16.0968 0x1f40 Processor architecture: Intel x64
09:39:16.0968 0x1f40 Number of processors: 4
09:39:16.0968 0x1f40 Page size: 0x1000
09:39:16.0969 0x1f40 Boot type: Normal boot
09:39:16.0969 0x1f40 ============================================================
09:39:17.0045 0x1f40 KLMD registered as C:\Windows\system32\drivers\95112719.sys
09:39:17.0678 0x1f40 System UUID: {B014CD2B-0C4C-CA94-0CBD-8CECF2CB909A}
09:39:18.0287 0x1f40 Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:39:18.0295 0x1f40 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x97695, SectorsPerTrack: 0x3F, TracksPerCylinder: 0x10, Type 'K0', Flags 0x00000040
09:39:18.0779 0x1f40 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:39:20.0010 0x1f40 ============================================================
09:39:20.0010 0x1f40 \Device\Harddisk0\DR0:
09:39:20.0011 0x1f40 MBR partitions:
09:39:20.0011 0x1f40 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:39:20.0011 0x1f40 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
09:39:20.0011 0x1f40 \Device\Harddisk1\DR1:
09:39:20.0012 0x1f40 MBR partitions:
09:39:20.0012 0x1f40 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x2542D651
09:39:20.0012 0x1f40 \Device\Harddisk2\DR2:
09:39:20.0013 0x1f40 MBR partitions:
09:39:20.0013 0x1f40 ============================================================
09:39:20.0013 0x1f40 C: <-> \Device\Harddisk0\DR0\Partition2
09:39:20.0036 0x1f40 D: <-> \Device\Harddisk1\DR1\Partition1
09:39:20.0036 0x1f40 ============================================================
09:39:20.0036 0x1f40 Initialize success
09:39:20.0036 0x1f40 ============================================================
09:39:22.0413 0x1448 ============================================================
09:39:22.0413 0x1448 Scan started
09:39:22.0413 0x1448 Mode: Manual;
09:39:22.0413 0x1448 ============================================================
09:39:22.0413 0x1448 KSN ping started
09:39:25.0108 0x1448 KSN ping finished: true
09:39:25.0616 0x1448 ================ Scan system memory ========================
09:39:25.0616 0x1448 System memory - ok
09:39:25.0616 0x1448 ================ Scan services =============================
09:39:25.0642 0x1448 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
09:39:25.0647 0x1448 1394ohci - ok
09:39:25.0665 0x1448 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
09:39:25.0671 0x1448 ACPI - ok
09:39:25.0676 0x1448 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
09:39:25.0677 0x1448 AcpiPmi - ok
09:39:25.0682 0x1448 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:39:25.0684 0x1448 AdobeARMservice - ok
09:39:25.0697 0x1448 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:39:25.0706 0x1448 adp94xx - ok
09:39:25.0716 0x1448 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:39:25.0723 0x1448 adpahci - ok
09:39:25.0730 0x1448 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:39:25.0734 0x1448 adpu320 - ok
09:39:25.0741 0x1448 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:39:25.0742 0x1448 AeLookupSvc - ok
09:39:25.0754 0x1448 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
09:39:25.0763 0x1448 AFD - ok
09:39:25.0769 0x1448 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
09:39:25.0771 0x1448 agp440 - ok
09:39:25.0775 0x1448 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
09:39:25.0777 0x1448 ALG - ok
09:39:25.0781 0x1448 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
09:39:25.0782 0x1448 aliide - ok
09:39:25.0789 0x1448 [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
09:39:25.0794 0x1448 AMD External Events Utility - ok
09:39:25.0798 0x1448 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
09:39:25.0799 0x1448 amdide - ok
09:39:25.0804 0x1448 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:39:25.0805 0x1448 AmdK8 - ok
09:39:26.0146 0x1448 [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
09:39:26.0488 0x1448 amdkmdag - ok
09:39:26.0538 0x1448 [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
09:39:26.0549 0x1448 amdkmdap - ok
09:39:26.0555 0x1448 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:39:26.0556 0x1448 AmdPPM - ok
09:39:26.0562 0x1448 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
09:39:26.0564 0x1448 amdsata - ok
09:39:26.0572 0x1448 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:39:26.0576 0x1448 amdsbs - ok
09:39:26.0581 0x1448 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
09:39:26.0582 0x1448 amdxata - ok
09:39:26.0587 0x1448 [ 2834CC82613CEA492261885D1CAA25A0, 9B05744ECE77BEF8E6D6EDB99FAC404161715FBD2A5841554496DD8BBF334D02 ] amd_sata C:\Windows\system32\DRIVERS\amd_sata.sys
09:39:26.0589 0x1448 amd_sata - ok
09:39:26.0593 0x1448 [ A2844D704DB69FC92F5FA8AE9E3316A4, 3909E45814C24616921809D25EC63DC91292686694F904C8227AF150B6490EE2 ] amd_xata C:\Windows\system32\DRIVERS\amd_xata.sys
09:39:26.0594 0x1448 amd_xata - ok
09:39:26.0599 0x1448 [ A0711D119BA4B48A1470C768D301013E, 536366F809125D2C2171597C8C2CB3271BE5C6B373152112E0D970749776E00A ] AppID C:\Windows\system32\drivers\appid.sys
09:39:26.0601 0x1448 AppID - ok
09:39:26.0605 0x1448 [ 173C90AF5B243B4DD86F95CA154CB58A, 349F566DADC96B31FDC34C4F26545FB880844DBF84E5821AA0D0CAA91FB837E1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:39:26.0606 0x1448 AppIDSvc - ok
09:39:26.0611 0x1448 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
09:39:26.0612 0x1448 Appinfo - ok
09:39:26.0620 0x1448 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:39:26.0621 0x1448 Apple Mobile Device Service - ok
09:39:26.0628 0x1448 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
09:39:26.0632 0x1448 AppMgmt - ok
09:39:26.0638 0x1448 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
09:39:26.0640 0x1448 arc - ok
09:39:26.0645 0x1448 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:39:26.0648 0x1448 arcsas - ok
09:39:26.0668 0x1448 [ A63173897EA1A73A75D0E65036DE5B15, 07A83172B525DFC895056612F542420F4DF3C6192624C5B3141C726501163912 ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
09:39:26.0682 0x1448 asHmComSvc - ok
09:39:26.0695 0x1448 [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
09:39:26.0707 0x1448 AsIO - ok
09:39:26.0714 0x1448 [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
09:39:26.0734 0x1448 asmthub3 - ok
09:39:26.0745 0x1448 [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
09:39:26.0773 0x1448 asmtxhci - ok
09:39:26.0791 0x1448 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:39:26.0794 0x1448 aspnet_state - ok
09:39:26.0799 0x1448 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:39:26.0800 0x1448 AsyncMac - ok
09:39:26.0804 0x1448 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
09:39:26.0805 0x1448 atapi - ok
09:39:26.0812 0x1448 [ 33497249626E7787AA5CEA99B226CCA6, EF6213B79F83334CD95E4A58A4FE64190AA3FEFF590E41C4BF302FC4A8F6D6D6 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
09:39:26.0815 0x1448 AtiHDAudioService - ok
09:39:26.0831 0x1448 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:39:26.0844 0x1448 AudioEndpointBuilder - ok
09:39:26.0859 0x1448 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:39:26.0870 0x1448 AudioSrv - ok
09:39:26.0876 0x1448 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:39:26.0879 0x1448 AxInstSV - ok
09:39:26.0891 0x1448 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:39:26.0900 0x1448 b06bdrv - ok
09:39:26.0909 0x1448 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:39:26.0914 0x1448 b57nd60a - ok
09:39:26.0922 0x1448 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
09:39:26.0925 0x1448 BDESVC - ok
09:39:26.0928 0x1448 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
09:39:26.0929 0x1448 Beep - ok
09:39:26.0945 0x1448 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
09:39:26.0958 0x1448 BFE - ok
09:39:26.0978 0x1448 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
09:39:26.0995 0x1448 BITS - ok
09:39:27.0001 0x1448 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:39:27.0003 0x1448 blbdrive - ok
09:39:27.0014 0x1448 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:39:27.0022 0x1448 Bonjour Service - ok
09:39:27.0027 0x1448 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:39:27.0030 0x1448 bowser - ok
09:39:27.0034 0x1448 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:39:27.0035 0x1448 BrFiltLo - ok
09:39:27.0039 0x1448 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:39:27.0039 0x1448 BrFiltUp - ok
09:39:27.0045 0x1448 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
09:39:27.0048 0x1448 Browser - ok
09:39:27.0057 0x1448 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:39:27.0062 0x1448 Brserid - ok
09:39:27.0067 0x1448 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:39:27.0069 0x1448 BrSerWdm - ok
09:39:27.0072 0x1448 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:39:27.0073 0x1448 BrUsbMdm - ok
09:39:27.0077 0x1448 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:39:27.0079 0x1448 BrUsbSer - ok
09:39:27.0083 0x1448 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:39:27.0085 0x1448 BTHMODEM - ok
09:39:27.0092 0x1448 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
09:39:27.0094 0x1448 bthserv - ok
09:39:27.0099 0x1448 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:39:27.0101 0x1448 cdfs - ok
09:39:27.0107 0x1448 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:39:27.0110 0x1448 cdrom - ok
09:39:27.0115 0x1448 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
09:39:27.0117 0x1448 CertPropSvc - ok
09:39:27.0121 0x1448 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:39:27.0123 0x1448 circlass - ok
09:39:27.0133 0x1448 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
09:39:27.0140 0x1448 CLFS - ok
09:39:27.0147 0x1448 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:39:27.0149 0x1448 clr_optimization_v2.0.50727_32 - ok
09:39:27.0154 0x1448 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:39:27.0157 0x1448 clr_optimization_v2.0.50727_64 - ok
09:39:27.0164 0x1448 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:39:27.0167 0x1448 clr_optimization_v4.0.30319_32 - ok
09:39:27.0173 0x1448 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:39:27.0178 0x1448 clr_optimization_v4.0.30319_64 - ok
09:39:27.0182 0x1448 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:39:27.0183 0x1448 CmBatt - ok
09:39:27.0187 0x1448 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
09:39:27.0188 0x1448 cmdide - ok
09:39:27.0200 0x1448 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
09:39:27.0209 0x1448 CNG - ok
09:39:27.0215 0x1448 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:39:27.0216 0x1448 Compbatt - ok
09:39:27.0220 0x1448 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
09:39:27.0221 0x1448 CompositeBus - ok
09:39:27.0224 0x1448 COMSysApp - ok
09:39:27.0229 0x1448 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:39:27.0230 0x1448 crcdisk - ok
09:39:27.0239 0x1448 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:39:27.0243 0x1448 CryptSvc - ok
09:39:27.0256 0x1448 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
09:39:27.0265 0x1448 CSC - ok
09:39:27.0281 0x1448 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
09:39:27.0294 0x1448 CscService - ok
09:39:27.0311 0x1448 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:39:27.0322 0x1448 DcomLaunch - ok
09:39:27.0334 0x1448 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
09:39:27.0340 0x1448 defragsvc - ok
09:39:27.0346 0x1448 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:39:27.0348 0x1448 DfsC - ok
09:39:27.0357 0x1448 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
09:39:27.0364 0x1448 Dhcp - ok
09:39:27.0393 0x1448 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
09:39:27.0420 0x1448 DiagTrack - ok
09:39:27.0429 0x1448 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
09:39:27.0430 0x1448 discache - ok
09:39:27.0436 0x1448 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:39:27.0438 0x1448 Disk - ok
09:39:27.0538 0x1448 [ 579E6D1904188CC5EF81CF8B82E2A235, 5D1EC9D287BF3267ED0F85A01F2CB3AE514222E433B777560A06B818B1073A58 ] DisplayFusionService C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
09:39:27.0621 0x1448 DisplayFusionService - ok
09:39:27.0637 0x1448 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:39:27.0641 0x1448 Dnscache - ok
09:39:27.0649 0x1448 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
09:39:27.0655 0x1448 dot3svc - ok
09:39:27.0662 0x1448 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
09:39:27.0666 0x1448 DPS - ok
09:39:27.0670 0x1448 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:39:27.0671 0x1448 drmkaud - ok
09:39:27.0678 0x1448 [ 6688B6F74C360CBC366B7AF948D9084D, 9ED4BEEB5E53D1BA9095D1C3F680FCB9FD8389C4AD7BE388786AC3CECC7EC98A ] DTSAudioSvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
09:39:27.0682 0x1448 DTSAudioSvc - ok
09:39:27.0705 0x1448 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:39:27.0723 0x1448 DXGKrnl - ok
09:39:27.0730 0x1448 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
09:39:27.0733 0x1448 EapHost - ok
09:39:27.0799 0x1448 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:39:27.0860 0x1448 ebdrv - ok
09:39:27.0871 0x1448 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] EFS C:\Windows\System32\lsass.exe
09:39:27.0872 0x1448 EFS - ok
09:39:27.0889 0x1448 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:39:27.0902 0x1448 ehRecvr - ok
09:39:27.0908 0x1448 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
09:39:27.0911 0x1448 ehSched - ok
09:39:27.0925 0x1448 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:39:27.0935 0x1448 elxstor - ok
09:39:27.0940 0x1448 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
09:39:27.0941 0x1448 ErrDev - ok
09:39:27.0955 0x1448 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
09:39:27.0963 0x1448 EventSystem - ok
09:39:27.0971 0x1448 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
09:39:27.0974 0x1448 exfat - ok
09:39:27.0981 0x1448 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:39:27.0984 0x1448 fastfat - ok
09:39:28.0001 0x1448 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
09:39:28.0014 0x1448 Fax - ok
09:39:28.0019 0x1448 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:39:28.0020 0x1448 fdc - ok
09:39:28.0024 0x1448 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
09:39:28.0025 0x1448 fdPHost - ok
09:39:28.0029 0x1448 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
09:39:28.0030 0x1448 FDResPub - ok
09:39:28.0035 0x1448 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:39:28.0037 0x1448 FileInfo - ok
09:39:28.0041 0x1448 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:39:28.0043 0x1448 Filetrace - ok
09:39:28.0049 0x1448 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:39:28.0050 0x1448 flpydisk - ok
09:39:28.0058 0x1448 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:39:28.0064 0x1448 FltMgr - ok
09:39:28.0091 0x1448 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
09:39:28.0114 0x1448 FontCache - ok
09:39:28.0120 0x1448 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:39:28.0121 0x1448 FontCache3.0.0.0 - ok
09:39:28.0126 0x1448 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:39:28.0127 0x1448 FsDepends - ok
09:39:28.0132 0x1448 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:39:28.0132 0x1448 Fs_Rec - ok
09:39:28.0140 0x1448 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:39:28.0144 0x1448 fvevol - ok
09:39:28.0149 0x1448 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:39:28.0151 0x1448 gagp30kx - ok
09:39:28.0156 0x1448 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:39:28.0157 0x1448 GEARAspiWDM - ok
09:39:28.0182 0x1448 [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
09:39:28.0201 0x1448 GfExperienceService - ok
09:39:28.0220 0x1448 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
09:39:28.0236 0x1448 gpsvc - ok
09:39:28.0241 0x1448 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:39:28.0242 0x1448 hcw85cir - ok
09:39:28.0251 0x1448 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:39:28.0258 0x1448 HdAudAddService - ok
09:39:28.0265 0x1448 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:39:28.0268 0x1448 HDAudBus - ok
09:39:28.0272 0x1448 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:39:28.0273 0x1448 HidBatt - ok
09:39:28.0279 0x1448 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:39:28.0281 0x1448 HidBth - ok
09:39:28.0286 0x1448 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:39:28.0288 0x1448 HidIr - ok
09:39:28.0292 0x1448 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
09:39:28.0294 0x1448 hidserv - ok
09:39:28.0301 0x1448 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:39:28.0303 0x1448 HidUsb - ok
09:39:28.0309 0x1448 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:39:28.0312 0x1448 hkmsvc - ok
09:39:28.0321 0x1448 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:39:28.0326 0x1448 HomeGroupListener - ok
09:39:28.0333 0x1448 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:39:28.0338 0x1448 HomeGroupProvider - ok
09:39:28.0344 0x1448 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
09:39:28.0346 0x1448 HpSAMD - ok
09:39:28.0351 0x1448 [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32 C:\Windows\system32\DRIVERS\HtcVComV64.sys
09:39:28.0366 0x1448 HtcVCom32 - ok
09:39:28.0383 0x1448 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:39:28.0397 0x1448 HTTP - ok
09:39:28.0402 0x1448 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:39:28.0403 0x1448 hwpolicy - ok
09:39:28.0408 0x1448 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
09:39:28.0411 0x1448 i8042prt - ok
09:39:28.0422 0x1448 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
09:39:28.0430 0x1448 iaStorV - ok
09:39:28.0450 0x1448 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:39:28.0466 0x1448 idsvc - ok
09:39:28.0471 0x1448 IEEtwCollectorService - ok
09:39:28.0475 0x1448 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:39:28.0477 0x1448 iirsp - ok
09:39:28.0496 0x1448 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
09:39:28.0512 0x1448 IKEEXT - ok
09:39:28.0591 0x1448 [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:39:28.0661 0x1448 IntcAzAudAddService - ok
09:39:28.0673 0x1448 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
09:39:28.0674 0x1448 intelide - ok
09:39:28.0679 0x1448 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:39:28.0680 0x1448 intelppm - ok
09:39:28.0686 0x1448 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:39:28.0688 0x1448 IPBusEnum - ok
09:39:28.0694 0x1448 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:39:28.0696 0x1448 IpFilterDriver - ok
09:39:28.0709 0x1448 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:39:28.0720 0x1448 iphlpsvc - ok
09:39:28.0726 0x1448 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
09:39:28.0728 0x1448 IPMIDRV - ok
09:39:28.0733 0x1448 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:39:28.0736 0x1448 IPNAT - ok
09:39:28.0751 0x1448 [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
09:39:28.0761 0x1448 iPod Service - ok
09:39:28.0766 0x1448 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:39:28.0767 0x1448 IRENUM - ok
09:39:28.0771 0x1448 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
09:39:28.0772 0x1448 isapnp - ok
09:39:28.0780 0x1448 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
09:39:28.0786 0x1448 iScsiPrt - ok
09:39:28.0790 0x1448 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:39:28.0792 0x1448 kbdclass - ok
09:39:28.0796 0x1448 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:39:28.0797 0x1448 kbdhid - ok
09:39:28.0801 0x1448 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] KeyIso C:\Windows\system32\lsass.exe
09:39:28.0802 0x1448 KeyIso - ok
09:39:28.0807 0x1448 [ A405647429DE231CD954D93F792CFBA2, EDE6095A20FE10EB26B3018457A44807A120508E6C514F2EAC12F5BA1F74841E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:39:28.0809 0x1448 KSecDD - ok
09:39:28.0817 0x1448 [ E4DC0909B5EACB5BF50F6252095BCFF2, 18779648B7FD9D3DFFD8F314E2197962DF98884CC9F025BC5D884984C1C0759D ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:39:28.0822 0x1448 KSecPkg - ok
09:39:28.0826 0x1448 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:39:28.0827 0x1448 ksthunk - ok
09:39:28.0836 0x1448 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
09:39:28.0845 0x1448 KtmRm - ok
09:39:28.0853 0x1448 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:39:28.0858 0x1448 LanmanServer - ok
09:39:28.0864 0x1448 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:39:28.0868 0x1448 LanmanWorkstation - ok
09:39:28.0873 0x1448 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
09:39:28.0874 0x1448 LGBusEnum - ok
09:39:28.0878 0x1448 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
09:39:28.0880 0x1448 LGSHidFilt - ok
09:39:28.0884 0x1448 [ 8F4DA100274CF85D94FBA8CA76125255, 1ADA7C36C915CB9BD41CF291F8E6990746A83F4D2ABCC5CAF765A3CE388BE5E5 ] LGSUsbFilt C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys
09:39:28.0885 0x1448 LGSUsbFilt - ok
09:39:28.0890 0x1448 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
09:39:28.0891 0x1448 LGVirHid - ok
09:39:28.0895 0x1448 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:39:28.0897 0x1448 lltdio - ok
09:39:28.0906 0x1448 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:39:28.0912 0x1448 lltdsvc - ok
09:39:28.0918 0x1448 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:39:28.0919 0x1448 lmhosts - ok
09:39:28.0926 0x1448 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:39:28.0928 0x1448 LSI_FC - ok
09:39:28.0934 0x1448 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:39:28.0936 0x1448 LSI_SAS - ok
09:39:28.0941 0x1448 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:39:28.0943 0x1448 LSI_SAS2 - ok
09:39:28.0948 0x1448 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:39:28.0951 0x1448 LSI_SCSI - ok
09:39:28.0956 0x1448 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
09:39:28.0959 0x1448 luafv - ok
09:39:28.0963 0x1448 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
09:39:28.0964 0x1448 MBAMProtector - ok
09:39:28.0988 0x1448 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
09:39:29.0009 0x1448 MBAMService - ok
09:39:29.0016 0x1448 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
09:39:29.0018 0x1448 MBAMWebAccessControl - ok
09:39:29.0023 0x1448 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:39:29.0025 0x1448 Mcx2Svc - ok
09:39:29.0029 0x1448 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:39:29.0031 0x1448 megasas - ok
09:39:29.0039 0x1448 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:39:29.0045 0x1448 MegaSR - ok
09:39:29.0050 0x1448 Microsoft SharePoint Workspace Audit Service - ok
09:39:29.0054 0x1448 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
09:39:29.0057 0x1448 MMCSS - ok
09:39:29.0061 0x1448 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
09:39:29.0062 0x1448 Modem - ok
09:39:29.0066 0x1448 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:39:29.0067 0x1448 monitor - ok
09:39:29.0071 0x1448 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:39:29.0072 0x1448 mouclass - ok
09:39:29.0077 0x1448 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:39:29.0078 0x1448 mouhid - ok
09:39:29.0083 0x1448 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:39:29.0086 0x1448 mountmgr - ok
09:39:29.0092 0x1448 [ CC11EEB7AF4617D65DF0E9A21FC1ABD0, A683A5FB26E1B9FB4EEB40A9C7186F8433E3FB0A45848DF6102EF07B4DC75AC8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:39:29.0095 0x1448 MozillaMaintenance - ok
09:39:29.0104 0x1448 [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
09:39:29.0109 0x1448 MpFilter - ok
09:39:29.0118 0x1448 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
09:39:29.0121 0x1448 mpio - ok
09:39:29.0126 0x1448 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:39:29.0128 0x1448 mpsdrv - ok
09:39:29.0147 0x1448 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:39:29.0163 0x1448 MpsSvc - ok
09:39:29.0171 0x1448 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:39:29.0175 0x1448 MRxDAV - ok
09:39:29.0181 0x1448 [ 43E1F4B0EFDC244D2A83995CCD7846F7, B8FB3CB6C736E20399AF3164197B14E977DDEC8FD164564501A328A8A3A30267 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:39:29.0185 0x1448 mrxsmb - ok
09:39:29.0194 0x1448 [ 62CEA59FF56B66154E08BD51D87392C2, 5DC63583E417659139FACD2365C2F8F3C9867E331F7374BD4F6C6E2386B5F746 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:39:29.0200 0x1448 mrxsmb10 - ok
09:39:29.0206 0x1448 [ 7D65B5E9573A26C204AA547457DBF544, CE88A733D031DEDBA6ADADB7D9911B3D151A2DDB566A65E0C9E1F07B1A4364AF ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:39:29.0209 0x1448 mrxsmb20 - ok
09:39:29.0215 0x1448 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
09:39:29.0216 0x1448 msahci - ok
09:39:29.0222 0x1448 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
09:39:29.0225 0x1448 msdsm - ok
09:39:29.0231 0x1448 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
09:39:29.0235 0x1448 MSDTC - ok
09:39:29.0242 0x1448 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:39:29.0243 0x1448 Msfs - ok
09:39:29.0246 0x1448 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:39:29.0247 0x1448 mshidkmdf - ok
09:39:29.0250 0x1448 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
09:39:29.0251 0x1448 msisadrv - ok
09:39:29.0257 0x1448 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:39:29.0261 0x1448 MSiSCSI - ok
09:39:29.0265 0x1448 msiserver - ok
09:39:29.0269 0x1448 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:39:29.0270 0x1448 MSKSSRV - ok
09:39:29.0273 0x1448 [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc C:\Program Files\Microsoft Security Client\MsMpEng.exe
09:39:29.0274 0x1448 MsMpSvc - ok
09:39:29.0277 0x1448 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:39:29.0278 0x1448 MSPCLOCK - ok
09:39:29.0282 0x1448 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:39:29.0282 0x1448 MSPQM - ok
09:39:29.0292 0x1448 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:39:29.0298 0x1448 MsRPC - ok
09:39:29.0305 0x1448 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
09:39:29.0306 0x1448 mssmbios - ok
09:39:29.0310 0x1448 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:39:29.0311 0x1448 MSTEE - ok
09:39:29.0315 0x1448 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:39:29.0316 0x1448 MTConfig - ok
09:39:29.0320 0x1448 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
09:39:29.0322 0x1448 Mup - ok
09:39:29.0334 0x1448 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
09:39:29.0344 0x1448 napagent - ok
09:39:29.0354 0x1448 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:39:29.0360 0x1448 NativeWifiP - ok
09:39:29.0383 0x1448 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
09:39:29.0400 0x1448 NDIS - ok
09:39:29.0405 0x1448 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:39:29.0407 0x1448 NdisCap - ok
09:39:29.0410 0x1448 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:39:29.0411 0x1448 NdisTapi - ok
09:39:29.0416 0x1448 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:39:29.0418 0x1448 Ndisuio - ok
09:39:29.0424 0x1448 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:39:29.0428 0x1448 NdisWan - ok
09:39:29.0433 0x1448 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:39:29.0434 0x1448 NDProxy - ok
09:39:29.0438 0x1448 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:39:29.0440 0x1448 NetBIOS - ok
09:39:29.0448 0x1448 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:39:29.0453 0x1448 NetBT - ok
09:39:29.0457 0x1448 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] Netlogon C:\Windows\system32\lsass.exe
09:39:29.0458 0x1448 Netlogon - ok
09:39:29.0467 0x1448 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
09:39:29.0475 0x1448 Netman - ok
09:39:29.0481 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:29.0487 0x1448 NetMsmqActivator - ok
09:39:29.0492 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:29.0494 0x1448 NetPipeActivator - ok
09:39:29.0506 0x1448 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
09:39:29.0516 0x1448 netprofm - ok
09:39:29.0522 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:29.0524 0x1448 NetTcpActivator - ok
09:39:29.0529 0x1448 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:39:29.0532 0x1448 NetTcpPortSharing - ok
09:39:29.0536 0x1448 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:39:29.0538 0x1448 nfrd960 - ok
09:39:29.0543 0x1448 [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:39:29.0546 0x1448 NisDrv - ok
09:39:29.0555 0x1448 [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv C:\Program Files\Microsoft Security Client\NisSrv.exe
09:39:29.0561 0x1448 NisSrv - ok
09:39:29.0570 0x1448 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
09:39:29.0577 0x1448 NlaSvc - ok
09:39:29.0581 0x1448 [ DE7FCC77F4A503AF4CA6A47D49B3713D, 4BFAA99393F635CD05D91A64DE73EDB5639412C129E049F0FE34F88517A10FC6 ] NPF C:\Windows\system32\drivers\npf.sys
09:39:29.0593 0x1448 NPF - ok
09:39:29.0598 0x1448 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:39:29.0599 0x1448 Npfs - ok
09:39:29.0603 0x1448 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
09:39:29.0604 0x1448 nsi - ok
09:39:29.0608 0x1448 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:39:29.0609 0x1448 nsiproxy - ok
09:39:29.0645 0x1448 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:39:29.0672 0x1448 Ntfs - ok
09:39:29.0678 0x1448 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
09:39:29.0678 0x1448 Null - ok
09:39:29.0685 0x1448 [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:39:29.0705 0x1448 NVHDA - ok
09:39:29.0907 0x1448 [ DF2213CF2DD81B790B85541D138D93C7, F00AC7991770C22C89C891009CFDCA3A445279235389F67B6412DBE468D70F5F ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:39:30.0125 0x1448 nvlddmkm - ok
09:39:30.0182 0x1448 [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:39:30.0211 0x1448 NvNetworkService - ok
09:39:30.0221 0x1448 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
09:39:30.0224 0x1448 nvraid - ok
09:39:30.0230 0x1448 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
09:39:30.0234 0x1448 nvstor - ok
09:39:30.0238 0x1448 [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
09:39:30.0252 0x1448 NvStreamKms - ok
09:39:30.0356 0x1448 [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
09:39:30.0443 0x1448 NvStreamSvc - ok
09:39:30.0472 0x1448 [ F029A2C032B4A50DEBB21312CFF76189, F47F0FC39AF6DFC8A9A3F0A486357BE76B8BD0753135B567FDB6E213D11893FD ] nvsvc C:\Windows\system32\nvvsvc.exe
09:39:30.0487 0x1448 nvsvc - ok
09:39:30.0493 0x1448 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
09:39:30.0508 0x1448 nvvad_WaveExtensible - ok
09:39:30.0515 0x1448 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
09:39:30.0518 0x1448 nv_agp - ok
09:39:30.0523 0x1448 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
09:39:30.0525 0x1448 ohci1394 - ok
09:39:30.0530 0x1448 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:39:30.0534 0x1448 ose - ok
09:39:30.0626 0x1448 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:39:30.0702 0x1448 osppsvc - ok
09:39:30.0723 0x1448 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:39:30.0731 0x1448 p2pimsvc - ok
09:39:30.0742 0x1448 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
09:39:30.0751 0x1448 p2psvc - ok
09:39:30.0757 0x1448 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:39:30.0759 0x1448 Parport - ok
09:39:30.0764 0x1448 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:39:30.0766 0x1448 partmgr - ok
09:39:30.0772 0x1448 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:39:30.0777 0x1448 PcaSvc - ok
09:39:30.0784 0x1448 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
09:39:30.0788 0x1448 pci - ok
09:39:30.0792 0x1448 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
09:39:30.0793 0x1448 pciide - ok
09:39:30.0800 0x1448 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:39:30.0805 0x1448 pcmcia - ok
09:39:30.0809 0x1448 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
09:39:30.0810 0x1448 pcw - ok
09:39:30.0829 0x1448 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:39:30.0842 0x1448 PEAUTH - ok
09:39:30.0871 0x1448 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
09:39:30.0896 0x1448 PeerDistSvc - ok
09:39:30.0911 0x1448 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:39:30.0929 0x1448 PerfHost - ok
09:39:30.0962 0x1448 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
09:39:30.0988 0x1448 pla - ok
09:39:31.0001 0x1448 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:39:31.0010 0x1448 PlugPlay - ok
09:39:31.0015 0x1448 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:39:31.0017 0x1448 PNRPAutoReg - ok
09:39:31.0026 0x1448 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:39:31.0032 0x1448 PNRPsvc - ok
09:39:31.0045 0x1448 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:39:31.0055 0x1448 PolicyAgent - ok
09:39:31.0064 0x1448 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
09:39:31.0068 0x1448 Power - ok
09:39:31.0074 0x1448 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:39:31.0077 0x1448 PptpMiniport - ok
09:39:31.0081 0x1448 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:39:31.0083 0x1448 Processor - ok
09:39:31.0090 0x1448 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
09:39:31.0095 0x1448 ProfSvc - ok
09:39:31.0099 0x1448 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:39:31.0101 0x1448 ProtectedStorage - ok
09:39:31.0106 0x1448 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:39:31.0109 0x1448 Psched - ok
09:39:31.0141 0x1448 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:39:31.0169 0x1448 ql2300 - ok
09:39:31.0177 0x1448 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:39:31.0180 0x1448 ql40xx - ok
09:39:31.0188 0x1448 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
09:39:31.0194 0x1448 QWAVE - ok
09:39:31.0198 0x1448 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:39:31.0200 0x1448 QWAVEdrv - ok
09:39:31.0203 0x1448 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:39:31.0204 0x1448 RasAcd - ok
09:39:31.0208 0x1448 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:39:31.0210 0x1448 RasAgileVpn - ok
09:39:31.0216 0x1448 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
09:39:31.0219 0x1448 RasAuto - ok
09:39:31.0225 0x1448 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:39:31.0228 0x1448 Rasl2tp - ok
09:39:31.0238 0x1448 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
09:39:31.0245 0x1448 RasMan - ok
09:39:31.0251 0x1448 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:39:31.0253 0x1448 RasPppoe - ok
09:39:31.0258 0x1448 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:39:31.0260 0x1448 RasSstp - ok
09:39:31.0269 0x1448 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:39:31.0276 0x1448 rdbss - ok
09:39:31.0280 0x1448 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:39:31.0281 0x1448 rdpbus - ok
09:39:31.0285 0x1448 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:39:31.0286 0x1448 RDPCDD - ok
09:39:31.0294 0x1448 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
09:39:31.0297 0x1448 RDPDR - ok
09:39:31.0301 0x1448 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:39:31.0302 0x1448 RDPENCDD - ok
09:39:31.0307 0x1448 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:39:31.0308 0x1448 RDPREFMP - ok
09:39:31.0316 0x1448 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:39:31.0317 0x1448 RdpVideoMiniport - ok
09:39:31.0327 0x1448 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:39:31.0331 0x1448 RDPWD - ok
09:39:31.0338 0x1448 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:39:31.0342 0x1448 rdyboost - ok
09:39:31.0347 0x1448 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:39:31.0351 0x1448 RemoteAccess - ok
09:39:31.0357 0x1448 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:39:31.0361 0x1448 RemoteRegistry - ok
09:39:31.0365 0x1448 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
09:39:31.0367 0x1448 RimUsb - ok
09:39:31.0371 0x1448 [ 83A6C2CAFE236652D1559640594A0EA8, 52360F17C9C70C9CEA3316560B40C4D89FD705ED7E6B6088C99FC54D4CC35EB5 ] rpcapd C:\Program Files (x86)\WinPcap\rpcapd.exe
09:39:31.0409 0x1448 rpcapd - ok
09:39:31.0414 0x1448 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:39:31.0417 0x1448 RpcEptMapper - ok
09:39:31.0420 0x1448 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
09:39:31.0422 0x1448 RpcLocator - ok
09:39:31.0434 0x1448 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
09:39:31.0443 0x1448 RpcSs - ok
09:39:31.0448 0x1448 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:39:31.0450 0x1448 rspndr - ok
09:39:31.0467 0x1448 [ 3713DACCA1025B05A6343104112708D9, 77830F361775166ED2408CFF9F0DBEDFF225895DD0FAC93F3DC5FFD8DBE0ED2B ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:39:31.0480 0x1448 RTL8167 - ok
09:39:31.0485 0x1448 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
09:39:31.0486 0x1448 s3cap - ok
09:39:31.0489 0x1448 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] SamSs C:\Windows\system32\lsass.exe
09:39:31.0491 0x1448 SamSs - ok
09:39:31.0496 0x1448 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
09:39:31.0498 0x1448 sbp2port - ok
09:39:31.0505 0x1448 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:39:31.0510 0x1448 SCardSvr - ok
09:39:31.0514 0x1448 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:39:31.0516 0x1448 scfilter - ok
09:39:31.0539 0x1448 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
09:39:31.0559 0x1448 Schedule - ok
09:39:31.0566 0x1448 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
09:39:31.0567 0x1448 SCPolicySvc - ok
09:39:31.0574 0x1448 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:39:31.0579 0x1448 SDRSVC - ok
09:39:31.0583 0x1448 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:39:31.0584 0x1448 secdrv - ok
09:39:31.0588 0x1448 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
09:39:31.0591 0x1448 seclogon - ok
09:39:31.0595 0x1448 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
09:39:31.0597 0x1448 SENS - ok
09:39:31.0601 0x1448 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:39:31.0603 0x1448 SensrSvc - ok
09:39:31.0607 0x1448 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:39:31.0608 0x1448 Serenum - ok
09:39:31.0613 0x1448 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:39:31.0615 0x1448 Serial - ok
09:39:31.0619 0x1448 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:39:31.0621 0x1448 sermouse - ok
09:39:31.0632 0x1448 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
09:39:31.0636 0x1448 SessionEnv - ok
09:39:31.0641 0x1448 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:39:31.0642 0x1448 sffdisk - ok
09:39:31.0646 0x1448 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:39:31.0647 0x1448 sffp_mmc - ok
09:39:31.0650 0x1448 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:39:31.0651 0x1448 sffp_sd - ok
09:39:31.0656 0x1448 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:39:31.0657 0x1448 sfloppy - ok
09:39:31.0667 0x1448 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:39:31.0674 0x1448 SharedAccess - ok
09:39:31.0684 0x1448 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:39:31.0692 0x1448 ShellHWDetection - ok
09:39:31.0697 0x1448 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:39:31.0698 0x1448 SiSRaid2 - ok
09:39:31.0703 0x1448 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:39:31.0705 0x1448 SiSRaid4 - ok
09:39:31.0714 0x1448 [ A9C057A9463C25490CF99EA8DF8A4B35, 8F4D1C40D0F17EDBF84ED455B8946F782C7552383F0A07E410A9B6CFF7F51D63 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:39:31.0720 0x1448 SkypeUpdate - ok
09:39:31.0726 0x1448 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:39:31.0728 0x1448 Smb - ok
09:39:31.0735 0x1448 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:39:31.0737 0x1448 SNMPTRAP - ok
09:39:31.0743 0x1448 [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
09:39:31.0776 0x1448 Sony PC Companion - ok
09:39:31.0780 0x1448 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
09:39:31.0780 0x1448 spldr - ok
09:39:31.0794 0x1448 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
09:39:31.0805 0x1448 Spooler - ok
09:39:31.0873 0x1448 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
09:39:31.0939 0x1448 sppsvc - ok
09:39:31.0950 0x1448 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:39:31.0952 0x1448 sppuinotify - ok
09:39:31.0964 0x1448 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:39:31.0973 0x1448 srv - ok
09:39:31.0984 0x1448 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:39:31.0992 0x1448 srv2 - ok
09:39:32.0000 0x1448 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:39:32.0004 0x1448 srvnet - ok
09:39:32.0011 0x1448 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:39:32.0016 0x1448 SSDPSRV - ok
09:39:32.0021 0x1448 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:39:32.0024 0x1448 SstpSvc - ok
09:39:32.0041 0x1448 [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:39:32.0055 0x1448 Steam Client Service - ok
09:39:32.0067 0x1448 [ 89123DFAC7E1E6E664D19622D135571B, 6870050EA5B4C0E9091C87FC42767BAD84E726FEC43DB989CE35650ABF9ED09E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:39:32.0073 0x1448 Stereo Service - ok
09:39:32.0077 0x1448 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:39:32.0079 0x1448 stexstor - ok
09:39:32.0092 0x1448 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
09:39:32.0104 0x1448 stisvc - ok
09:39:32.0109 0x1448 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
09:39:32.0111 0x1448 storflt - ok
09:39:32.0114 0x1448 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
09:39:32.0117 0x1448 StorSvc - ok
09:39:32.0121 0x1448 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
09:39:32.0122 0x1448 storvsc - ok
09:39:32.0126 0x1448 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
09:39:32.0127 0x1448 swenum - ok
09:39:32.0139 0x1448 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
09:39:32.0149 0x1448 swprv - ok
09:39:32.0185 0x1448 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
09:39:32.0217 0x1448 SysMain - ok
09:39:32.0225 0x1448 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:39:32.0228 0x1448 TabletInputService - ok
09:39:32.0238 0x1448 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
09:39:32.0245 0x1448 TapiSrv - ok
09:39:32.0250 0x1448 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
09:39:32.0253 0x1448 TBS - ok
09:39:32.0290 0x1448 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:39:32.0325 0x1448 Tcpip - ok
09:39:32.0365 0x1448 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:39:32.0394 0x1448 TCPIP6 - ok
09:39:32.0404 0x1448 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:39:32.0405 0x1448 tcpipreg - ok
09:39:32.0410 0x1448 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:39:32.0411 0x1448 TDPIPE - ok
09:39:32.0415 0x1448 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:39:32.0416 0x1448 TDTCP - ok
09:39:32.0422 0x1448 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:39:32.0424 0x1448 tdx - ok
09:39:32.0429 0x1448 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
09:39:32.0431 0x1448 TermDD - ok
09:39:32.0447 0x1448 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
09:39:32.0459 0x1448 TermService - ok
09:39:32.0465 0x1448 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
09:39:32.0467 0x1448 Themes - ok
09:39:32.0472 0x1448 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
09:39:32.0474 0x1448 THREADORDER - ok
09:39:32.0480 0x1448 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
09:39:32.0484 0x1448 TrkWks - ok
09:39:32.0490 0x1448 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:39:32.0494 0x1448 TrustedInstaller - ok
09:39:32.0500 0x1448 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:39:32.0501 0x1448 tssecsrv - ok
09:39:32.0506 0x1448 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
09:39:32.0508 0x1448 TsUsbFlt - ok
09:39:32.0513 0x1448 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:39:32.0517 0x1448 tunnel - ok
09:39:32.0522 0x1448 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:39:32.0524 0x1448 uagp35 - ok
09:39:32.0533 0x1448 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:39:32.0539 0x1448 udfs - ok
09:39:32.0547 0x1448 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:39:32.0549 0x1448 UI0Detect - ok
09:39:32.0554 0x1448 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
09:39:32.0556 0x1448 uliagpkx - ok
09:39:32.0560 0x1448 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
09:39:32.0561 0x1448 umbus - ok
09:39:32.0564 0x1448 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:39:32.0566 0x1448 UmPass - ok
09:39:32.0573 0x1448 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
09:39:32.0578 0x1448 UmRdpService - ok
09:39:32.0589 0x1448 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
09:39:32.0597 0x1448 upnphost - ok
09:39:32.0604 0x1448 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:39:32.0607 0x1448 usbccgp - ok
09:39:32.0612 0x1448 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
09:39:32.0615 0x1448 usbcir - ok
09:39:32.0620 0x1448 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:39:32.0621 0x1448 usbehci - ok
09:39:32.0625 0x1448 [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
09:39:32.0627 0x1448 usbfilter - ok
09:39:32.0637 0x1448 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:39:32.0644 0x1448 usbhub - ok
09:39:32.0649 0x1448 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:39:32.0650 0x1448 usbohci - ok
09:39:32.0654 0x1448 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:39:32.0656 0x1448 usbprint - ok
09:39:32.0660 0x1448 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:39:32.0663 0x1448 USBSTOR - ok
09:39:32.0667 0x1448 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
09:39:32.0668 0x1448 usbuhci - ok
09:39:32.0672 0x1448 [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
09:39:32.0673 0x1448 usb_rndisx - ok
09:39:32.0677 0x1448 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
09:39:32.0680 0x1448 UxSms - ok
09:39:32.0683 0x1448 [ FDD980360C9D72DA77F4C59376AE95C9, A5C1BCFBCCD031A24BD87D6A193F595B45EA5AC9FEBC198F552EED60AB75238E ] VaultSvc C:\Windows\system32\lsass.exe
09:39:32.0685 0x1448 VaultSvc - ok
09:39:32.0688 0x1448 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
09:39:32.0689 0x1448 vdrvroot - ok
09:39:32.0703 0x1448 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
09:39:32.0714 0x1448 vds - ok
09:39:32.0719 0x1448 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:39:32.0720 0x1448 vga - ok
09:39:32.0723 0x1448 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
09:39:32.0725 0x1448 VgaSave - ok
09:39:32.0732 0x1448 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
09:39:32.0736 0x1448 vhdmp - ok
09:39:32.0740 0x1448 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
09:39:32.0741 0x1448 viaide - ok
09:39:32.0749 0x1448 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
09:39:32.0753 0x1448 vmbus - ok
09:39:32.0758 0x1448 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
09:39:32.0759 0x1448 VMBusHID - ok
09:39:32.0764 0x1448 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
09:39:32.0767 0x1448 volmgr - ok
09:39:32.0778 0x1448 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:39:32.0785 0x1448 volmgrx - ok
09:39:32.0795 0x1448 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\Windows\system32\drivers\volsnap.sys
09:39:32.0801 0x1448 volsnap - ok
09:39:32.0808 0x1448 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:39:32.0811 0x1448 vsmraid - ok
09:39:32.0846 0x1448 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
09:39:32.0876 0x1448 VSS - ok
09:39:32.0883 0x1448 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:39:32.0884 0x1448 vwifibus - ok
09:39:32.0894 0x1448 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
09:39:32.0903 0x1448 W32Time - ok
09:39:32.0909 0x1448 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:39:32.0910 0x1448 WacomPen - ok
09:39:32.0916 0x1448 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:39:32.0919 0x1448 WANARP - ok
09:39:32.0923 0x1448 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:39:32.0925 0x1448 Wanarpv6 - ok
09:39:32.0951 0x1448 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
09:39:32.0975 0x1448 WatAdminSvc - ok
09:39:33.0007 0x1448 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
09:39:33.0036 0x1448 wbengine - ok
09:39:33.0046 0x1448 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:39:33.0051 0x1448 WbioSrvc - ok
09:39:33.0061 0x1448 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:39:33.0069 0x1448 wcncsvc - ok
09:39:33.0074 0x1448 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:39:33.0077 0x1448 WcsPlugInService - ok
09:39:33.0080 0x1448 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:39:33.0082 0x1448 Wd - ok
09:39:33.0099 0x1448 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:39:33.0115 0x1448 Wdf01000 - ok
09:39:33.0122 0x1448 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:39:33.0125 0x1448 WdiServiceHost - ok
09:39:33.0129 0x1448 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:39:33.0132 0x1448 WdiSystemHost - ok
09:39:33.0140 0x1448 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
09:39:33.0147 0x1448 WebClient - ok
09:39:33.0155 0x1448 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:39:33.0161 0x1448 Wecsvc - ok
09:39:33.0167 0x1448 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:39:33.0170 0x1448 wercplsupport - ok
09:39:33.0175 0x1448 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
09:39:33.0178 0x1448 WerSvc - ok
09:39:33.0182 0x1448 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:39:33.0183 0x1448 WfpLwf - ok
09:39:33.0187 0x1448 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:39:33.0188 0x1448 WIMMount - ok
09:39:33.0191 0x1448 WinDefend - ok
09:39:33.0197 0x1448 WinHttpAutoProxySvc - ok
09:39:33.0207 0x1448 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:39:33.0212 0x1448 Winmgmt - ok
09:39:33.0255 0x1448 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
09:39:33.0293 0x1448 WinRM - ok
09:39:33.0304 0x1448 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
09:39:33.0306 0x1448 WinUsb - ok
09:39:33.0325 0x1448 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
09:39:33.0345 0x1448 Wlansvc - ok
09:39:33.0351 0x1448 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
09:39:33.0352 0x1448 WmiAcpi - ok
09:39:33.0360 0x1448 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:39:33.0364 0x1448 wmiApSrv - ok
09:39:33.0368 0x1448 WMPNetworkSvc - ok
09:39:33.0373 0x1448 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:39:33.0376 0x1448 WPCSvc - ok
09:39:33.0381 0x1448 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:39:33.0385 0x1448 WPDBusEnum - ok
09:39:33.0389 0x1448 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:39:33.0390 0x1448 ws2ifsl - ok
09:39:33.0395 0x1448 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
09:39:33.0399 0x1448 wscsvc - ok
09:39:33.0402 0x1448 WSearch - ok
09:39:33.0455 0x1448 [ 39D604E190DFE2E483B637D6796ABAFF, 52DCCEA0DB59F00C615D94CC2B70FC1C335E553E8FC79AAC8C8C7D9EE1F6111D ] wuauserv C:\Windows\system32\wuaueng.dll
09:39:33.0503 0x1448 wuauserv - ok
09:39:33.0514 0x1448 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:39:33.0517 0x1448 WudfPf - ok
09:39:33.0524 0x1448 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:39:33.0528 0x1448 WUDFRd - ok
09:39:33.0534 0x1448 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:39:33.0537 0x1448 wudfsvc - ok
09:39:33.0545 0x1448 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
09:39:33.0551 0x1448 WwanSvc - ok
09:39:33.0558 0x1448 [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21 C:\Windows\system32\DRIVERS\xusb21.sys
09:39:33.0560 0x1448 xusb21 - ok
09:39:33.0564 0x1448 ================ Scan global ===============================
09:39:33.0568 0x1448 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
09:39:33.0575 0x1448 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
09:39:33.0587 0x1448 [ 8927015C999D55D9B4AC66000EE5343D, 2AC4896880BAD44192822063A31785F4A716D992201B3E6A590A2D75D9729A4A ] C:\Windows\system32\winsrv.dll
09:39:33.0594 0x1448 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:39:33.0604 0x1448 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
09:39:33.0611 0x1448 [ Global ] - ok
09:39:33.0612 0x1448 ================ Scan MBR ==================================
09:39:33.0616 0x1448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:39:33.0652 0x1448 \Device\Harddisk0\DR0 - ok
09:39:33.0657 0x1448 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
09:39:33.0663 0x1448 \Device\Harddisk1\DR1 - ok
09:39:33.0666 0x1448 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
09:39:33.0672 0x1448 \Device\Harddisk2\DR2 - ok
09:39:33.0672 0x1448 ================ Scan VBR ==================================
09:39:33.0674 0x1448 [ 2C9AD7F5AC641DE50C6214502F68DBF6 ] \Device\Harddisk0\DR0\Partition1
09:39:33.0676 0x1448 \Device\Harddisk0\DR0\Partition1 - ok
09:39:33.0678 0x1448 [ A42FC818EB0D44A261FC34DEC434FE33 ] \Device\Harddisk0\DR0\Partition2
09:39:33.0679 0x1448 \Device\Harddisk0\DR0\Partition2 - ok
09:39:33.0682 0x1448 [ 061747AD70A545B698D850D28C58BBC5 ] \Device\Harddisk1\DR1\Partition1
09:39:33.0683 0x1448 \Device\Harddisk1\DR1\Partition1 - ok
09:39:33.0683 0x1448 ================ Scan generic autorun ======================
09:39:33.0710 0x1448 [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
09:39:33.0730 0x1448 MSC - ok
09:39:33.0736 0x1448 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
09:39:33.0739 0x1448 Logitech Download Assistant - ok
09:39:33.0880 0x1448 [ 2C1AF8733700FF54C48187797809DC35, AB8BD1BFAF4AB981EB98DDAF357EA77DFC1F434DD7DBDB5DB46649A794F8A309 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
09:39:33.0992 0x1448 RTHDVCPL - ok
09:39:34.0031 0x1448 [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
09:39:34.0052 0x1448 RtHDVBg_DTS - ok
09:39:34.0080 0x1448 [ 085F5BBF39AE3840D8C2F0C0D9A75FDA, 0CB8791DE9C411D073329D437FE44451FD5C88457A31D0AF6C0A74462F7B3639 ] C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
09:39:34.0098 0x1448 XMouseButtonControl - ok
09:39:34.0342 0x1448 [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
09:39:34.0529 0x1448 Launch LCore - ok
09:39:34.0601 0x1448 [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:39:34.0640 0x1448 NvBackend - ok
09:39:34.0647 0x1448 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
09:39:34.0649 0x1448 ShadowPlay - ok
09:39:34.0655 0x1448 [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
09:39:34.0658 0x1448 iTunesHelper - ok
09:39:34.0663 0x1448 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
09:39:34.0665 0x1448 BCSSync - ok
09:39:34.0675 0x1448 [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:39:34.0680 0x1448 SunJavaUpdateSched - ok
09:39:34.0705 0x1448 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:39:34.0725 0x1448 Sidebar - ok
09:39:34.0731 0x1448 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:39:34.0734 0x1448 mctadmin - ok
09:39:34.0758 0x1448 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
09:39:34.0776 0x1448 Sidebar - ok
09:39:34.0782 0x1448 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
09:39:34.0784 0x1448 mctadmin - ok
09:39:34.0955 0x1448 [ DD10768742B870B0797F08A4482381BB, A5DCE9DFC0A04F8CB826F0F411E7CF242A3C50302F3D3A84D72F02E1A1943A68 ] C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
09:39:35.0085 0x1448 DisplayFusion - ok
09:39:35.0110 0x1448 [ 362A07AA3055C61F386C807C56BC8F97, 690506ED7D09EF13DE7719E08B9B1980A0B5427B394E508430FC6E68453BF5C1 ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
09:39:35.0118 0x1448 Sony PC Companion - ok
09:39:35.0123 0x1448 [ 7C6D524C78A1722AD987B9E47AC1FEE2, FFDC6C92ABB547D0DCD2621EC423C755A78079B061A41FA1751A56799D1A79A5 ] C:\Users\Huynh Anh Dung\AppData\Local\Dropbox\Update\DropboxUpdate.exe
09:39:35.0156 0x1448 Dropbox Update - ok
09:39:35.0157 0x1448 Waiting for KSN requests completion. In queue: 254
09:39:36.0157 0x1448 Waiting for KSN requests completion. In queue: 254
09:39:37.0157 0x1448 Waiting for KSN requests completion. In queue: 254
09:39:38.0165 0x1448 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
09:39:38.0168 0x1448 Win FW state via NFP2: enabled ( trusted )
09:39:40.0857 0x1448 ============================================================
09:39:40.0857 0x1448 Scan finished
09:39:40.0857 0x1448 ============================================================
09:39:40.0866 0x1fc4 Detected object count: 0
09:39:40.0866 0x1fc4 Actual detected object count: 0
|
|
11.09.2015, 18:25
| #7 |
| /// the machine /// TB-Ausbilder | WEB.de Mails werden ungewollt verschickt Werden immer noch Mails verschickt?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.09.2015, 19:16
| #8 |
| | WEB.de Mails werden ungewollt verschickt Hi Schrauber, nachdem ich das Handy gewechselt habe (hatte ich eh schon vor) und das Passwort neu gesetzt habe, scheint es aufgehört zu haben. Hab den Mail Account auf dem neuen Handy mit neuem PW eingerichtet und PW vom Mailaccount auch auf dem sauberen Geschäftslaptop geändert Will nur sicher gehen, dass nicht noch was auf meinem Rechner ist. Aber alle Scans scheinen zumindes für meinen Amateurblick sauber zu sein? Kann es sein dass das Handy schuld war? Oder wurde mein Mail PW geknackt? Vielen Dank schon mal für die Hilfe / Unterstützung. Viele Grüße uNh0Ly |
|
12.09.2015, 13:29
| #9 |
| /// the machine /// TB-Ausbilder | WEB.de Mails werden ungewollt verschickt Das PW wurde gehackt denke ich. Rechner ist sauber 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu WEB.de Mails werden ungewollt verschickt |
| adresse, code, eset, essen, freunde, geändert, hallo zusammen, handy, leute, mails, malwarebytes, microsoft, microsoft essentials, namen, network, online, outlook, passwort, privates, rechner, scan, scanner, ungewollt, ups, verschickt, zusammen |
Linear-Darstellung
