| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Versuchte Zugriffe auf AccountsWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
16.02.2016, 00:01
| #1 |
| |  Versuchte Zugriffe auf Accounts Hallo, Ich habe in den letzten Tagen Mails von Microsoft und von Amazon bekommen, dass versucht wurde etwas an meinem Account zu ändern. Ausserdem hatte ich das Gefühl, dass sich mein PC plötzlich anders verhält (Beispiel: beide Monitore wurden kurz schwarz - wie bei einem Wackelkontakt des Kabels) Vielen Dank schon einmal im Voraus für eure Arbeit hier.  |
|
16.02.2016, 00:15
| #2 |
| /// Malwareteam   | Versuchte Zugriffe auf Accounts Mein Name ist Rafael und ich werde dir helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Also den Zusammenhang zwischen Upload und deinem Ping musst du jetzt nochmal erklären... Es ist normal, dass wenn deine Verbindung voll ausgelastet ist (typischerweise erreicht man das durch das Hochladen einer Datei, da die Upload Rate deines Anschlusses meist signifikant niedriger ist als der Download) andere Verbindungen, beeinträchtigt sein können. Hast du ungewöhnlichen Upload von deinem Rechner? Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
17.02.2016, 15:14
| #3 | |
| | Versuchte Zugriffe auf AccountsZitat:
bist du sicher, dass du mir diese Antwort geben wolltest ? Ich habe gar kein Ping-Problem. Der liegt bei mir bei 50-60 und das ist bei mir auf dem Land mit LTE ok. |
|
17.02.2016, 15:30
| #4 |
| /// Malwareteam | Versuchte Zugriffe auf Accounts Hi Dirk123, nein sorry dieser Text war nicht zu dir gemeint, Entschuldigung  Die beiden anderen Punkte passen aber Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
18.02.2016, 17:02
| #5 |
| | FRST hehe - alles klar. Hier die FRST.log Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-02-2016
durchgeführt von ElPanso (Administrator) auf PANSO-DESK (18-02-2016 16:47:54)
Gestartet von C:\Users\ElPanso\Desktop
Geladene Profile: ElPanso (Verfügbare Profile: ElPanso)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hi-Rez Studios) I:\Smite\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
(Sophos Limited) C:\Program Files (x86)\Common Files\Sophos\Web Intelligence\swi_fc.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(H+H Software GmbH) C:\Program Files (x86)\Virtual CD v10\System\vc10tray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [CmPCIaudio] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-08-13] (Apple Inc.)
HKLM-x32\...\Run: [RoccatKone+] => C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE [557056 2013-10-25] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1593640 2015-03-03] (Sophos Limited)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [VC10Player] => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe [406896 2014-12-15] (H+H Software GmbH)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [304568 2010-10-12] (Citrix Systems, Inc.)
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\Run: [Spotify Web Helper] => C:\Users\ElPanso\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2355312 2016-01-31] (Spotify Ltd)
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\Run: [Akamai NetSession Interface] => C:\Users\ElPanso\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\Run: [Dropbox Update] => C:\Users\ElPanso\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-23] (Dropbox, Inc.)
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\MountPoints2: {b0712736-0b79-11e5-8296-0026832fa477} - "M:\LaunchU3.exe" -a
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\MountPoints2: {d3794428-f32f-11e4-828e-806e6f6e6963} - "J:\start.exe" /auto
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation)
AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [217672 2015-01-15] (Sophos Limited)
AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [275352 2015-01-15] (Sophos Limited)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt.28.dll [2015-12-08] (Dropbox, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2015-03-03]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2014-12-07]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 192.168.56.101 awesome.dev
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{670C4E98-7DC5-48AE-AFB8-ACA245153399}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Tcpip\..\Interfaces\{DA072817-296F-45E5-B09B-A329FD78BC5B}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{DA35EE27-E09E-489E-B67A-80B3EC875860}: [DhcpNameServer] 192.168.1.1 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-08-31] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2016-01-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-08-31] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/DE/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2010-10-12] (Citrix Systems, Inc.)
FireFox:
========
FF ProfilePath: C:\Users\ElPanso\AppData\Roaming\Mozilla\Firefox\Profiles\ss244mbr.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-09] ()
FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-08-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-08-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-09] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-07-30] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4244265928-1459068472-2964796402-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ElPanso\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4244265928-1459068472-2964796402-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-10-08] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll [2010-10-12] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll [2010-10-12] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll [2010-07-14] (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll [2010-10-12] (Citrix Systems, Inc.)
Chrome:
=======
CHR Profile: C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-04]
CHR Extension: (Google Drive) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (Turn Off the Lights) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2016-02-11]
CHR Extension: (YouTube) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Google-Suche) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Google Docs Offline) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (AdBlock) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-17]
CHR Extension: (Fiery Music) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnmfeiddljnkcdgcfcfhpenipgmaocon [2014-04-28]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-27]
CHR Extension: (Google Mail) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (RSS Feed Reader) - C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2015-12-14]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
"vdrv1000" => Dienst wurde entsperrt. <===== ACHTUNG
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-10-30] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-10-09] (BitRaider, LLC)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [174112 2014-11-30] (EasyAntiCheat Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
U2 HiPatchService; I:\Smite\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 HPSLPSVC; C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1039360 2011-08-18] (Hewlett-Packard Co.) [Datei ist nicht signiert]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-11] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-12-31] ()
R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [288552 2014-05-20] (Sophos Limited)
R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [208168 2014-10-15] (Sophos Limited)
R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [340776 2015-03-03] (Sophos Limited)
R2 Sophos Web Control Service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe [341800 2014-10-15] (Sophos Limited)
R2 swi_filter; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe [300840 2015-01-15] (Sophos Limited)
R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3274536 2015-01-15] (Sophos Limited)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5436176 2015-02-17] (TeamViewer GmbH)
R2 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [147312 2014-12-15] (H+H Software GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices) [Datei ist nicht signiert]
S3 atillk64; C:\Users\ElPanso\Desktop\WinFlash_2.6.7\WinFlash_2.6.7\atillk64.sys [14608 2006-07-19] (ATI Technologies Inc.)
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-10-09] (BitRaider)
S3 cmuda3; C:\Windows\system32\drivers\cmudax3.sys [3848192 2012-09-04] (C-Media Inc)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
S3 LADF_BakerCOnly; C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys [410184 2011-03-18] (Logitech)
S3 LADF_BakerROnly; C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys [335688 2011-03-18] (Logitech)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 lgLowAudio; C:\Windows\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.)
S3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [161024 2014-10-15] (Sophos Limited)
S3 sdcfilter; C:\Windows\system32\DRIVERS\sdcfilter.sys [38144 2014-05-20] (Sophos Limited)
S4 SophosBootDriver; C:\Windows\system32\DRIVERS\SophosBootDriver.sys [27904 2014-05-20] (Sophos Limited)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [51400 2016-01-28] (SteelSeries ApS)
R1 swi_callout; C:\Windows\system32\DRIVERS\swi_callout.sys [32512 2015-04-16] (Sophos Limited)
R1 vdrv1000; C:\Windows\System32\drivers\vdrv1000.sys [226080 2012-12-06] (H+H Software GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 HH10Help.sys; \??\C:\Windows\system32\drivers\HH10Help.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-18 16:47 - 2016-02-18 16:48 - 00029124 _____ C:\Users\ElPanso\Desktop\FRST.txt
2016-02-18 16:47 - 2016-02-18 16:47 - 00000000 ____D C:\FRST
2016-02-18 16:44 - 2016-02-18 16:45 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\ElPanso\Desktop\tdsskiller.exe
2016-02-18 16:44 - 2016-02-18 16:44 - 02371072 _____ (Farbar) C:\Users\ElPanso\Desktop\FRST64.exe
2016-02-18 16:40 - 2016-02-18 16:40 - 00000355 _____ C:\Users\ElPanso\Desktop\ST2016 (J) 0 Bytes.lnk
2016-02-13 19:44 - 2016-02-13 19:44 - 00145716 _____ C:\Users\ElPanso\Downloads\h503445a.zip
2016-02-13 14:20 - 2016-02-13 14:21 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-02-13 14:20 - 2016-02-13 14:20 - 00002077 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-02-13 14:20 - 2016-02-13 14:20 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-10 20:21 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-10 20:21 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-10 20:21 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-10 20:21 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-10 20:21 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-10 20:21 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-10 20:21 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-10 20:21 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-09 19:53 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-09 19:53 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-09 19:53 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 19:53 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-09 19:53 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 19:53 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 19:53 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-09 19:53 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-09 19:53 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-09 19:53 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-09 19:53 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-09 19:53 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-09 19:53 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-09 19:52 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-09 19:52 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-09 19:52 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-09 19:52 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-09 19:52 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-09 19:52 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-09 19:50 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 19:50 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-09 19:50 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 19:49 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-09 19:49 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 19:49 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-09 19:49 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-09 19:49 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-09 19:49 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-09 19:49 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-09 19:49 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-09 19:49 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 19:49 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 19:49 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 19:49 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 19:49 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 19:49 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 19:49 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 19:49 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 19:49 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-09 19:49 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 19:49 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 19:49 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-09 19:49 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 19:49 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-09 19:49 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 19:49 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-02-09 19:49 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-09 19:49 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 19:49 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 19:48 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 19:48 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 19:48 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-09 19:48 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 19:48 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-09 19:48 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-09 19:48 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-09 19:48 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-09 19:48 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 19:48 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 19:48 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 19:48 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 19:48 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 19:48 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-09 19:48 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 19:48 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-09 19:48 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-09 19:48 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-09 19:48 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-09 19:48 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-09 19:48 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-09 19:48 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 19:48 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-09 19:48 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-09 19:48 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 19:48 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 19:48 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 19:48 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 19:48 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-02-09 19:48 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 19:48 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 19:48 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 19:48 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-09 19:48 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-09 19:48 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-09 19:48 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-09 19:48 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-09 19:48 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-09 19:48 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 19:48 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-03 08:36 - 2016-02-03 08:36 - 00001496 _____ C:\Users\ElPanso\Downloads\RlNDWEE2NVBST0QuRGVza3RvcCBSdWZiZXJlaXRzY2hhZnQ- (9).ica
2016-02-03 08:18 - 2016-02-03 08:18 - 01730272 _____ (Audible Inc.) C:\Users\ElPanso\Downloads\ActiveSetupN (1).exe
2016-02-03 06:59 - 2016-02-03 06:59 - 00001495 _____ C:\Users\ElPanso\Downloads\RlNDWEE2NVBST0QuRGVza3RvcCBSdWZiZXJlaXRzY2hhZnQ- (8).ica
2016-02-01 20:35 - 2016-02-01 20:35 - 00298955 _____ C:\Users\ElPanso\Downloads\Grundstück mit Wohnhaus DIREKTZAHLUNG.pdf
2016-01-28 04:58 - 2016-01-28 04:58 - 00051400 _____ (SteelSeries ApS) C:\Windows\system32\Drivers\sshid.sys
2016-01-27 20:04 - 2016-01-27 20:04 - 00784707 _____ C:\Users\ElPanso\Desktop\AutoClicker.exe
2016-01-27 20:04 - 2016-01-27 20:04 - 00000000 ____D C:\Users\ElPanso\Documents\AutomaticSolution Software
2016-01-26 19:53 - 2016-01-26 19:53 - 00204947 _____ C:\Users\ElPanso\Downloads\EVA_Antrag_2015 mit VD-Anl..pdf
2016-01-24 17:10 - 2016-01-24 17:10 - 00000000 ____D C:\Users\ElPanso\Documents\steuer
2016-01-24 16:42 - 2016-01-24 16:44 - 00000579 _____ C:\Windows\wiso.ini
2016-01-24 16:18 - 2016-01-24 16:42 - 00000000 ____D C:\Users\ElPanso\AppData\Local\Buhl
2016-01-24 16:18 - 2016-01-24 16:18 - 00002174 _____ C:\Users\Public\Desktop\WISO steuer Start 2016.lnk
2016-01-24 16:10 - 2016-01-24 16:10 - 00000000 ____D C:\Users\ElPanso\AppData\Roaming\Buhl Data Service
2016-01-24 16:10 - 2016-01-24 16:10 - 00000000 ____D C:\Users\ElPanso\AppData\Local\Buhl Data Service
2016-01-24 16:10 - 2016-01-24 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2016-01-24 16:06 - 2016-01-24 16:06 - 00000000 ____D C:\Program Files (x86)\WISO
2016-01-24 16:05 - 2016-01-24 16:18 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-18 16:44 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-02-18 16:43 - 2014-04-28 16:39 - 00001140 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-18 16:40 - 2014-09-21 12:03 - 00000000 ___RD C:\Users\ElPanso\OneDrive
2016-02-18 16:40 - 2014-04-28 16:39 - 00001136 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-18 14:14 - 2015-09-26 14:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-18 14:12 - 2015-08-23 11:07 - 00001254 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4244265928-1459068472-2964796402-1001UA.job
2016-02-18 13:49 - 2014-04-28 16:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-17 23:39 - 2014-04-28 17:06 - 00000000 ____D C:\Users\ElPanso\AppData\Local\Battle.net
2016-02-17 23:17 - 2014-04-28 16:39 - 00000000 ____D C:\Users\ElPanso\AppData\Roaming\Skype
2016-02-17 22:07 - 2014-04-28 17:06 - 00000000 ____D C:\Users\ElPanso\AppData\Roaming\Battle.net
2016-02-17 22:07 - 2014-04-28 17:03 - 00000000 ____D C:\ProgramData\Battle.net
2016-02-15 20:07 - 2014-04-29 13:33 - 00000000 ____D C:\Users\ElPanso\AppData\Local\Spotify
2016-02-15 20:05 - 2014-04-29 13:33 - 00000000 ____D C:\Users\ElPanso\AppData\Roaming\Spotify
2016-02-15 12:12 - 2015-08-23 11:07 - 00001202 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4244265928-1459068472-2964796402-1001Core.job
2016-02-15 07:41 - 2016-01-06 21:26 - 00000000 ____D C:\Users\ElPanso\AppData\Local\ElevatedDiagnostics
2016-02-13 19:29 - 2014-04-28 16:35 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4244265928-1459068472-2964796402-1001
2016-02-13 14:21 - 2016-01-12 21:19 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-02-13 14:20 - 2014-06-05 10:40 - 00000000 ____D C:\ProgramData\Adobe
2016-02-12 22:38 - 2014-11-24 11:42 - 00000000 ____D C:\Users\ElPanso\AppData\Roaming\TS3Client
2016-02-12 19:40 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-11 19:51 - 2014-04-28 16:31 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-11 19:51 - 2013-08-23 00:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2016-02-11 19:51 - 2013-08-23 00:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2016-02-11 19:45 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-11 19:44 - 2014-04-28 16:35 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-11 19:44 - 2013-08-22 15:44 - 00410104 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 22:58 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-02-10 22:57 - 2015-04-15 12:47 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 22:57 - 2013-08-23 00:26 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 22:57 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-02-10 20:44 - 2014-04-28 16:40 - 00002234 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-10 20:38 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-10 20:35 - 2014-06-05 11:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2016-02-10 20:30 - 2014-05-21 19:22 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 20:26 - 2014-05-21 19:22 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 21:14 - 2015-09-26 14:53 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 19:47 - 2015-11-10 21:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-09 19:47 - 2015-11-10 21:00 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-07 19:33 - 2015-03-09 13:44 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-02-03 20:52 - 2014-04-28 16:39 - 00000000 ____D C:\ProgramData\Skype
2016-02-03 08:17 - 2014-12-28 23:00 - 00000000 ____D C:\Users\ElPanso\AppData\Local\Audible
2016-02-02 19:38 - 2014-04-28 16:39 - 00004112 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 19:38 - 2014-04-28 16:39 - 00003876 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 03:37 - 2013-08-22 16:38 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-26 21:29 - 2014-11-24 11:34 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-01-24 16:06 - 2014-04-28 17:22 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-23 15:35 - 2016-01-16 15:49 - 00010501 _____ C:\Users\ElPanso\Desktop\Mappe1.xlsx
2016-01-23 10:32 - 2015-02-06 22:18 - 00013370 _____ C:\Users\ElPanso\Desktop\Ausgaben.xlsx
2016-01-23 10:31 - 2014-05-05 22:31 - 02250240 ___SH C:\Users\ElPanso\Desktop\Thumbs.db
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-09-28 17:04 - 2014-09-28 17:04 - 0097581 _____ () C:\Users\ElPanso\AppData\Roaming\icarus-dxdiag.xml
2006-12-11 18:13 - 2006-12-11 18:13 - 0097336 _____ (Un4seen Developments) C:\Users\ElPanso\AppData\Local\bass.dll
2006-12-11 18:13 - 2006-12-11 18:13 - 0013872 _____ (Un4seen Developments) C:\Users\ElPanso\AppData\Local\basscd.dll
2007-08-13 16:46 - 2007-08-13 16:46 - 0102912 _____ (Albert L Faber) C:\Users\ElPanso\AppData\Local\CDRip.dll
2014-09-14 17:09 - 2015-09-24 15:53 - 0000026 _____ () C:\Users\ElPanso\AppData\Local\isoworkshop.ini
2007-08-13 16:46 - 2007-08-13 16:46 - 0155136 _____ () C:\Users\ElPanso\AppData\Local\lame_enc.dll
2007-01-18 20:09 - 2007-01-18 20:09 - 0623616 _____ (Ivan Bischof ©2003 - 2005) C:\Users\ElPanso\AppData\Local\No23 Recorder.exe
2005-08-23 21:34 - 2005-08-23 21:34 - 0029184 _____ () C:\Users\ElPanso\AppData\Local\no23xwrapper.dll
2006-10-26 00:06 - 2006-10-26 00:06 - 0015872 _____ () C:\Users\ElPanso\AppData\Local\ogg.dll
2014-09-16 13:52 - 2015-01-07 12:31 - 0000600 _____ () C:\Users\ElPanso\AppData\Local\PUTTY.RND
2015-05-11 10:13 - 2015-05-11 10:13 - 0000040 _____ () C:\Users\ElPanso\AppData\Local\tmp.no23
2006-10-26 00:06 - 2006-10-26 00:06 - 0143872 _____ () C:\Users\ElPanso\AppData\Local\vorbis.dll
2006-10-26 00:06 - 2006-10-26 00:06 - 0064000 _____ () C:\Users\ElPanso\AppData\Local\vorbisenc.dll
2006-10-26 00:06 - 2006-10-26 00:06 - 0019456 _____ () C:\Users\ElPanso\AppData\Local\vorbisfile.dll
2015-03-03 18:04 - 2015-03-03 18:08 - 0000821 _____ () C:\ProgramData\hpzinstall.log
2014-06-23 23:18 - 2014-06-23 23:18 - 0000092 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
Einige Dateien in TEMP:
====================
C:\Users\ElPanso\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpq7amqq.dll
C:\Users\ElPanso\AppData\Local\Temp\HearthCap.Updater.exe
C:\Users\ElPanso\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\ElPanso\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\ElPanso\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\ElPanso\AppData\Local\Temp\nvStInst.exe
C:\Users\ElPanso\AppData\Local\Temp\ose00000.exe
C:\Users\ElPanso\AppData\Local\Temp\Quarantine.exe
C:\Users\ElPanso\AppData\Local\Temp\raptrpatch.exe
C:\Users\ElPanso\AppData\Local\Temp\raptr_stub.exe
C:\Users\ElPanso\AppData\Local\Temp\sdanircmdc.exe
C:\Users\ElPanso\AppData\Local\Temp\sdaspwn.exe
C:\Users\ElPanso\AppData\Local\Temp\SkypeSetup.exe
C:\Users\ElPanso\AppData\Local\Temp\sqlite3.dll
C:\Users\ElPanso\AppData\Local\Temp\sweetpage294wld_n2.exe
C:\Users\ElPanso\AppData\Local\Temp\tmp3159.tmp.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-13 19:29
==================== Ende von FRST.txt ============================
|
|
18.02.2016, 17:02
| #6 |
| | Versuchte Zugriffe auf Accounts Addition.log: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-02-2016
durchgeführt von ElPanso (2016-02-18 16:48:25)
Gestartet von C:\Users\ElPanso\Desktop
Windows 8.1 Pro (X64) (2014-04-28 15:29:56)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4244265928-1459068472-2964796402-500 - Administrator - Disabled)
ElPanso (S-1-5-21-4244265928-1459068472-2964796402-1001 - Administrator - Enabled) => C:\Users\ElPanso
Gast (S-1-5-21-4244265928-1459068472-2964796402-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4244265928-1459068472-2964796402-1014 - Limited - Enabled)
SophosSAUPANSO-DESK0 (S-1-5-21-4244265928-1459068472-2964796402-1004 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Sophos Anti-Virus (Enabled - Out of date) {6BABF8F7-3EB6-BD1D-9167-8C5ECA060A29}
AS: Sophos Anti-Virus (Enabled - Out of date) {D0CA1913-188C-B293-ABD7-B72CB1814094}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1400 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
1400_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
1400Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Anno 1404 (HKLM-x32\...\Steam App 33250) (Version: - Blue Byte)
Anno 1404: Venice (HKLM-x32\...\Steam App 33350) (Version: - Blue Byte)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1778385259.4759644.48.2147344384 - Audible, Inc.)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version: - Irrational Games)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Blender (HKLM\...\Blender) (Version: 2.74 - Blender Foundation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Call of Duty: Black Ops - Multiplayer (HKLM-x32\...\Steam App 42710) (Version: - Treyarch)
Call of Duty: Black Ops (HKLM-x32\...\Steam App 42700) (Version: - Treyarch)
Card Hunter (HKLM-x32\...\Steam App 293260) (Version: - Blue Manchu)
Citrix Online Plug-in - Web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.)
C-Media PCI Audio Device (HKLM-x32\...\{71B53BA8-4BE3-49AF-BC3E-07F392008738}) (Version: 1.00.0003 - )
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crazybump (remove only) (HKLM-x32\...\Crazybump) (Version: - )
DCS World (HKLM-x32\...\Steam App 223750) (Version: - Eagle Dynamics)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version: - Stunlock Studios)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)
Die Siedler 7 (HKLM-x32\...\{9C916142-C18C-429D-BFED-40094A7E0BEB}) (Version: 1.12.1396 - Ubisoft)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version: - Splash Damage®)
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dovetail Games Fishing (HKLM-x32\...\Steam App 314520) (Version: - Dovetail Games - Fishing)
Dropbox (HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\Dropbox) (Version: 3.12.5 - Dropbox, Inc.)
Epic Games Launcher (HKLM\...\{0AE5C8C8-1EF6-48F5-AD91-259BB5E49610}) (Version: 1.1.20.0 - Epic Games, Inc.)
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Fallen Earth (HKLM-x32\...\Steam App 113420) (Version: - Reloaded Productions)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Game of Thrones (HKLM-x32\...\Steam App 208730) (Version: - Cyanide Studios)
Ghost Recon Phantoms - EU (HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\d8be6c3f847d7d92) (Version: 1.35.7490.1 - Ubisoft)
GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.109 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version: - Rockstar North)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
HearthstoneTracker (HKLM-x32\...\HearthstoneTracker) (Version: 1.9.5.56756 - HearthstoneTracker.com)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
ISO Workshop 5.5 (HKLM-x32\...\ISO Workshop_is1) (Version: - Glorylogic)
iTunes (HKLM\...\{BFEAB774-C7DC-4032-B05A-DA5F7CB7B365}) (Version: 12.2.2.25 - Apple Inc.)
Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation)
Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.06.20130913 - LG Electronics)
LG United Mobile Drivers (HKLM-x32\...\{55031CEF-CE75-4A5C-8DEA-60577820529B}) (Version: 3.10.1.0 - LG Electronics)
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version: - Bitbox Ltd.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Visio Professional 2013 (HKLM-x32\...\Office15.VISPROR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Might & Magic Heroes Online (HKLM-x32\...\Steam App 336520) (Version: - Blue Byte)
MiKTeX 2.9 (HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
No23 Recorder (HKLM-x32\...\{22B0E143-2B0B-435B-9F56-136A3D16065F}) (Version: 2.1.0.3 - No23)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140812.90586 - Square Enix Ltd)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Oracle VM VirtualBox 4.3.12 (HKLM\...\{B5121457-0126-4E62-BCBF-6DC7C73D9E4A}) (Version: 4.3.12 - Oracle Corporation)
Oracle VM VirtualBox 4.3.26 (HKLM\...\{5771F59A-BFC9-4FAF-A883-7642EF4BA3C3}) (Version: 4.3.26 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (x32 Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Patrizier 4 (HKLM-x32\...\{25B473C3-2C62-482B-858F-94ED76880F79}) (Version: 1.0.0 - Kalypso Media)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version: - Roccat GmbH)
ROCCAT Kone[+] Mouse Driver (HKLM-x32\...\{B99CB207-4704-4C51-9309-0FA90AA26DD4}) (Version: - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{91150000-0051-0000-0000-0000000FF1CE}_Office15.VISPROR_{8D2E04ED-3350-4ECE-9D6E-3BC9A9A93A47}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Sid Meier's Civilization V (HKLM-x32\...\steam app 8930) (Version: - 2K Games, Inc.)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2418.2 - Hi-Rez Studios)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Sophos Anti-Virus (HKLM-x32\...\{D929B3B5-56C6-46CC-B3A3-A1A784CBB8E4}) (Version: 10.3.13 - Sophos Limited)
Sophos AutoUpdate (HKLM-x32\...\{7CD26A0C-9B59-4E84-B5EE-B386B2F7AA16}) (Version: 4.1.0.273 - Sophos Limited)
Spotify (HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\Spotify) (Version: 1.0.21.143.g76c19bcd - Spotify AB)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.56 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine 3.3.1 (HKLM\...\SteelSeries Engine 3) (Version: 3.3.1 - SteelSeries ApS)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.39052 - TeamViewer)
Texmaker (HKLM-x32\...\Texmaker) (Version: - )
The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version: - Turbine, Inc.)
The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.0.0 - GOG.com)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\{6D87CAD9-9B94-4421-A439-B25F8DE14575}) (Version: 1.8 - Ubisoft)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Total War: Arena (HKLM-x32\...\Steam App 227520) (Version: - Creative Assembly)
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update for Skype for Business 2015 (KB3114732) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.VISPROR_{7B0DFC04-44CB-436D-9366-01D93383940D}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Vagrant (HKLM-x32\...\{3D24EE12-E0CF-41EC-8182-361ECF575656}) (Version: 1.6.5 - HashiCorp)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.00.0 - H+H Software GmbH)
Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek GmbH)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{C8BD7F28-9AF6-466D-A837-DEEA0CF38C76}) (Version: 23.00.1146 - Buhl Data Service GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
World of Warcraft Classic (HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\{D55ED80F-FAFD-40E1-99FC-89AF8614A9B5}_is1) (Version: 1.12.1.5875 - Blizzard Entertainment)
WOW Slider (HKLM-x32\...\WOW Slider_is1) (Version: - )
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
Z.u.L. Version 12.0 (HKLM-x32\...\Z.u.L._is1) (Version: Version 12.0 - Rene Grothmann)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {119F534C-D85B-4172-908A-03868E0103A4} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4244265928-1459068472-2964796402-1001Core => C:\Users\ElPanso\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-23] (Dropbox, Inc.)
Task: {205A4330-E71B-475B-B3A6-11B0B2BE1108} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {4E74641D-23ED-426A-86D7-D07B78D7696C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {8B27A458-F20C-4919-AA58-9D8B3826150F} - System32\Tasks\{BDD8EA9C-D8E2-4FA9-AFBB-1031EFF3A6E2} => pcalua.exe -a E:\Audible\Audible\Bin\Manager.exe -d E:\Audible\Audible\BIN\
Task: {B21BB676-6993-4CC1-818F-48461F60A298} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {C8784D9D-B084-4D84-9B93-AEFEA2FF02A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {D4511DB7-E7CB-43A6-92C6-707135B3B5E5} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-4244265928-1459068472-2964796402-1001UA => C:\Users\ElPanso\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-08-23] (Dropbox, Inc.)
Task: {D9A8AD2C-5021-4D6A-B2BB-42020EB555F6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
Task: {DD8912AD-C3EA-4668-9E97-C1F95E5B889B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {F0FE93C7-794B-488A-B8BC-3A6296F67D5A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {F6B8B3C8-7F4E-48F7-90C1-33CE5AB05A11} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-22] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4244265928-1459068472-2964796402-1001Core.job => C:\Users\ElPanso\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-4244265928-1459068472-2964796402-1001UA.job => C:\Users\ElPanso\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 15:26 - 2015-05-15 15:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-18 12:44 - 2014-12-31 14:25 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-04-28 16:35 - 2015-02-05 20:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-13 22:19 - 2014-11-13 22:19 - 17542656 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
2014-10-14 15:10 - 2014-10-14 15:10 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\x2api.dll
2015-04-14 16:48 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-04-28 17:54 - 2010-11-04 10:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2016-02-10 20:44 - 2016-02-09 12:58 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libglesv2.dll
2016-02-10 20:44 - 2016-02-09 12:58 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\libegl.dll
2015-08-15 08:20 - 2008-08-18 14:08 - 00050688 _____ () C:\Program Files (x86)\Virtual CD v10\System\ogg.dll
2015-08-15 08:20 - 2008-08-18 14:11 - 01237504 _____ () C:\Program Files (x86)\Virtual CD v10\System\vorbis.dll
2016-02-10 20:44 - 2016-02-09 12:58 - 16810824 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.109\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\sony.com -> sony.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2014-11-09 14:14 - 00000854 ____A C:\Windows\system32\Drivers\etc\hosts
192.168.56.101 awesome.dev
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\ElPanso\Desktop\five_finger_death_punch_wallpaper_by_thegregeth-d4g56v0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "RoccatKone+"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4244265928-1459068472-2964796402-1001\...\StartupApproved\Run: => "Akamai NetSession Interface"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7BBA4002-A419-48A7-89D7-AB794EB4DAD4}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D75D5528-C9C5-418D-962F-BEBD4955FB21}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{2D056D30-07F8-4A95-A3B5-62A1785297ED}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{D09410C8-170E-46D0-B0C1-09F4025BC01D}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{98CF59B8-C860-4BDC-A601-F05E918B2564}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{B9B43630-5D48-4EE4-AAD9-EDE1191CA2D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7A3C7034-F159-4029-A296-B318044ED2B2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{D9C7F1DD-342F-4B16-81E3-817BA50045BD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C3BCAEE0-5A07-400F-AFF8-AF4807E281EE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BA8D11C1-89F3-4B26-AA95-C4A748BFDB07}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{80AD87E5-6F3B-4548-A531-F98ACC1AFE62}I:\hearstonebeta\hearthstone\hearthstone.exe] => (Allow) I:\hearstonebeta\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{D102ED84-A643-481F-9B7B-BD17443B9858}I:\hearstonebeta\hearthstone\hearthstone.exe] => (Allow) I:\hearstonebeta\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{2B986387-D517-4401-B7F0-AAB2A91D2992}I:\die siedler ii - die naechste generation wikinker portable\die siedler ii - die naechste generation - wikinger.exe] => (Allow) I:\die siedler ii - die naechste generation wikinker portable\die siedler ii - die naechste generation - wikinger.exe
FirewallRules: [UDP Query User{0AA69FC0-C4FF-4972-88B2-B93515E7BE61}I:\die siedler ii - die naechste generation wikinker portable\die siedler ii - die naechste generation - wikinger.exe] => (Allow) I:\die siedler ii - die naechste generation wikinker portable\die siedler ii - die naechste generation - wikinger.exe
FirewallRules: [TCP Query User{5EB6EF53-33D1-4D26-A31A-E94F898C40DB}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe
FirewallRules: [UDP Query User{41A27F14-8054-4245-9847-4EC53E2A3281}C:\windows\syswow64\msiexec.exe] => (Allow) C:\windows\syswow64\msiexec.exe
FirewallRules: [TCP Query User{6864CD1C-DD04-4024-8D45-E56463D15407}C:\users\elpanso\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\elpanso\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{ADF8F02C-A6FC-41FA-A1A2-F5C409B7A0F0}C:\users\elpanso\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\elpanso\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{6C0CCD63-79D4-4038-992E-54A2FD1862D5}I:\steamlibrary\steamapps\common\might & magic - duel of champions\game.exe] => (Allow) I:\steamlibrary\steamapps\common\might & magic - duel of champions\game.exe
FirewallRules: [UDP Query User{88D2FD09-4845-42A1-86F6-732D1DF8E53B}I:\steamlibrary\steamapps\common\might & magic - duel of champions\game.exe] => (Allow) I:\steamlibrary\steamapps\common\might & magic - duel of champions\game.exe
FirewallRules: [{0D51CAE5-258E-4F08-970A-9D738EED37C5}] => (Allow) I:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{3B0692FC-CE1D-416B-8523-CC1104D037FC}] => (Allow) I:\SteamLibrary\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{42F7E642-88B1-4E82-BBC6-F6A5035AD6ED}] => (Allow) I:\WarThunder\launcher.exe
FirewallRules: [{46F8A038-3C3A-4AFB-9E29-147ED35A651A}] => (Allow) I:\WarThunder\launcher.exe
FirewallRules: [{4DBD55EC-51E2-4071-A485-F84EB0C51783}] => (Allow) LPort=80
FirewallRules: [{8C5980F0-6AA3-4BB9-9784-BB0367EC324B}] => (Allow) LPort=443
FirewallRules: [{D5DA046F-6B22-4CE8-91E3-7ACDF8472766}] => (Allow) LPort=20010
FirewallRules: [{29E5A19C-DBFB-4C63-B0AC-21591D4C2143}] => (Allow) LPort=3478
FirewallRules: [{6A04218E-C6E1-4C2B-96A2-462A7F57F6DD}] => (Allow) LPort=7850
FirewallRules: [{5ABFEB82-C6C8-4DE4-94C4-6FACAEAF5230}] => (Allow) LPort=7852
FirewallRules: [{5F04A5E9-5B9E-4BE7-8F8A-39B28EA35192}] => (Allow) LPort=7853
FirewallRules: [{EC2CCEE5-E979-40AD-BE13-77F1B1829FAC}] => (Allow) LPort=27022
FirewallRules: [{8EB68ACB-5A08-4378-A14E-7619511B7360}] => (Allow) LPort=6881
FirewallRules: [{95F17A99-5843-43ED-A643-BF37145FCC79}] => (Allow) LPort=33333
FirewallRules: [{B1F90453-9A72-471B-A929-2B42A21475D2}] => (Allow) LPort=20443
FirewallRules: [{44B5C9CE-6D45-4F12-B454-B70A5A86530C}] => (Allow) LPort=8090
FirewallRules: [TCP Query User{E0DB4C31-BA83-4F7F-9C5E-B63527198471}I:\warthunder\aces.exe] => (Block) I:\warthunder\aces.exe
FirewallRules: [UDP Query User{E623D7F1-02C0-4407-AD1D-71C138573AA5}I:\warthunder\aces.exe] => (Block) I:\warthunder\aces.exe
FirewallRules: [{680DE5D9-6255-4259-A76D-B0C23948A641}] => (Allow) I:\SteamLibrary\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{A09B9314-FE7D-4614-BD50-F569B672E0C1}] => (Allow) I:\SteamLibrary\SteamApps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{45EF66C6-65DC-46BB-A7E4-91B03CE8C338}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D834BCAE-A625-4274-9C00-42C11513AB3C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{C2C6DF4B-BC10-4DBB-9AFE-E6BDFF117E41}] => (Allow) I:\SteamLibrary\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{AC84188E-8E1F-4596-8719-F4E3D24C4590}] => (Allow) I:\SteamLibrary\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{221C26C1-797D-4013-A2AD-4E127FB9F02B}] => (Allow) I:\SteamLibrary\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{BFA3B86B-5A14-4C39-9E3B-AC2D1450A757}] => (Allow) I:\SteamLibrary\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [TCP Query User{110ACABA-F7A6-41BB-9637-477490CC8821}G:\starcraft ii\versions\base28667\sc2.exe] => (Allow) G:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [UDP Query User{72DFDF76-672F-4E3E-990C-3FC903DC04F6}G:\starcraft ii\versions\base28667\sc2.exe] => (Allow) G:\starcraft ii\versions\base28667\sc2.exe
FirewallRules: [{AA72724D-6DCD-4F95-9442-DA9A749F2E8F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{AB0A26F4-0AED-43B1-ACAF-94E0A15CE472}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{8F0B797A-4A11-4E01-BC63-9C5FD12439E2}] => (Allow) I:\Siedler7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{127D457E-CC8F-44F8-BD96-56FAA39E04C6}] => (Allow) I:\Siedler7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [TCP Query User{10A11807-63C9-4861-B0E2-EB86A3EC6D4A}C:\users\elpanso\appdata\local\apps\2.0\z0cpacme.24n\y7n1tvmc.296\laun...app_59711684aa47878d_0001.0023_389eea987ebce690\launcher.exe] => (Allow) C:\users\elpanso\appdata\local\apps\2.0\z0cpacme.24n\y7n1tvmc.296\laun...app_59711684aa47878d_0001.0023_389eea987ebce690\launcher.exe
FirewallRules: [UDP Query User{6C6E817D-CD02-4C91-B684-2F8AE689424F}C:\users\elpanso\appdata\local\apps\2.0\z0cpacme.24n\y7n1tvmc.296\laun...app_59711684aa47878d_0001.0023_389eea987ebce690\launcher.exe] => (Allow) C:\users\elpanso\appdata\local\apps\2.0\z0cpacme.24n\y7n1tvmc.296\laun...app_59711684aa47878d_0001.0023_389eea987ebce690\launcher.exe
FirewallRules: [TCP Query User{29432B56-E60C-4763-8F87-F91DD41E32D4}I:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) I:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{0C834243-5789-4841-8D41-6839A9F4D659}I:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe] => (Allow) I:\ghost recon phantoms\pdc-live\ghostreconphantoms.exe
FirewallRules: [{EA874973-E4AA-408B-A584-E8EDC0F9287E}] => (Allow) I:\SteamLibrary\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [{3E8F5477-A241-415B-A5C4-9CFD928B0B61}] => (Allow) I:\SteamLibrary\SteamApps\common\Tom Clancy's Ghost Recon Phantoms - EU\Launcher.exe
FirewallRules: [TCP Query User{53FDFC6F-3F12-425C-B7C6-172D47F84803}I:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) I:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [UDP Query User{8E00205E-F7CA-4C41-AAA5-132634331F70}I:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe] => (Allow) I:\steamlibrary\steamapps\common\tom clancy's ghost recon phantoms - eu\game\pdc-live\ghostreconphantoms.exe
FirewallRules: [{1398F81F-C812-4EDB-822A-F3FCD3A502D5}] => (Allow) I:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{BB132737-F52D-4D30-A721-A3DFC2032309}] => (Allow) I:\SteamLibrary\SteamApps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5E641B91-BC0F-46E9-A617-85FC09E967E3}] => (Allow) I:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{3803B6C5-CC75-4EEF-97B5-FBA7C02F0E30}] => (Allow) I:\SteamLibrary\SteamApps\common\Europa Universalis IV\eu4.exe
FirewallRules: [{96CED720-3AC6-46E7-A51D-09B59315A7D6}] => (Allow) I:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{51ADF9C1-3A5F-4A6F-A971-9D8CFF5F0187}] => (Allow) I:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A4DE75C5-007A-45D7-825F-F2FF6809E36C}] => (Allow) F:\SpaceMarine\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [{B4350507-ED81-49AC-98DB-A9D0151D1D78}] => (Allow) F:\SpaceMarine\SteamApps\common\Dawn of War 2\DOW2.exe
FirewallRules: [TCP Query User{346C902D-DF8E-4B40-A6C8-03A92263A105}I:\steamlibrary\steamapps\common\marchofwar\marchofwar.exe] => (Block) I:\steamlibrary\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [UDP Query User{4FB9E164-3D19-4B96-8664-181A8B2BDC72}I:\steamlibrary\steamapps\common\marchofwar\marchofwar.exe] => (Block) I:\steamlibrary\steamapps\common\marchofwar\marchofwar.exe
FirewallRules: [{0A1B4FFD-03C5-41C3-8782-09D898E6C598}] => (Allow) I:\SteamLibrary\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{137AD03D-439F-44BE-A22C-DF123DD6D8E2}] => (Allow) I:\SteamLibrary\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [TCP Query User{57B88E8E-D3E8-43AD-897C-2ED279603D39}I:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) I:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{264BAC00-F27D-4E34-A3BB-5C99BF838EAF}I:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) I:\steamlibrary\steamapps\common\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [{82B7BD72-C63E-43B1-9F29-CAF102DBCB95}] => (Allow) I:\SteamLibrary\SteamApps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{041D3985-540D-459B-B46A-45D5AB7C537D}] => (Allow) I:\SteamLibrary\SteamApps\common\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{219F3683-433E-46A5-BB0A-E89FAC69C35E}] => (Allow) I:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9FEB538C-01A4-496C-A648-832B52544FAD}] => (Allow) I:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{9467648C-5B16-4668-AD17-D76242D88D76}] => (Allow) I:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{E9F9ECAB-6E8E-4DCB-A45D-46C64DFA3BF5}] => (Allow) I:\SteamLibrary\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{62678B7E-38CA-4824-A161-140F38DBE14B}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\rust.exe
FirewallRules: [{E4D7865C-531E-4F84-B400-174B45AB7A3C}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\rust.exe
FirewallRules: [{50775AAA-7BDE-475A-870B-2DE11EACD006}] => (Allow) I:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{B849C3D8-2AC0-4218-8563-EF9ED4931EF0}] => (Allow) I:\SteamLibrary\SteamApps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{2CB3DA22-00EC-43D6-A4C9-772AE2751E3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3804AE92-1E76-4095-9B38-C2EBB5E07044}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F25F0DD9-AE44-47E2-8C3B-53C13D379961}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3177C814-4337-4560-9752-F57F0DC2B35E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2109EAE6-024B-49AE-B8ED-AE55B550A2AA}] => (Allow) I:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{42465F07-0B69-4F2C-AA2E-604F428E36C3}] => (Allow) I:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3.exe
FirewallRules: [{21DEBC0B-0041-4417-81D0-A7D06F0D68AA}] => (Allow) I:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{CEC2F12E-8568-43FB-A2CD-A59A926E51FE}] => (Allow) I:\SteamLibrary\SteamApps\common\Far Cry 3\bin\farcry3_d3d11.exe
FirewallRules: [{5059FC2C-A9E2-4A2C-A498-EEE8A4750726}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [{01157C62-D82F-4582-87C1-732AF954FB5B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3023\Agent.exe
FirewallRules: [TCP Query User{EB947EA4-98D5-45F0-9337-98B6F8A3B377}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{23C0633B-B56D-45C6-B382-513D1BB7E14D}F:\diablo iii\diablo iii.exe] => (Allow) F:\diablo iii\diablo iii.exe
FirewallRules: [{D261980E-76EA-4CCB-A179-65763F15855B}] => (Allow) C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{302FE357-F661-4AC4-9D13-1334F7DC2C8B}] => (Allow) C:\Users\ElPanso\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{FBA7A9A6-D1E9-4A70-B14B-16D69015AF26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [{534A77E0-FACC-40D6-89AE-3D0E4DD306D8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3109\Agent.exe
FirewallRules: [TCP Query User{733B1094-C383-49C6-B3CA-0BD1C4F621B4}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{FF7DBBBF-7E5D-46BE-B209-A6348635AC13}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{92724279-5360-4FC7-BEEB-5A4AF8FB6596}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{7BBE9BAD-81F0-420D-A240-5EAB9D3956A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{10AA8D38-B481-467A-95D6-D015BBBFDD11}] => (Allow) I:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{6531D9B7-76A0-47E3-9E89-CA990AA0D285}] => (Allow) I:\SteamLibrary\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [TCP Query User{CDDF3146-A7F0-496A-A85D-F837DD9C13FD}I:\steamlibrary\steamapps\common\sniperghostwarrior2\bin32\sniperghostwarrior2.exe] => (Block) I:\steamlibrary\steamapps\common\sniperghostwarrior2\bin32\sniperghostwarrior2.exe
FirewallRules: [UDP Query User{5D487E8F-2E82-47CD-890F-8565AC7F11ED}I:\steamlibrary\steamapps\common\sniperghostwarrior2\bin32\sniperghostwarrior2.exe] => (Block) I:\steamlibrary\steamapps\common\sniperghostwarrior2\bin32\sniperghostwarrior2.exe
FirewallRules: [{267D423C-AFEA-4DC6-B0B1-DC1517CC063E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [{0FF1236A-6A52-486D-87E9-B0FDDADEBDC3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3182\Agent.exe
FirewallRules: [TCP Query User{962283E8-12C8-43FC-942D-C877A3A299FD}C:\users\elpanso\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\elpanso\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{AC96B30C-3D03-409A-ACFE-A3456B1F8877}C:\users\elpanso\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\elpanso\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{13F03E46-1EC6-467C-BF0C-BB287C3FB855}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{74A18E97-6578-4CFF-8982-B2B098225D4A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3235\Agent.exe
FirewallRules: [{00479F8C-4C09-4C75-8790-B8A5C4C5F7DB}] => (Allow) I:\SteamLibrary\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{62C9678E-1E6B-4EC6-9B6C-55ADCB7D8F16}] => (Allow) I:\SteamLibrary\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{00FF68D8-B246-41B5-83B3-AEFD28CAEAA4}] => (Allow) I:\Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [{AB48FC8F-75FF-44B2-ADDD-0C24E1DE1F79}] => (Allow) I:\Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe
FirewallRules: [TCP Query User{EB128663-DD3B-4761-8E64-B2C7CEA54E69}I:\world of tanks\wotlauncher.exe] => (Allow) I:\world of tanks\wotlauncher.exe
FirewallRules: [UDP Query User{9E1F6BB5-D0B1-47D3-BBFD-3CE6E1DD6F73}I:\world of tanks\wotlauncher.exe] => (Allow) I:\world of tanks\wotlauncher.exe
FirewallRules: [TCP Query User{7BB14F11-817A-4B30-B8BA-8E75E345D433}I:\world of tanks\worldoftanks.exe] => (Allow) I:\world of tanks\worldoftanks.exe
FirewallRules: [UDP Query User{2D645499-2239-445F-B91A-9978FEAEA2E1}I:\world of tanks\worldoftanks.exe] => (Allow) I:\world of tanks\worldoftanks.exe
FirewallRules: [TCP Query User{734BBEA6-45B1-47D5-A7CE-CD680707B5F6}I:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) I:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{76BD597F-DE55-4258-8BB7-7C860798A35A}I:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) I:\steamlibrary\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [{F0F3F23C-5AFD-4272-959A-685E7E4DA0A1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{F69D5FC9-CA53-4FAF-895E-4E49A07A9621}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{D41A90C5-0C5E-47C6-A6AD-14C62302FC6D}] => (Allow) I:\SteamLibrary\SteamApps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{1AD9A8D3-36B7-47EB-989B-F7EFC723AA98}] => (Allow) I:\SteamLibrary\SteamApps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{AD0CED13-AD4A-4C84-92C8-A7A57A2A7D72}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{F5CDDFF0-F4B2-4895-8234-41650838A32C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{B6820FA7-999A-4F2A-B41C-2102EFCB6765}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{B24DCFAC-89D0-43D8-838C-23AC2281EF64}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3322\Agent.exe
FirewallRules: [{CE9794A9-71B0-4F42-8C5C-E27A964CDDF0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{50ABB34B-26CB-46A3-A58C-48EF8EB7C12E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3323\Agent.exe
FirewallRules: [{6329A16F-87A9-4615-830C-CD53A0820355}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{C975395D-74C5-4671-B7AE-F5659EB0F650}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{A5C83EA3-5927-40EB-AC1E-A74CA6EF9948}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{1521910B-9565-4661-AE30-BA686B8531BA}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{8C30C9E3-927E-4C44-853D-973A8DB6973D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{39F80157-C8B3-4A0E-8CBC-7201297A0054}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3334\Agent.exe
FirewallRules: [{2FC94407-8253-4939-8387-2BA44C4AF594}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [{B9ED9F60-FA53-429D-A8B5-9B316D5664F6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3346\Agent.exe
FirewallRules: [TCP Query User{8BF165DE-81BE-47F6-ADF4-83A25D9953D3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{C32F61D5-995A-4341-8700-C6E623E0EE5B}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A102F369-A9F3-4B2B-99A4-56167F424E19}C:\program files\oracle\virtualbox\vboxheadless.exe] => (Allow) C:\program files\oracle\virtualbox\vboxheadless.exe
FirewallRules: [UDP Query User{23F1F4BE-919C-4BD3-97AC-3D03F71C42BD}C:\program files\oracle\virtualbox\vboxheadless.exe] => (Allow) C:\program files\oracle\virtualbox\vboxheadless.exe
FirewallRules: [{68602577-5F07-4F6D-800A-8F6503AAEDE2}] => (Block) C:\program files\oracle\virtualbox\vboxheadless.exe
FirewallRules: [{3396C724-A0AA-4275-B4F0-1AE030F3B63C}] => (Block) C:\program files\oracle\virtualbox\vboxheadless.exe
FirewallRules: [{3AA5395A-5100-4252-9CD0-D84EA1844D08}] => (Allow) I:\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{37700D5E-CE5C-4BD4-A17E-4DE98137311A}] => (Allow) I:\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{631323C7-B65C-4DA7-A7CD-4C5D757078F7}] => (Allow) I:\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{9501F5BD-3143-422A-A72A-52F345BD896E}] => (Allow) I:\SteamLibrary\SteamApps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{4E709F4C-5F71-4D8D-9982-84E57FA3EF8D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [{57F68932-94A6-41DF-89E2-F939D62EBA89}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
FirewallRules: [TCP Query User{08E4EBB6-6271-4407-B303-C45A0530D210}G:\starcraft ii\versions\base32283\sc2.exe] => (Allow) G:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{4E253862-259B-4996-AE36-791F88F01043}G:\starcraft ii\versions\base32283\sc2.exe] => (Allow) G:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{4B27C5D5-8B11-45A2-83F2-80D20ED643C9}] => (Block) G:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{C2693C96-CAC8-47C7-9229-6C0591364160}] => (Block) G:\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{BF4812A4-1A49-4E37-9FEE-9A67F484DA67}] => (Allow) I:\SteamLibrary\SteamApps\common\Fallen Earth F2P\FEUpdater.exe
FirewallRules: [{682D25AA-4ED0-4B1B-B0C9-D9DEAD40EF7E}] => (Allow) I:\SteamLibrary\SteamApps\common\Fallen Earth F2P\FEUpdater.exe
FirewallRules: [{E78D5626-8CBA-4D7C-8B0D-535E1126AC73}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{E21CD11B-D96D-4A8D-82F4-BE1E9286BA1F}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{4D5878F2-CE36-4E2D-A6B2-C0FDC5DA297D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{38D12606-C3A9-4371-B4DC-F2FED46A5E18}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{82852E93-823E-4555-B7EE-C48F6692C40B}] => (Allow) I:\SteamLibrary\SteamApps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{949EC77B-88DD-4CFF-9ED2-3EDC1B084498}] => (Allow) I:\SteamLibrary\SteamApps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{F7D4EE89-D6F7-4EA7-9EA5-FBAA92E66FBC}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{04271D11-3558-4E59-A7BB-C02813EF5A05}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{B9104A8E-E9B5-4102-87E3-1EA2C0011301}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{B824F667-2C48-4476-9E67-3C7581369F40}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{76720584-76A9-43CC-B732-A4361DB0383F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{1ED20260-5A77-4A20-A2B3-B4A07FCBBDF2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{DB8B38F1-230F-4CFF-9ED6-C51EEC4ED533}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{827DDE95-EEF1-419D-BE25-E627B48806F4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{1A0A09A4-6079-4C9A-88CB-A4482B2E078B}] => (Allow) I:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{07A317F5-92B5-48A2-8369-BBFCB18A0309}] => (Allow) I:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{C2C422E7-04C7-4147-B363-1814167C977D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{E9360327-1438-478B-AA91-41D196DC5756}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [TCP Query User{21EEE4DE-64B5-4FD4-B28D-475FA1D7EA9A}I:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) I:\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [UDP Query User{E6D716A5-A921-440D-9306-687D65727AAF}I:\heroes of the storm\versions\base32524\heroesofthestorm.exe] => (Allow) I:\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [{58A0D84B-C756-4A09-BD65-E2507CE52055}] => (Block) I:\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [{16882496-F9EA-4E95-905A-4DC4D68C320C}] => (Block) I:\heroes of the storm\versions\base32524\heroesofthestorm.exe
FirewallRules: [{BB138241-E0E9-4AC3-9D1F-94B14893C7DB}] => (Allow) I:\Zenimax Online\Launcher\Bethesda.net_Launcher.exe
FirewallRules: [TCP Query User{EB85C067-AD9E-469E-BCF2-A45F6A14FC1D}C:\users\elpanso\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\elpanso\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{86CDF4B8-0120-42CA-B3A9-D2552D9F4864}C:\users\elpanso\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\elpanso\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C1484886-9A04-467C-91DB-E380DF5C48C1}] => (Allow) I:\SteamLibrary\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{CD4D5F30-C63F-4785-A2EA-1A8901E9F3EA}] => (Allow) I:\SteamLibrary\SteamApps\common\Anno 1404\Anno4.exe
FirewallRules: [{4C3206D2-9415-41F8-B394-9150F66721DC}] => (Allow) I:\SteamLibrary\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [{EF662EAB-C4D7-4C31-91CC-81AE281C796E}] => (Allow) I:\SteamLibrary\SteamApps\common\Anno 1404\Addon.exe
FirewallRules: [TCP Query User{177F0F1E-C518-4957-BE15-9497CB3501E2}I:\steamlibrary\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) I:\steamlibrary\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{BDA85AFE-D7E8-4E12-94CC-A8F9A5257771}I:\steamlibrary\steamapps\common\anno 1404\tools\addonweb.exe] => (Allow) I:\steamlibrary\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{7D57634C-CF4E-4775-9439-027B46B0A257}] => (Block) I:\steamlibrary\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [{0296B4F8-4E62-4FE9-83EF-C86E3AF82F90}] => (Block) I:\steamlibrary\steamapps\common\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{677DCB5B-C0DC-42C4-A4BD-775A9DC0F674}I:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) I:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{6B2B8F9A-0E42-4B21-AD14-BE16F00F00AA}I:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe] => (Allow) I:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{3C9988D3-AA60-4611-95F1-EDDA178CD4DD}] => (Block) I:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{B8D50331-F7B9-4EC9-AD07-EF1F385905E9}] => (Block) I:\steamlibrary\steamapps\common\anno 1404\tools\anno4web.exe
FirewallRules: [{7ADF4838-0526-4A69-9EA3-7610B27B883C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{356A2F8B-FEA9-41DE-8F9A-4E8AB1366C26}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{1301480C-8BE4-49CA-B89E-C4D4451CA2A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{9B73F8B6-1B5D-4F4F-BAD8-EAEBD33B4316}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{2920F742-FAA6-4951-9A4B-EB1F39BF8F04}] => (Allow) I:\SteamLibrary\SteamApps\common\Fishing\WindowsNoEditor\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe
FirewallRules: [{32AD11F2-4F34-4A4D-9B71-F19F2BE8C676}] => (Allow) I:\SteamLibrary\SteamApps\common\Fishing\WindowsNoEditor\FishingGame\Binaries\Win64\FishingGame-Win64-Shipping.exe
FirewallRules: [{414378F4-AE7A-4010-AA0A-8BC1C4544EEF}] => (Allow) I:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{418DFA51-EA89-415C-88CE-1D3149A2249F}] => (Allow) I:\SteamLibrary\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{8FE0A0C2-5206-42A4-B915-0AC74484812F}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{B7CE4CED-AAC6-4C0A-897B-CAF1ED71581A}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\Future Soldier.exe
FirewallRules: [{F49CB0D1-D52D-4CC7-B32D-F682A9FF6B5C}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\gu.exe
FirewallRules: [{AC4D3F40-9840-4609-B4F5-37F58EF488EB}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\gu.exe
FirewallRules: [{25D02527-B467-40E2-9C4D-BB77D05385C3}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
FirewallRules: [{96C43417-D078-479F-BA49-3DB96F9CF138}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
FirewallRules: [{50545FFB-AC6B-43CA-9CC4-C7ACE069E0C4}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
FirewallRules: [{E19E935B-F2DA-4092-9D7C-3AC3D398D3B3}] => (Allow) I:\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
FirewallRules: [{4977BC91-CE8C-41C1-BC1B-AE1ACF07DF4B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5E6B2C85-2B49-4213-A932-5373D08C5D3B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FE3BE78-3F81-4B81-9A75-0F599FA33982}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{77839A8D-28B1-4D09-B2FC-91001F2FA862}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{52B9443F-22CF-4E47-8E00-CE497ABBBD32}] => (Allow) I:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{4FAE46D7-9A2F-48DC-948C-6878A4158FBF}] => (Allow) I:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{57C69793-B6BA-42E8-8226-4A66C9A8CC6A}C:\users\elpanso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\elpanso\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{AACA73C5-C593-499C-8094-80A8A0866F23}C:\users\elpanso\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\elpanso\appdata\local\akamai\netsession_win.exe
FirewallRules: [{5F323167-8588-4053-9018-E6D6582C7260}] => (Block) C:\users\elpanso\appdata\local\akamai\netsession_win.exe
FirewallRules: [{883578B1-AEDF-479D-BAFA-393FC1029DE9}] => (Block) C:\users\elpanso\appdata\local\akamai\netsession_win.exe
FirewallRules: [{560E1B35-9744-44B2-BF74-1898FCF8CC22}] => (Allow) I:\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{16EF744C-A22E-4C3A-A2B0-83469133434E}] => (Allow) I:\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{B0A494BF-33EB-471F-842D-6E80B30AB4B5}] => (Allow) I:\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{D7E4C72F-E470-4CD3-B96E-829A3697B408}] => (Allow) I:\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{300296ED-A106-493A-8DE2-ADA231C15401}] => (Allow) I:\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{0943B8F7-9E3E-48BC-A771-FDB75EAC86A4}] => (Allow) I:\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{5F17A959-BA16-4BCC-87C8-B44BA22B71C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{322580A9-5179-486A-92EE-EADAAF2CDD66}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{4DAD5F6A-8C9E-4F73-95FE-95B6B62D98B6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{66A71D3B-965D-48F4-A3E8-2177DD7D835D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{6CA65992-C585-4B81-90D5-7160C3C72901}] => (Allow) I:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{65C6398B-9CE1-4E73-80E2-7D8EF75165D7}] => (Allow) I:\SteamLibrary\SteamApps\common\Life is Feudal Your Own\yo_cm_client.exe
FirewallRules: [{893C0CA8-612D-443D-AC0A-3142E1FDBD05}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{B1D1D2BB-92FB-4196-92B8-FA0D620D9F4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{DA5B91D3-1759-4B06-9C02-5A9F4E911709}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{4460898D-CB48-4C47-BED0-F0EF652FD09F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{145603C0-DF9D-4513-BBEC-72387252EEB4}I:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{9BB18ED0-BB38-4D36-8D51-3D1443593B23}I:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{FC076AB8-0D78-429C-A85F-F2F3B96B1319}] => (Block) I:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{B76031F3-932B-459F-A972-71586B472E8E}] => (Block) I:\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{CAA9C43D-9845-4307-B2A7-433D574C9961}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{82C0F864-766B-4BAB-B033-F4CF7018508C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{B8534F18-1ABE-4F52-BFB7-A53C243D6FB0}H:\gamedev\cryengine_3.5.8\bin32\editor.exe] => (Allow) H:\gamedev\cryengine_3.5.8\bin32\editor.exe
FirewallRules: [UDP Query User{4732A2AC-9859-4193-93A8-0BE7A49C0A8A}H:\gamedev\cryengine_3.5.8\bin32\editor.exe] => (Allow) H:\gamedev\cryengine_3.5.8\bin32\editor.exe
FirewallRules: [{360FEC28-64A6-402B-85F0-F280B2F0C693}] => (Block) H:\gamedev\cryengine_3.5.8\bin32\editor.exe
FirewallRules: [{86F5B563-7D3A-4A6C-9771-4F79A0B8D39F}] => (Block) H:\gamedev\cryengine_3.5.8\bin32\editor.exe
FirewallRules: [{2A2904FB-61D6-4F11-9CD4-008051C3E0A5}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{D401120C-CA7E-4539-96CA-6C77C2886949}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{C6465659-7E00-49CC-A8B0-10EE8962A7FD}H:\gamedev\epic games\4.6\engine\binaries\win64\ue4editor.exe] => (Allow) H:\gamedev\epic games\4.6\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{AC1BF99B-44F4-46FA-82EE-34EE259BCB50}H:\gamedev\epic games\4.6\engine\binaries\win64\ue4editor.exe] => (Allow) H:\gamedev\epic games\4.6\engine\binaries\win64\ue4editor.exe
FirewallRules: [{3EE38D47-B306-41B5-B00A-43304784F875}] => (Block) H:\gamedev\epic games\4.6\engine\binaries\win64\ue4editor.exe
FirewallRules: [{67005789-F16D-4509-88FE-90D3B2D6D03F}] => (Block) H:\gamedev\epic games\4.6\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{A15E7680-D64C-4362-89A7-7EC4DDC0E465}H:\gamedev\epic games\4.6\engine\binaries\dotnet\swarmagent.exe] => (Block) H:\gamedev\epic games\4.6\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{BE27D575-A969-4E93-A4EC-ECA47AEEA2B0}H:\gamedev\epic games\4.6\engine\binaries\dotnet\swarmagent.exe] => (Block) H:\gamedev\epic games\4.6\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{8BD4342C-41F1-4980-A174-09019C75E903}] => (Allow) I:\SteamLibrary\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{62D1BBCD-23F0-44F3-B20F-D8EC58E2FE41}] => (Allow) I:\SteamLibrary\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [TCP Query User{9722A0E2-ADFB-4BF7-A358-D0F147A9CD77}I:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{1556DDBB-F12C-40C4-8554-F4150B75BF44}I:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [{346845E8-AB8F-43DD-8349-33343B3FA169}] => (Block) I:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [{E4979FEB-0256-4FDA-A7FE-5BC560FE8DBE}] => (Block) I:\heroes of the storm\versions\base34053\heroesofthestorm_x64.exe
FirewallRules: [{602F3C3D-467A-4B2E-992F-F76ED0934864}] => (Allow) C:\Program Files (x86)\Artisteer 4\bin\Artisteer.exe
FirewallRules: [TCP Query User{B6E58C2E-AB2E-491D-A8E5-472A028298E6}I:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{10B6141D-6AB7-4773-8B9C-EE08EFDA2D99}I:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{7AFF1E85-B4B2-431E-9395-F01877690CC0}] => (Block) I:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{27F96539-A110-45D6-9705-9D8EE9D215F2}] => (Block) I:\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{A07AE91D-DC22-4B79-96C5-FEB753EC8283}] => (Allow) I:\SteamLibrary\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{C30DF8BC-39BD-4798-8A1F-54284668CCAD}] => (Allow) I:\SteamLibrary\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{EB6BE760-00D7-49CF-BED5-B7344E811E87}I:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) I:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{881CADF8-EB3E-4160-BB65-778E45864819}I:\steamlibrary\steamapps\common\h1z1\h1z1.exe] => (Allow) I:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{069AF995-1238-46D9-BE5F-15D0BF107328}] => (Block) I:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{A9FF0FE7-5483-4A9B-B46E-87C89134CD98}] => (Block) I:\steamlibrary\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{C123D171-A864-4400-9A69-9F67AE58616B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{E8016836-801F-4BA2-9540-6AF6A73A9650}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{B49E0435-9EA1-46B0-8D0E-3FC0B453D83C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{21059C37-E25B-45A3-BF0A-D3374AAA6385}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{3ED5238B-E667-45EB-AD4E-173262769B4F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{BF69AD78-20CA-40AA-AFB3-EF2164E12DA3}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{CCA2D92E-A663-4B3E-8BD1-2A4AD707E37F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{6EB467A8-9AC4-46A5-9704-68130431FF6B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{CBCEEBE6-6485-4799-BE09-CF84E317D25E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{846C1529-9059-4557-87D5-005F4C2F60C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{51F92F5D-7869-4F4F-9E65-78B2A489219B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{0A287CDA-43B2-471F-80DA-36957C8133A7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{F281D661-39CF-441B-B81C-16664C6B6EB9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{704CF1DB-CA51-409D-8FD1-99B4441E6905}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{408A41C7-028E-436D-ACFA-13A71B958CA1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{E67A5389-770E-4433-B078-61F97F3F7A76}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{6D6BB7E0-9C6E-4CF1-9199-02D90516A925}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{CFB91D3F-FAB9-4150-B7EF-361C833C498C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{72F41660-D712-425C-BCA5-979799495E62}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4FCCAEC9-1B6F-47C6-B64A-74486AC893C8}] => (Allow) I:\SteamLibrary\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{B0DB9997-5F16-46D4-BF0A-F5B964CD7B03}] => (Allow) I:\SteamLibrary\SteamApps\common\Company of Heroes 2\RelicCoH2.exe
FirewallRules: [{554CA9E0-9422-4AEB-BB37-071DB551293C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{5E7C3612-1836-424F-A7E6-17301F498B99}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{F307FDC9-494D-41D9-85B6-B28D147DEE3A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{2B8D9348-3829-4EC9-B0F2-E972F119155D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{8892C47E-90E7-4916-8041-2AEFD4071E47}I:\steamlibrary\steamapps\common\total war arena\arena.exe] => (Allow) I:\steamlibrary\steamapps\common\total war arena\arena.exe
FirewallRules: [UDP Query User{C58F0436-D64D-493D-A8AD-19A1B63728CD}I:\steamlibrary\steamapps\common\total war arena\arena.exe] => (Allow) I:\steamlibrary\steamapps\common\total war arena\arena.exe
FirewallRules: [{B1251557-0EFA-47EC-BEAC-7D1203EC07CA}] => (Allow) I:\SteamLibrary\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{3CF94513-8F7D-475A-94E1-763226B4B588}] => (Allow) I:\SteamLibrary\SteamApps\common\Dead Island Epidemic\Dead Island Epidemic - Launcher.exe
FirewallRules: [{644DB393-48A6-4FB1-86BD-32E22727FB22}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{2F04728E-9242-42F5-9883-8046B91DB0A7}] => (Allow) I:\SteamLibrary\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [TCP Query User{AA982FFA-2B97-404A-8178-AB5146CFF8E5}H:\gamedev\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) H:\gamedev\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{5E927F06-C3A0-47AC-8681-00876D5BE9FC}H:\gamedev\epic games\4.7\engine\binaries\win64\ue4editor.exe] => (Allow) H:\gamedev\epic games\4.7\engine\binaries\win64\ue4editor.exe
FirewallRules: [{96C232F3-9A27-45ED-AE54-9D9B5E49144E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{67997E34-EF6A-425C-AFE5-83318BD0E024}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{2A39A39F-47B9-47A1-B020-37DA78305522}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A357F0CA-AF75-42AC-92DC-6AC54F53E76C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{CC919F5C-4CDB-43CB-92CD-BC244487B378}] => (Allow) H:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{9198FCAC-5128-4600-8D45-13BEDB2E8189}] => (Allow) H:\SteamLibrary\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{3E332765-5B44-4EA3-87CF-5F78104A012F}H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{18FA07A2-9CAC-4738-9FC8-A9048E3555FB}H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe] => (Allow) H:\steamlibrary\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{12FD01AD-6507-48F5-B943-FD526A705F81}I:\hearthstone\hearthstone\hearthstone.exe] => (Allow) I:\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{3F46CD42-8262-4367-859E-96FCECE8DED5}I:\hearthstone\hearthstone\hearthstone.exe] => (Allow) I:\hearthstone\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{596F1EC7-ECA1-409B-A7F8-562F2D81EF59}H:\gamedev\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Allow) H:\gamedev\epic games\4.7\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{53AD5C84-C75A-4701-8202-0574498476EC}H:\gamedev\epic games\4.7\engine\binaries\dotnet\swarmagent.exe] => (Allow) H:\gamedev\epic games\4.7\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{0895F7FF-0E01-4C25-974D-CB09885F16DD}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{43A2DCA2-2847-4A4D-9A8C-1920F1143386}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [TCP Query User{CC892EC0-158F-4CB8-B8D2-A8DD440705A9}I:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{D3DBBF20-852A-439A-8FF5-C18D233B8047}I:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{E84BD7DB-E148-4F47-BD6A-4AF1B3638C06}H:\gamedev\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) H:\gamedev\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [UDP Query User{BD564DAD-00EC-4101-90F0-9EF0FE6EA629}H:\gamedev\epic games\4.8\engine\binaries\win64\ue4editor.exe] => (Allow) H:\gamedev\epic games\4.8\engine\binaries\win64\ue4editor.exe
FirewallRules: [TCP Query User{A1E3C369-D509-4A61-80DA-27562AE70079}H:\gamedev\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) H:\gamedev\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [UDP Query User{7AA7380B-9A57-4942-9226-D54B39B1D80B}H:\gamedev\epic games\4.8\engine\binaries\dotnet\swarmagent.exe] => (Allow) H:\gamedev\epic games\4.8\engine\binaries\dotnet\swarmagent.exe
FirewallRules: [{07918FD5-A6F9-4679-865D-E46FF0384125}] => (Allow) I:\SteamLibrary\SteamApps\common\CardHunter\CardHunter.exe
FirewallRules: [{30ED3FA2-801C-4B15-BC7D-40CABFF0EC97}] => (Allow) I:\SteamLibrary\SteamApps\common\CardHunter\CardHunter.exe
FirewallRules: [{40BE5E6D-4BBB-44B5-958A-D5C6393855B2}] => (Allow) I:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{B6BE154B-ABFE-4B87-973D-493E25AA694B}] => (Allow) I:\SteamLibrary\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{39A31152-CDB0-492E-A524-DFDCE41267BC}] => (Allow) F:\SpaceMarine\SteamApps\common\warhammer 40,000 space marine\SpaceMarine.exe
FirewallRules: [{662ECD1F-CD0D-4F00-B3AE-DB643F779EDD}] => (Allow) F:\SpaceMarine\SteamApps\common\warhammer 40,000 space marine\SpaceMarine.exe
FirewallRules: [{19EB4A23-5AE8-4AA1-8B88-8F073794F78D}] => (Allow) I:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{93FD1F92-8F06-473B-8390-DD964F6D0202}] => (Allow) I:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{BE9D4479-E823-494C-BE5C-DE7174846A75}] => (Allow) I:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{72D2EDCA-9829-4E9C-AEDA-C56040E53319}] => (Allow) I:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{F32D3970-9F5B-4EE7-A789-6D7E09ED2F98}] => (Allow) I:\SteamLibrary\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{AB2B9DA0-0174-4F33-81D6-BA3FB7CA448F}] => (Allow) I:\SteamLibrary\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [TCP Query User{531F0811-9B63-4E81-BB4D-4850A13C7D14}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [UDP Query User{5667B04C-0C86-4516-90BD-C786CAEEC727}C:\program files\oracle\virtualbox\virtualbox.exe] => (Allow) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{99BAA086-951D-4481-9AB0-E2EA5D30FEAE}] => (Block) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{DA935892-CF3A-4E59-9474-8DCEBC1A67B4}] => (Block) C:\program files\oracle\virtualbox\virtualbox.exe
FirewallRules: [{FC2B09E3-A733-4508-8FE1-3F2FE46C7295}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [{BEDE4C20-50AC-4267-A2AE-ACC8A5083A7A}] => (Allow) C:\Program Files (x86)\Crazybump\CrazyBump.exe
FirewallRules: [TCP Query User{6DC78372-F0C6-452C-8704-CE44038629F6}I:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{70818C15-5CE8-43AF-A113-8807E699E585}I:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{0854A303-3A4C-4461-9C6D-6168C6B896BF}] => (Block) I:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{36C0283F-616D-4A1B-A018-84A6DFEDB01C}] => (Block) I:\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [{752CD4BF-D715-42AA-9643-2A019881BADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{378ABCD7-89FB-4936-B25B-74CA643ECB5C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9DB50146-1E86-4FDA-827E-CC541952FDB5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{4F3C72A5-CF2B-4DBA-AC4F-5BF0A256DD63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F9CC806A-EF9B-414E-A9D7-8296BEAAF5F3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{090311F2-DB13-41A3-9CC9-7C2BC90D4E5B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{C1F02F8A-C80E-473D-90D2-4F912A0D2974}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A4049EA1-CF91-454A-9885-D60546658B36}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{328C6783-8A4E-412E-813B-A323F1C17D31}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{87074B14-5589-4B4B-A3AD-61C93B1295D3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{923DE76E-2496-4CC5-A494-9259581BB1B9}I:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2DF0065C-D8AE-4A40-9397-24F3BE2E81F4}I:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [{1A6C615E-B4EE-4050-B081-BC2575728143}] => (Block) I:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [{388F9429-9510-460A-8D81-DD90A569433E}] => (Block) I:\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe
FirewallRules: [{4A911DE8-FA4B-469D-86B0-462C3F0F6E37}] => (Allow) I:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{720F3345-5D99-44CC-B343-0EFB3C262881}] => (Allow) I:\SteamLibrary\SteamApps\common\Warface\live\nw.exe
FirewallRules: [{623C9181-71EE-4C8F-97C7-62D2791E7326}] => (Allow) I:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [{A6CD6037-8DDC-4915-9E0D-B3EB1FBCBA6E}] => (Allow) I:\SteamLibrary\SteamApps\common\Total War Arena\launcher\launcher.exe
FirewallRules: [TCP Query User{6660F3DB-ADB2-4AF3-BB75-75F64B6F4EF0}I:\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{64E3D0D5-79FC-4400-A912-E6DB34F15111}I:\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) I:\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{DA49D259-AF67-43D6-853D-9FB79C8EEF1F}] => (Block) I:\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{731B0A29-62A8-456E-9805-C09924AFC593}] => (Block) I:\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe
FirewallRules: [{BC5EB734-81F7-4CB1-92C2-B549E372F5BB}] => (Allow) I:\SteamLibrary\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{D4E07764-2E82-4406-8AA9-4639A5CBC2DD}] => (Allow) I:\SteamLibrary\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{77C21E3C-2F29-45D8-8607-63AD12108031}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4121C74B-98D7-4F92-841F-BBD3F3209606}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{846A6F52-0B8D-49AF-9238-858F784A1216}I:\diablo iii\diablo iii.exe] => (Allow) I:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{E6A3269A-59B0-49DB-84DB-3E4550D95E45}I:\diablo iii\diablo iii.exe] => (Allow) I:\diablo iii\diablo iii.exe
FirewallRules: [{26279A46-CB5C-446A-83AB-7493D9C6FCDE}] => (Block) I:\diablo iii\diablo iii.exe
FirewallRules: [{51D86EA9-7D04-42F2-A495-57EC21E6BA6B}] => (Block) I:\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{875F71AB-682E-43B3-8E6D-CE989EDC5A7C}G:\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) G:\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [UDP Query User{095082AB-43DF-41CA-A558-59F75D5DC419}G:\starcraft ii\versions\base38215\sc2_x64.exe] => (Allow) G:\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [{5BA19F6E-8201-4AC7-BD52-0DB523AD055B}] => (Block) G:\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [{6AEF0E29-E0AF-4D05-A520-373F174AFAD2}] => (Block) G:\starcraft ii\versions\base38215\sc2_x64.exe
FirewallRules: [{C6476E90-C636-4848-A5E4-4A52E8EC921F}] => (Allow) I:\SteamLibrary\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{2700454C-1663-4D4D-AF56-F45C1F3E7C50}] => (Allow) I:\SteamLibrary\SteamApps\common\Call of Duty Black Ops\BlackOpsMP.exe
FirewallRules: [{3835140A-4E37-4337-A4F5-690786C8D273}] => (Allow) I:\SteamLibrary\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [{587FC2AE-4602-40B1-B290-756D3FC46187}] => (Allow) I:\SteamLibrary\SteamApps\common\Call of Duty Black Ops\BlackOps.exe
FirewallRules: [TCP Query User{1C6475C6-B7E5-4B85-B5F1-9617CC4FCB5E}I:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) I:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [UDP Query User{1680D60B-6D5B-4854-A6ED-DA67C43E07B8}I:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe] => (Allow) I:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{93D4B560-1C29-4C48-AF5D-12172CA432D3}] => (Block) I:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{972B1021-68F0-4EB1-831F-A7F225E2E2F0}] => (Block) I:\steamlibrary\steamapps\common\life is feudal your own\server\cm_yo_server.exe
FirewallRules: [{D6C45B01-6CF3-4E9F-AD10-B8D4F2DEFDB6}] => (Allow) F:\SpaceMarine\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [{178E315B-E012-494D-B047-3D9A64C869FC}] => (Allow) F:\SpaceMarine\SteamApps\common\Dirty Bomb\Binaries\Win32\ShooterGame-Win32-Shipping.exe
FirewallRules: [TCP Query User{26F6B1EC-08D1-4373-BE03-89364F74EFBB}G:\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) G:\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [UDP Query User{B52EBDA3-7DC4-4D7D-9632-B516F32ECE9B}G:\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) G:\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{47738C9F-5ED4-4BF7-A485-F0558268A1BB}] => (Block) G:\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{33FB1AF0-1831-4534-AAAE-59ABF86DA08C}] => (Block) G:\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{248A560E-B955-4EF2-A6CE-F9CBE58ED23F}] => (Allow) I:\SteamLibrary\SteamApps\common\Might & Magic Heroes Online\nw.exe
FirewallRules: [{92F676AE-AAA4-4C96-9F19-AD2BE8BDBA4B}] => (Allow) I:\SteamLibrary\SteamApps\common\Might & Magic Heroes Online\nw.exe
FirewallRules: [TCP Query User{3795CDF7-0417-4627-935E-C37BF5C45F92}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{3F590540-637E-42A8-B86F-3D3491A4D368}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{5129C6CF-05B8-4FFD-BB58-AEBAFA2FE019}] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{CB8A9739-70AC-4E40-AF5F-E2CEA016826A}] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [TCP Query User{B04FD964-E3E0-43A1-84B4-3F7EBE792262}G:\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) G:\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{F3733614-ADF4-45CF-9730-D59590839A5F}G:\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) G:\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{035F7895-F882-4488-AEDF-474A68EEF2FB}] => (Block) G:\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{E71EB8E3-1C42-46DF-8AD1-C9CF17F309B3}] => (Block) G:\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [{B6F6CB42-12F9-4FDB-AD03-44EDBCB5184C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
10-02-2016 20:17:53 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/18/2016 04:47:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.17667 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2398
Startzeit: 01d16a62ad45e2ed
Endzeit: 0
Anwendungspfad: C:\Windows\Explorer.EXE
Berichts-ID: d02d837e-d656-11e5-82b8-0026832fa477
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/15/2016 07:41:07 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (02/13/2016 08:00:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm yo_cm_client.exe, Version 1.0.4.4 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1afc
Startzeit: 01d1668df16479bf
Endzeit: 4294967295
Anwendungspfad: I:\SteamLibrary\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
Berichts-ID: 0397394b-d284-11e5-82b8-0026832fa477
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/10/2016 08:17:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (02/09/2016 07:42:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wfcrun32.exe, Version: 12.1.0.30, Zeitstempel: 0x4cb4d2e7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18185, Zeitstempel: 0x5683eff4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018ab9
ID des fehlerhaften Prozesses: 0x1760
Startzeit der fehlerhaften Anwendung: 0xwfcrun32.exe0
Pfad der fehlerhaften Anwendung: wfcrun32.exe1
Pfad des fehlerhaften Moduls: wfcrun32.exe2
Berichtskennung: wfcrun32.exe3
Vollständiger Name des fehlerhaften Pakets: wfcrun32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wfcrun32.exe5
Error: (02/07/2016 08:51:23 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wfcrun32.exe, Version: 12.1.0.30, Zeitstempel: 0x4cb4d2e7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18185, Zeitstempel: 0x5683eff4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018ab9
ID des fehlerhaften Prozesses: 0x116c
Startzeit der fehlerhaften Anwendung: 0xwfcrun32.exe0
Pfad der fehlerhaften Anwendung: wfcrun32.exe1
Pfad des fehlerhaften Moduls: wfcrun32.exe2
Berichtskennung: wfcrun32.exe3
Vollständiger Name des fehlerhaften Pakets: wfcrun32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wfcrun32.exe5
Error: (02/06/2016 11:03:57 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm yo_cm_client.exe, Version 1.0.4.4 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2090
Startzeit: 01d160c4c62808c5
Endzeit: 4294967295
Anwendungspfad: I:\SteamLibrary\steamapps\common\Life is Feudal Your Own\yo_cm_client.exe
Berichts-ID: eef4e22d-ccb8-11e5-82b7-0026832fa477
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/06/2016 10:16:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wfcrun32.exe, Version: 12.1.0.30, Zeitstempel: 0x4cb4d2e7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18185, Zeitstempel: 0x5683eff4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018ab9
ID des fehlerhaften Prozesses: 0x17d4
Startzeit der fehlerhaften Anwendung: 0xwfcrun32.exe0
Pfad der fehlerhaften Anwendung: wfcrun32.exe1
Pfad des fehlerhaften Moduls: wfcrun32.exe2
Berichtskennung: wfcrun32.exe3
Vollständiger Name des fehlerhaften Pakets: wfcrun32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wfcrun32.exe5
Error: (02/05/2016 07:29:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wfcrun32.exe, Version: 12.1.0.30, Zeitstempel: 0x4cb4d2e7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18185, Zeitstempel: 0x5683eff4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018ab9
ID des fehlerhaften Prozesses: 0xa80
Startzeit der fehlerhaften Anwendung: 0xwfcrun32.exe0
Pfad der fehlerhaften Anwendung: wfcrun32.exe1
Pfad des fehlerhaften Moduls: wfcrun32.exe2
Berichtskennung: wfcrun32.exe3
Vollständiger Name des fehlerhaften Pakets: wfcrun32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wfcrun32.exe5
Error: (02/04/2016 07:32:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: wfcrun32.exe, Version: 12.1.0.30, Zeitstempel: 0x4cb4d2e7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18185, Zeitstempel: 0x5683eff4
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00018ab9
ID des fehlerhaften Prozesses: 0x133c
Startzeit der fehlerhaften Anwendung: 0xwfcrun32.exe0
Pfad der fehlerhaften Anwendung: wfcrun32.exe1
Pfad des fehlerhaften Moduls: wfcrun32.exe2
Berichtskennung: wfcrun32.exe3
Vollständiger Name des fehlerhaften Pakets: wfcrun32.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wfcrun32.exe5
Systemfehler:
=============
Error: (02/15/2016 11:41:40 PM) (Source: DCOM) (EventID: 10010) (User: PANSO-DESK)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}
Error: (02/13/2016 09:10:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DHCP-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (02/13/2016 09:09:07 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Audio" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (02/13/2016 09:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Sicherheitscenter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/13/2016 09:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verbindungs-Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/13/2016 09:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "TCP/IP-NetBIOS-Hilfsdienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/13/2016 09:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/13/2016 09:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Ereignisprotokoll" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/13/2016 09:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "DHCP-Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/13/2016 09:08:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Audio" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 8168.75 MB
Verfügbarer physikalischer RAM: 5089.47 MB
Summe virtueller Speicher: 10306.47 MB
Verfügbarer virtueller Speicher: 6356.84 MB
==================== Laufwerke ================================
Drive c: (1 - System) (Fixed) (Total:117.04 GB) (Free:4.25 GB) NTFS
Drive d: (2 - Doc und Orga) (Fixed) (Total:9.77 GB) (Free:3.51 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive e: (3 - Musik) (Fixed) (Total:195.31 GB) (Free:169.21 GB) NTFS
Drive f: (Unix) (Fixed) (Total:58.59 GB) (Free:14.54 GB) NTFS
Drive g: (2 - Games) (Fixed) (Total:75.8 GB) (Free:9.33 GB) NTFS
Drive h: (3 - Cloud) (Fixed) (Total:195.31 GB) (Free:26.29 GB) NTFS
Drive i: (3 - Games) (Fixed) (Total:540.88 GB) (Free:33.8 GB) NTFS
Drive j: (ST2016) (CDROM) (Total:0.63 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 117.4 GB) (Disk ID: 1948AFDE)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=117 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DF335E84)
Partition 1: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=540.9 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: B27A3FDC)
Partition 1: (Active) - (Size=9.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=75.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=63.5 GB) - (Type=OF Extended)
==================== Ende von Addition.txt ============================
|
|
18.02.2016, 17:04
| #7 |
| | Versuchte Zugriffe auf Accounts und der TDSSKiller Report 1/2: Code:
ATTFilter 16:49:52.0501 0x1d40 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
16:50:06.0419 0x1d40 ============================================================
16:50:06.0419 0x1d40 Current date / time: 2016/02/18 16:50:06.0419
16:50:06.0419 0x1d40 SystemInfo:
16:50:06.0419 0x1d40
16:50:06.0419 0x1d40 OS Version: 6.3.9600 ServicePack: 0.0
16:50:06.0419 0x1d40 Product type: Workstation
16:50:06.0419 0x1d40 ComputerName: PANSO-DESK
16:50:06.0419 0x1d40 UserName: ElPanso
16:50:06.0419 0x1d40 Windows directory: C:\Windows
16:50:06.0419 0x1d40 System windows directory: C:\Windows
16:50:06.0419 0x1d40 Running under WOW64
16:50:06.0419 0x1d40 Processor architecture: Intel x64
16:50:06.0419 0x1d40 Number of processors: 4
16:50:06.0419 0x1d40 Page size: 0x1000
16:50:06.0419 0x1d40 Boot type: Normal boot
16:50:06.0419 0x1d40 ============================================================
16:50:09.0628 0x1d40 KLMD registered as C:\Windows\system32\drivers\28988555.sys
16:50:09.0793 0x1d40 System UUID: {6CF64732-A2DD-1468-F0E3-8FE30FD5C556}
16:50:11.0666 0x1d40 Drive \Device\Harddisk0\DR0 - Size: 0x1D5849E000 ( 117.38 Gb ), SectorSize: 0x200, Cylinders: 0x3BDA, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:50:11.0666 0x1d40 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:50:11.0667 0x1d40 Drive \Device\Harddisk2\DR2 - Size: 0x25432CDE00 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:50:11.0671 0x1d40 ============================================================
16:50:11.0671 0x1d40 \Device\Harddisk0\DR0:
16:50:11.0671 0x1d40 MBR partitions:
16:50:11.0671 0x1d40 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
16:50:11.0671 0x1d40 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xEA12000
16:50:11.0671 0x1d40 \Device\Harddisk1\DR1:
16:50:11.0671 0x1d40 MBR partitions:
16:50:11.0671 0x1d40 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x186A0000
16:50:11.0671 0x1d40 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x186A0800, BlocksNum 0x186A0000
16:50:11.0671 0x1d40 \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x30D40800, BlocksNum 0x439C5000
16:50:11.0671 0x1d40 \Device\Harddisk2\DR2:
16:50:11.0672 0x1d40 MBR partitions:
16:50:11.0672 0x1d40 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1388AFC
16:50:11.0672 0x1d40 \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x1388B3B, BlocksNum 0x97995E7
16:50:11.0688 0x1d40 \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0xAB22161, BlocksNum 0x7530462
16:50:11.0718 0x1d40 ============================================================
16:50:11.0720 0x1d40 C: <-> \Device\Harddisk0\DR0\Partition2
16:50:11.0745 0x1d40 D: <-> \Device\Harddisk2\DR2\Partition1
16:50:11.0773 0x1d40 E: <-> \Device\Harddisk1\DR1\Partition1
16:50:11.0813 0x1d40 F: <-> \Device\Harddisk2\DR2\Partition3
16:50:11.0855 0x1d40 G: <-> \Device\Harddisk2\DR2\Partition2
16:50:11.0877 0x1d40 H: <-> \Device\Harddisk1\DR1\Partition2
16:50:11.0906 0x1d40 I: <-> \Device\Harddisk1\DR1\Partition3
16:50:11.0906 0x1d40 ============================================================
16:50:11.0906 0x1d40 Initialize success
16:50:11.0906 0x1d40 ============================================================
16:51:00.0589 0x19bc ============================================================
16:51:00.0589 0x19bc Scan started
16:51:00.0589 0x19bc Mode: Manual; SigCheck; TDLFS;
16:51:00.0589 0x19bc ============================================================
16:51:00.0589 0x19bc KSN ping started
16:51:10.0013 0x19bc KSN ping finished: true
16:51:10.0874 0x19bc ================ Scan system memory ========================
16:51:10.0874 0x19bc System memory - ok
16:51:10.0875 0x19bc ================ Scan services =============================
16:51:10.0946 0x19bc [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
16:51:10.0978 0x19bc 1394ohci - ok
16:51:10.0990 0x19bc [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
16:51:11.0002 0x19bc 3ware - ok
16:51:11.0010 0x19bc [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11 C:\Windows\system32\drivers\acedrv11.sys
16:51:11.0911 0x19bc acedrv11 - ok
16:51:11.0928 0x19bc [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:51:11.0951 0x19bc ACPI - ok
16:51:11.0956 0x19bc [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
16:51:11.0968 0x19bc acpiex - ok
16:51:11.0972 0x19bc [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
16:51:11.0984 0x19bc acpipagr - ok
16:51:11.0987 0x19bc [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
16:51:11.0999 0x19bc AcpiPmi - ok
16:51:12.0002 0x19bc [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
16:51:12.0013 0x19bc acpitime - ok
16:51:12.0022 0x19bc [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:51:12.0046 0x19bc AdobeARMservice - ok
16:51:12.0088 0x19bc [ 785FD0E36CA75D90DD50042E2594BC63, 471A5ED43A3E18A5A69C28F7F351558E90F20416D9C532ADF50888808090AE89 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:51:12.0134 0x19bc AdobeFlashPlayerUpdateSvc - ok
16:51:12.0152 0x19bc [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
16:51:12.0178 0x19bc ADP80XX - ok
16:51:12.0189 0x19bc [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:51:12.0206 0x19bc AeLookupSvc - ok
16:51:12.0221 0x19bc [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD C:\Windows\system32\drivers\afd.sys
16:51:12.0243 0x19bc AFD - ok
16:51:12.0248 0x19bc [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
16:51:12.0259 0x19bc agp440 - ok
16:51:12.0264 0x19bc [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
16:51:12.0276 0x19bc ahcache - ok
16:51:12.0281 0x19bc [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe
16:51:12.0294 0x19bc ALG - ok
16:51:12.0302 0x19bc [ 2998362D1E550F0C990D77E34415BEB6, 36BBC575DFE0CBD5BC4AF9AD8B54DCEF950E93AF48884D6523457071296514CC ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:51:12.0323 0x19bc AMD External Events Utility - ok
16:51:12.0328 0x19bc [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
16:51:12.0341 0x19bc AmdK8 - ok
16:51:12.0345 0x19bc [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\Windows\system32\drivers\amdkmafd.sys
16:51:12.0354 0x19bc amdkmafd - ok
16:51:12.0685 0x19bc [ A87FC6E3670DB55788184FE3A3808712, 2366E7423B4EBC6E12F0C172246E4D2D3BDD702193FA6955A08180FFFCB217B9 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:51:13.0306 0x19bc amdkmdag - ok
16:51:13.0352 0x19bc [ 971F3B12C24BB83B48F8CCA2ED019906, E4757480DFF2678E3C7897F6E720EEFF76D452707FC87401B209FE533BFC3210 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
16:51:14.0877 0x19bc amdkmdap - ok
16:51:14.0884 0x19bc [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
16:51:14.0897 0x19bc AmdPPM - ok
16:51:14.0902 0x19bc [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:51:14.0913 0x19bc amdsata - ok
16:51:14.0932 0x19bc [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:51:14.0951 0x19bc amdsbs - ok
16:51:14.0954 0x19bc [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:51:14.0965 0x19bc amdxata - ok
16:51:14.0983 0x19bc [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\Windows\system32\drivers\appid.sys
16:51:14.0996 0x19bc AppID - ok
16:51:15.0000 0x19bc [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:51:15.0011 0x19bc AppIDSvc - ok
16:51:15.0018 0x19bc [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\Windows\System32\appinfo.dll
16:51:15.0031 0x19bc Appinfo - ok
16:51:15.0056 0x19bc [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:51:15.0066 0x19bc Apple Mobile Device Service - ok
16:51:15.0073 0x19bc [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:51:15.0088 0x19bc AppMgmt - ok
16:51:15.0103 0x19bc [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll
16:51:15.0124 0x19bc AppReadiness - ok
16:51:15.0152 0x19bc [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
16:51:15.0186 0x19bc AppXSvc - ok
16:51:15.0194 0x19bc [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:51:15.0207 0x19bc arcsas - ok
16:51:15.0211 0x19bc [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
16:51:15.0221 0x19bc atapi - ok
16:51:15.0228 0x19bc [ 4ECC791539F23982411864037D1AC8FC, 063CBA00E453B5FF3CDFDFB5FA2E6A190A0DC3D399EC36F646262BE76F98A60C ] AthDfu C:\Windows\System32\Drivers\AthDfu.sys
16:51:15.0237 0x19bc AthDfu - ok
16:51:15.0246 0x19bc [ 8523AA8BD207F937E8C047F8713D4788, EB131C38F51DEDCE2445648CAAE7B7F04F0009EB823A77D1D08B2E9CA8EC9B7D ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
16:51:15.0256 0x19bc AtiHDAudioService - detected UnsignedFile.Multi.Generic ( 1 )
16:51:24.0463 0x19bc Detect skipped due to KSN trusted
16:51:24.0463 0x19bc AtiHDAudioService - ok
16:51:24.0474 0x19bc [ 26D973D6D9A0D133DFDA7D8C1ADC04B7, AD40E6D0F77C0E579FB87C5106BF6DE3D1A9F30EE2FBF8C9C011F377FA05F173 ] atillk64 C:\Users\ElPanso\Desktop\WinFlash_2.6.7\WinFlash_2.6.7\atillk64.sys
16:51:24.0484 0x19bc atillk64 - ok
16:51:24.0491 0x19bc [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
16:51:24.0508 0x19bc AudioEndpointBuilder - ok
16:51:24.0528 0x19bc [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:51:24.0558 0x19bc Audiosrv - ok
16:51:24.0565 0x19bc [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:51:24.0579 0x19bc AxInstSV - ok
16:51:24.0594 0x19bc [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:51:24.0619 0x19bc b06bdrv - ok
16:51:24.0625 0x19bc [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
16:51:24.0636 0x19bc BasicDisplay - ok
16:51:24.0641 0x19bc [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
16:51:24.0652 0x19bc BasicRender - ok
16:51:24.0656 0x19bc [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
16:51:24.0666 0x19bc bcmfn2 - ok
16:51:24.0676 0x19bc [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC C:\Windows\System32\bdesvc.dll
16:51:24.0693 0x19bc BDESVC - ok
16:51:24.0697 0x19bc [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
16:51:24.0709 0x19bc Beep - ok
16:51:24.0729 0x19bc [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE C:\Windows\System32\bfe.dll
16:51:24.0756 0x19bc BFE - ok
16:51:24.0777 0x19bc [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll
16:51:24.0807 0x19bc BITS - ok
16:51:24.0819 0x19bc [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:51:24.0859 0x19bc Bonjour Service - ok
16:51:24.0864 0x19bc [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:51:24.0876 0x19bc bowser - ok
16:51:24.0882 0x19bc [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64 C:\ProgramData\BitRaider\BRDriver64.sys
16:51:24.0893 0x19bc BRDriver64 - ok
16:51:24.0895 0x19bc BRDriver64_1_3_3_E02B25FC - ok
16:51:24.0904 0x19bc [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
16:51:24.0919 0x19bc BrokerInfrastructure - ok
16:51:24.0926 0x19bc [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll
16:51:24.0938 0x19bc Browser - ok
16:51:24.0948 0x19bc [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub C:\ProgramData\BitRaider\BRSptStub.exe
16:51:24.0996 0x19bc BRSptStub - ok
16:51:25.0008 0x19bc [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc C:\ProgramData\BitRaider\BRSptSvc.exe
16:51:25.0061 0x19bc BRSptSvc - ok
16:51:25.0066 0x19bc [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
16:51:25.0077 0x19bc BthAvrcpTg - ok
16:51:25.0082 0x19bc [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
16:51:25.0093 0x19bc BthEnum - ok
16:51:25.0101 0x19bc [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
16:51:25.0113 0x19bc BthHFEnum - ok
16:51:25.0117 0x19bc [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
16:51:25.0128 0x19bc bthhfhid - ok
16:51:25.0141 0x19bc [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
16:51:25.0157 0x19bc BthHFSrv - ok
16:51:25.0163 0x19bc [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
16:51:25.0176 0x19bc BTHMODEM - ok
16:51:25.0182 0x19bc [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan C:\Windows\System32\drivers\bthpan.sys
16:51:25.0195 0x19bc BthPan - ok
16:51:25.0226 0x19bc [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
16:51:25.0257 0x19bc BTHPORT - ok
16:51:25.0264 0x19bc [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll
16:51:25.0278 0x19bc bthserv - ok
16:51:25.0284 0x19bc [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
16:51:25.0295 0x19bc BTHUSB - ok
16:51:25.0299 0x19bc [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:51:25.0313 0x19bc cdfs - ok
16:51:25.0320 0x19bc [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
16:51:25.0333 0x19bc cdrom - ok
16:51:25.0340 0x19bc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\Windows\System32\certprop.dll
16:51:25.0354 0x19bc CertPropSvc - ok
16:51:25.0358 0x19bc [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
16:51:25.0370 0x19bc circlass - ok
16:51:25.0380 0x19bc [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\Windows\system32\drivers\CLFS.sys
16:51:25.0398 0x19bc CLFS - ok
16:51:25.0406 0x19bc [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
16:51:25.0416 0x19bc CmBatt - ok
16:51:25.0487 0x19bc [ C73612A031920D43E678FD07C9D864F6, 39445B92B230E69A30C6FF1537645BD6070B28A3F0BF9526548535F965A14C96 ] cmuda3 C:\Windows\system32\drivers\cmudax3.sys
16:51:25.0560 0x19bc cmuda3 - ok
16:51:25.0577 0x19bc [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG C:\Windows\system32\Drivers\cng.sys
16:51:25.0600 0x19bc CNG - ok
16:51:25.0606 0x19bc [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
16:51:25.0617 0x19bc CompositeBus - ok
16:51:25.0619 0x19bc COMSysApp - ok
16:51:25.0623 0x19bc [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
16:51:25.0634 0x19bc condrv - ok
16:51:25.0641 0x19bc [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:51:25.0655 0x19bc CryptSvc - ok
16:51:25.0669 0x19bc [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC C:\Windows\system32\drivers\csc.sys
16:51:25.0690 0x19bc CSC - ok
16:51:25.0709 0x19bc [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService C:\Windows\System32\cscsvc.dll
16:51:25.0734 0x19bc CscService - ok
16:51:25.0740 0x19bc [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm C:\Windows\system32\DRIVERS\ctxusbm.sys
16:51:25.0750 0x19bc ctxusbm - ok
16:51:25.0755 0x19bc [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
16:51:25.0766 0x19bc dam - ok
16:51:25.0811 0x19bc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:51:25.0836 0x19bc DcomLaunch - ok
16:51:25.0851 0x19bc [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll
16:51:25.0871 0x19bc defragsvc - ok
16:51:25.0883 0x19bc [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
16:51:25.0902 0x19bc DeviceAssociationService - ok
16:51:25.0908 0x19bc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
16:51:25.0923 0x19bc DeviceInstall - ok
16:51:25.0929 0x19bc [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
16:51:25.0942 0x19bc Dfsc - ok
16:51:25.0948 0x19bc [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:51:25.0960 0x19bc dg_ssudbus - ok
16:51:25.0970 0x19bc [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll
16:51:25.0990 0x19bc Dhcp - ok
16:51:26.0023 0x19bc [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack C:\Windows\system32\diagtrack.dll
16:51:26.0065 0x19bc DiagTrack - ok
16:51:26.0073 0x19bc [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
16:51:26.0085 0x19bc disk - ok
16:51:26.0088 0x19bc [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
16:51:26.0099 0x19bc dmvsc - ok
16:51:26.0107 0x19bc [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:51:26.0123 0x19bc Dnscache - ok
16:51:26.0132 0x19bc [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll
16:51:26.0147 0x19bc dot3svc - ok
16:51:26.0154 0x19bc [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4 C:\Windows\system32\DRIVERS\Dot4.sys
16:51:26.0166 0x19bc dot4 - ok
16:51:26.0170 0x19bc [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print C:\Windows\System32\drivers\Dot4Prt.sys
16:51:26.0178 0x19bc Dot4Print - ok
16:51:26.0182 0x19bc [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
16:51:26.0192 0x19bc dot4usb - ok
16:51:26.0199 0x19bc [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll
16:51:26.0214 0x19bc DPS - ok
16:51:26.0218 0x19bc [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:51:26.0229 0x19bc drmkaud - ok
16:51:26.0236 0x19bc [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
16:51:26.0251 0x19bc DsmSvc - ok
16:51:26.0283 0x19bc [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:51:26.0326 0x19bc DXGKrnl - ok
16:51:26.0343 0x19bc [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll
16:51:26.0357 0x19bc Eaphost - ok
16:51:26.0359 0x19bc EasyAntiCheat - ok
16:51:26.0423 0x19bc [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:51:26.0504 0x19bc ebdrv - ok
16:51:26.0511 0x19bc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe
16:51:26.0524 0x19bc EFS - ok
16:51:26.0528 0x19bc [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
16:51:26.0541 0x19bc EhStorClass - ok
16:51:26.0547 0x19bc [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
16:51:26.0559 0x19bc EhStorTcgDrv - ok
16:51:26.0563 0x19bc [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
16:51:26.0573 0x19bc ErrDev - ok
16:51:26.0590 0x19bc [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll
16:51:26.0612 0x19bc EventSystem - ok
16:51:26.0620 0x19bc [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
16:51:26.0638 0x19bc exfat - ok
16:51:26.0646 0x19bc [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:51:26.0661 0x19bc fastfat - ok
16:51:26.0676 0x19bc [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe
16:51:26.0699 0x19bc Fax - ok
16:51:26.0703 0x19bc [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
16:51:26.0714 0x19bc fdc - ok
16:51:26.0717 0x19bc [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll
16:51:26.0729 0x19bc fdPHost - ok
16:51:26.0733 0x19bc [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll
16:51:26.0744 0x19bc FDResPub - ok
16:51:26.0749 0x19bc [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll
16:51:26.0763 0x19bc fhsvc - ok
16:51:26.0767 0x19bc [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:51:26.0779 0x19bc FileInfo - ok
16:51:26.0782 0x19bc [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:51:26.0798 0x19bc Filetrace - ok
16:51:26.0801 0x19bc [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
16:51:26.0812 0x19bc flpydisk - ok
16:51:26.0823 0x19bc [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:51:26.0841 0x19bc FltMgr - ok
16:51:26.0870 0x19bc [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache C:\Windows\system32\FntCache.dll
16:51:26.0905 0x19bc FontCache - ok
16:51:26.0912 0x19bc [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:51:26.0939 0x19bc FontCache3.0.0.0 - ok
16:51:26.0943 0x19bc [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:51:26.0955 0x19bc FsDepends - ok
16:51:26.0959 0x19bc [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:51:26.0970 0x19bc Fs_Rec - ok
16:51:26.0984 0x19bc [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:51:27.0007 0x19bc fvevol - ok
16:51:27.0012 0x19bc [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
16:51:27.0022 0x19bc FxPPM - ok
16:51:27.0028 0x19bc [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:51:27.0039 0x19bc gagp30kx - ok
16:51:27.0042 0x19bc [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
16:51:27.0053 0x19bc gencounter - ok
16:51:27.0080 0x19bc [ 21931B9C5FDE6087F47F710AC1BE16E9, A727A8922A9769AAC77F5D85ED3475853655E9483C8DA091653D0B1F3D479398 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:51:27.0114 0x19bc GfExperienceService - ok
16:51:27.0122 0x19bc [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
16:51:27.0135 0x19bc GPIOClx0101 - ok
16:51:27.0163 0x19bc [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\Windows\System32\gpsvc.dll
16:51:27.0198 0x19bc gpsvc - ok
16:51:27.0208 0x19bc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:51:27.0232 0x19bc gupdate - ok
16:51:27.0237 0x19bc [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:51:27.0262 0x19bc gupdatem - ok
16:51:27.0266 0x19bc [ 7797D1580D933056023B822BB5CD0FE2, 24585AAFB43862AE4B9228B513658D906550EC8A475C67182933FB233621A85D ] Hamachi C:\Windows\system32\DRIVERS\Hamdrv.sys
16:51:27.0276 0x19bc Hamachi - ok
16:51:27.0325 0x19bc [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:51:27.0489 0x19bc Hamachi2Svc - ok
16:51:27.0505 0x19bc [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:51:27.0522 0x19bc HdAudAddService - ok
16:51:27.0528 0x19bc [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
16:51:27.0539 0x19bc HDAudBus - ok
16:51:27.0542 0x19bc HH10Help.sys - ok
16:51:27.0545 0x19bc [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
16:51:27.0556 0x19bc HidBatt - ok
16:51:27.0562 0x19bc [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys
16:51:27.0573 0x19bc HidBth - ok
16:51:27.0577 0x19bc [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
16:51:27.0589 0x19bc hidi2c - ok
16:51:27.0592 0x19bc [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
16:51:27.0604 0x19bc HidIr - ok
16:51:27.0608 0x19bc [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll
16:51:27.0619 0x19bc hidserv - ok
16:51:27.0624 0x19bc [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
16:51:27.0634 0x19bc HidUsb - ok
16:51:27.0673 0x19bc [ C193FE8507607B2917A6F9B554132559, 962B065219D305B2DE1B4816D234438FBF8F6A79D45389683A21657733C14D5B ] HiPatchService I:\Smite\HiPatchService.exe
16:51:27.0689 0x19bc HiPatchService - detected UnsignedFile.Multi.Generic ( 1 )
16:51:34.0247 0x19bc HiPatchService ( UnsignedFile.Multi.Generic ) - warning
16:51:41.0617 0x19bc [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll
16:51:41.0630 0x19bc hkmsvc - ok
16:51:41.0639 0x19bc [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:51:41.0655 0x19bc HomeGroupListener - ok
16:51:41.0667 0x19bc [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:51:41.0689 0x19bc HomeGroupProvider - ok
16:51:41.0704 0x19bc [ 0D0213498683414DDE29B1686A4C08D5, E9B64406C04B6E55CBD17E7C47B023CEA11FEE07B791154129D6F4F29D15AB7F ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:51:41.0722 0x19bc hpqcxs08 - ok
16:51:41.0727 0x19bc [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:51:41.0743 0x19bc hpqddsvc - ok
16:51:41.0747 0x19bc [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:51:41.0758 0x19bc HpSAMD - ok
16:51:41.0780 0x19bc [ C995EA1C6915D897E06D41AF95B9312C, 65DE6599F1C735BBDCCE4728F7F98167BCA0BF1B8D4218BBF7546B025C9A38BD ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:51:41.0805 0x19bc HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
16:51:48.0872 0x19bc Detect skipped due to KSN trusted
16:51:48.0872 0x19bc HPSLPSVC - ok
16:51:48.0893 0x19bc [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:51:48.0925 0x19bc HTTP - ok
16:51:48.0929 0x19bc [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:51:48.0939 0x19bc hwpolicy - ok
16:51:48.0943 0x19bc [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
16:51:48.0954 0x19bc hyperkbd - ok
16:51:48.0957 0x19bc [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
16:51:48.0967 0x19bc HyperVideo - ok
16:51:48.0974 0x19bc [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
16:51:48.0986 0x19bc i8042prt - ok
16:51:48.0990 0x19bc [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
16:51:48.0999 0x19bc iaLPSSi_GPIO - ok
16:51:49.0004 0x19bc [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
16:51:49.0014 0x19bc iaLPSSi_I2C - ok
16:51:49.0030 0x19bc [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
16:51:49.0053 0x19bc iaStorAV - ok
16:51:49.0065 0x19bc [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:51:49.0083 0x19bc iaStorV - ok
16:51:49.0085 0x19bc IEEtwCollectorService - ok
16:51:49.0108 0x19bc [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT C:\Windows\System32\ikeext.dll
16:51:49.0138 0x19bc IKEEXT - ok
16:51:49.0143 0x19bc [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
16:51:49.0153 0x19bc intelide - ok
16:51:49.0158 0x19bc [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
16:51:49.0168 0x19bc intelpep - ok
16:51:49.0188 0x19bc [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
16:51:49.0200 0x19bc intelppm - ok
16:51:49.0204 0x19bc [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:51:49.0218 0x19bc IpFilterDriver - ok
16:51:49.0239 0x19bc [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:51:49.0266 0x19bc iphlpsvc - ok
16:51:49.0272 0x19bc [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
16:51:49.0283 0x19bc IPMIDRV - ok
16:51:49.0289 0x19bc [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:51:49.0302 0x19bc IPNAT - ok
16:51:49.0318 0x19bc [ E8D96F840994291789F0CDE6800AC1A4, 35B39474B6385DA828D4212047F5C94775FC3C55E8C72EAA503D763D86F9BFB7 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:51:49.0342 0x19bc iPod Service - ok
16:51:49.0345 0x19bc [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:51:49.0358 0x19bc IRENUM - ok
16:51:49.0362 0x19bc [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:51:49.0372 0x19bc isapnp - ok
16:51:49.0382 0x19bc [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
16:51:49.0398 0x19bc iScsiPrt - ok
16:51:49.0402 0x19bc [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
16:51:49.0413 0x19bc kbdclass - ok
16:51:49.0417 0x19bc [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
16:51:49.0427 0x19bc kbdhid - ok
16:51:49.0431 0x19bc [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\Windows\system32\drivers\kbldfltr.sys
16:51:49.0441 0x19bc kbldfltr - ok
16:51:49.0444 0x19bc [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
16:51:49.0455 0x19bc kdnic - ok
16:51:49.0458 0x19bc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe
16:51:49.0470 0x19bc KeyIso - ok
16:51:49.0475 0x19bc [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:51:49.0488 0x19bc KSecDD - ok
16:51:49.0495 0x19bc [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:51:49.0508 0x19bc KSecPkg - ok
16:51:49.0512 0x19bc [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:51:49.0522 0x19bc ksthunk - ok
16:51:49.0532 0x19bc [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:51:49.0550 0x19bc KtmRm - ok
16:51:49.0561 0x19bc [ 86F06574763A0E7CDCD57DD85632E44F, 045940240494DBD1158C017754A14404E7D7F857D57DF78D4ECA326A2E3000B1 ] LADF_BakerCOnly C:\Windows\system32\DRIVERS\ladfBakerCamd64.sys
16:51:49.0578 0x19bc LADF_BakerCOnly - ok
16:51:49.0588 0x19bc [ 89B4981F949A14148365DE8D98A310B5, DE408582146B98C8867C49738E585A18ABC6C135DB51B9D20786EEEC34CFAFAB ] LADF_BakerROnly C:\Windows\system32\DRIVERS\ladfBakerRamd64.sys
16:51:49.0603 0x19bc LADF_BakerROnly - ok
16:51:49.0613 0x19bc [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\Windows\system32\srvsvc.dll
16:51:49.0630 0x19bc LanmanServer - ok
16:51:49.0639 0x19bc [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:51:49.0657 0x19bc LanmanWorkstation - ok
16:51:49.0671 0x19bc [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
16:51:49.0691 0x19bc lfsvc - ok
16:51:49.0695 0x19bc [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
16:51:49.0706 0x19bc LGBusEnum - ok
16:51:49.0711 0x19bc [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore C:\Windows\system32\drivers\LGJoyXlCore.sys
16:51:49.0722 0x19bc LGJoyXlCore - ok
16:51:49.0726 0x19bc [ 07B1C1927BAE6431D3DFB1816DF05BBA, 9B296F6E801D14CE89F5E3EA9B3962EE99E1D3E22077D075F5B0EE4FE3CAB65E ] lgLowAudio C:\Windows\system32\drivers\lgLowAudio.sys
16:51:49.0737 0x19bc lgLowAudio - ok
16:51:49.0741 0x19bc [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
16:51:49.0752 0x19bc LGVirHid - ok
16:51:49.0755 0x19bc [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:51:49.0768 0x19bc lltdio - ok
16:51:49.0777 0x19bc [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:51:49.0793 0x19bc lltdsvc - ok
16:51:49.0796 0x19bc [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:51:49.0807 0x19bc lmhosts - ok
16:51:49.0818 0x19bc [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
16:51:49.0836 0x19bc LMIGuardianSvc - ok
16:51:49.0842 0x19bc [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:51:49.0854 0x19bc LSI_SAS - ok
16:51:49.0859 0x19bc [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:51:49.0871 0x19bc LSI_SAS2 - ok
16:51:49.0875 0x19bc [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
16:51:49.0886 0x19bc LSI_SAS3 - ok
16:51:49.0890 0x19bc [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
16:51:49.0902 0x19bc LSI_SSS - ok
16:51:49.0920 0x19bc [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll
16:51:49.0944 0x19bc LSM - ok
16:51:49.0950 0x19bc [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
16:51:49.0963 0x19bc luafv - ok
16:51:49.0967 0x19bc [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
16:51:49.0979 0x19bc megasas - ok
16:51:49.0993 0x19bc [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
16:51:50.0014 0x19bc megasr - ok
16:51:50.0019 0x19bc [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\System32\drivers\HECIx64.sys
16:51:50.0066 0x19bc MEIx64 - ok
16:51:50.0070 0x19bc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll
16:51:50.0082 0x19bc MMCSS - ok
16:51:50.0086 0x19bc [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
16:51:50.0098 0x19bc Modem - ok
16:51:50.0102 0x19bc [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
16:51:50.0113 0x19bc monitor - ok
16:51:50.0117 0x19bc [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys
16:51:50.0128 0x19bc mouclass - ok
16:51:50.0132 0x19bc [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys
16:51:50.0142 0x19bc mouhid - ok
16:51:50.0147 0x19bc [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:51:50.0158 0x19bc mountmgr - ok
16:51:50.0165 0x19bc [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:51:50.0187 0x19bc MozillaMaintenance - ok
16:51:50.0191 0x19bc [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:51:50.0203 0x19bc mpsdrv - ok
16:51:50.0235 0x19bc [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\Windows\system32\mpssvc.dll
16:51:50.0261 0x19bc MpsSvc - ok
16:51:50.0310 0x19bc [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:51:50.0323 0x19bc MRxDAV - ok
16:51:50.0344 0x19bc [ 61000E7155E92342D0D5338CE05D102A, BCFA1A82B9727040C496A84F42D4613B96EC445018BDFBF2E180889B1B561559 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:51:50.0362 0x19bc mrxsmb - ok
16:51:50.0372 0x19bc [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:51:50.0389 0x19bc mrxsmb10 - ok
16:51:50.0396 0x19bc [ B0A106352DEF6D52332EA39E00462EA7, 274422C1E172B673130944F2FF2A2D9A9A364CFFC02FD04DD7D6D45B34C5022A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:51:50.0409 0x19bc mrxsmb20 - ok
16:51:50.0415 0x19bc [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
16:51:50.0427 0x19bc MsBridge - ok
16:51:50.0433 0x19bc [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe
16:51:50.0447 0x19bc MSDTC - ok
16:51:50.0452 0x19bc [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:51:50.0465 0x19bc Msfs - ok
16:51:50.0469 0x19bc [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
16:51:50.0480 0x19bc msgpiowin32 - ok
16:51:50.0483 0x19bc [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:51:50.0493 0x19bc mshidkmdf - ok
16:51:50.0495 0x19bc [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
16:51:50.0506 0x19bc mshidumdf - ok
16:51:50.0510 0x19bc [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:51:50.0520 0x19bc msisadrv - ok
16:51:50.0526 0x19bc [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:51:50.0540 0x19bc MSiSCSI - ok
16:51:50.0542 0x19bc msiserver - ok
16:51:50.0547 0x19bc [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
16:51:50.0559 0x19bc MsKeyboardFilter - ok
16:51:50.0562 0x19bc [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:51:50.0572 0x19bc MSKSSRV - ok
16:51:50.0577 0x19bc [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
16:51:50.0588 0x19bc MsLldp - ok
16:51:50.0591 0x19bc [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:51:50.0601 0x19bc MSPCLOCK - ok
16:51:50.0604 0x19bc [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:51:50.0614 0x19bc MSPQM - ok
16:51:50.0624 0x19bc [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:51:50.0643 0x19bc MsRPC - ok
16:51:50.0648 0x19bc [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
16:51:50.0659 0x19bc mssmbios - ok
16:51:50.0661 0x19bc [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:51:50.0671 0x19bc MSTEE - ok
16:51:50.0674 0x19bc [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
16:51:50.0685 0x19bc MTConfig - ok
16:51:50.0689 0x19bc [ 640617B6E682A150C36BE39D78547F6C, 784F712E9DC3EEE81F07946BBA08AA2BEAC7B3961E430B75043645EF7ECA715C ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
16:51:50.0698 0x19bc MTsensor - ok
16:51:50.0702 0x19bc [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
16:51:50.0714 0x19bc Mup - ok
16:51:50.0718 0x19bc [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
16:51:50.0728 0x19bc mvumis - ok
16:51:50.0740 0x19bc [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll
16:51:50.0759 0x19bc napagent - ok
16:51:50.0771 0x19bc [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:51:50.0789 0x19bc NativeWifiP - ok
16:51:50.0796 0x19bc [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll
16:51:50.0809 0x19bc NcaSvc - ok
16:51:50.0816 0x19bc [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll
16:51:50.0830 0x19bc NcbService - ok
16:51:50.0834 0x19bc [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
16:51:50.0847 0x19bc NcdAutoSetup - ok
16:51:50.0870 0x19bc [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:51:50.0904 0x19bc NDIS - ok
16:51:50.0909 0x19bc [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:51:50.0920 0x19bc NdisCap - ok
16:51:50.0925 0x19bc [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
16:51:50.0937 0x19bc NdisImPlatform - ok
16:51:50.0941 0x19bc [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:51:50.0951 0x19bc NdisTapi - ok
16:51:50.0955 0x19bc [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:51:50.0966 0x19bc Ndisuio - ok
16:51:50.0969 0x19bc [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
16:51:50.0981 0x19bc NdisVirtualBus - ok
16:51:50.0989 0x19bc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:51:51.0005 0x19bc NdisWan - ok
16:51:51.0011 0x19bc [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
16:51:51.0027 0x19bc NdisWanLegacy - ok
16:51:51.0032 0x19bc [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:51:51.0044 0x19bc NDProxy - ok
16:51:51.0048 0x19bc [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys
16:51:51.0060 0x19bc Ndu - ok
16:51:51.0065 0x19bc [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
16:51:51.0076 0x19bc Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:51:58.0450 0x19bc Detect skipped due to KSN trusted
16:51:58.0450 0x19bc Net Driver HPZ12 - ok
16:51:58.0454 0x19bc [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:51:58.0465 0x19bc NetBIOS - ok
16:51:58.0478 0x19bc [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:51:58.0494 0x19bc NetBT - ok
16:51:58.0498 0x19bc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe
16:51:58.0510 0x19bc Netlogon - ok
16:51:58.0519 0x19bc [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll
16:51:58.0535 0x19bc Netman - ok
16:51:58.0550 0x19bc [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll
16:51:58.0571 0x19bc netprofm - ok
16:51:58.0589 0x19bc [ F3A1D8B7317939813568992D1BFDDE37, 816829E4B8DF5C6A2B09685ED45E844D8DE2C2721C90490A2957227025D057A0 ] netr7364 C:\Windows\system32\DRIVERS\netr7364.sys
16:51:58.0612 0x19bc netr7364 - ok
16:51:58.0626 0x19bc [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:51:58.0658 0x19bc NetTcpPortSharing - ok
16:51:58.0663 0x19bc [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\Windows\System32\drivers\netvsc63.sys
16:51:58.0675 0x19bc netvsc - ok
16:51:58.0686 0x19bc [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\Windows\System32\nlasvc.dll
16:51:58.0704 0x19bc NlaSvc - ok
16:51:58.0708 0x19bc [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:51:58.0722 0x19bc Npfs - ok
16:51:58.0725 0x19bc [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
16:51:58.0737 0x19bc npsvctrig - ok
16:51:58.0740 0x19bc [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll
16:51:58.0752 0x19bc nsi - ok
16:51:58.0756 0x19bc [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:51:58.0767 0x19bc nsiproxy - ok
16:51:58.0808 0x19bc [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:51:58.0866 0x19bc Ntfs - ok
16:51:58.0871 0x19bc [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
16:51:58.0882 0x19bc Null - ok
16:51:58.0889 0x19bc [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
16:51:58.0903 0x19bc NVHDA - ok
16:51:59.0084 0x19bc [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:52:00.0849 0x19bc nvlddmkm - ok
16:52:00.0866 0x19bc [ 37B0088B8E7F2A8AD0AE2281A70E0D13, 50256EEADBBC5CCCF3EBAEB9020D91EDB9961E7404BD41067A4290362BE6962F ] NVNET C:\Windows\system32\DRIVERS\nvmf6264.sys
16:52:00.0882 0x19bc NVNET - ok
16:52:00.0921 0x19bc [ 72DD6225BA6055472522195F96473639, 27C8F847B247645061C0CD6DFCC986DA27638A9DFE686040160DFDCF7B3A6E72 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:52:00.0983 0x19bc NvNetworkService - ok
16:52:00.0990 0x19bc [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:52:01.0004 0x19bc nvraid - ok
16:52:01.0010 0x19bc [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:52:01.0024 0x19bc nvstor - ok
16:52:01.0034 0x19bc [ 4680DDDDDBA1CB1D56D49B4A6134155C, BF6E538BC10B23F6D93143F5C48155245852798D4846F401E0DA70A5BCFC74E1 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:52:01.0042 0x19bc NvStreamKms - ok
16:52:01.0143 0x19bc [ E14F52B60581EE71849CD45186892046, 72B3E92CD34489306AB7D794C4C1F67513DE80C72A847DCF7A3EEFE2254762D0 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:52:01.0268 0x19bc NvStreamSvc - ok
16:52:01.0293 0x19bc [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc C:\Windows\system32\nvvsvc.exe
16:52:01.0324 0x19bc nvsvc - ok
16:52:01.0328 0x19bc [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
16:52:01.0339 0x19bc nvvad_WaveExtensible - ok
16:52:01.0344 0x19bc [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:52:01.0357 0x19bc nv_agp - ok
16:52:01.0399 0x19bc [ 7C77BE6B074F774355B582B4C8E8C850, 046208210A9BD4AE9D20A2EE1C886F740C5BC1ECACEA2F55D6627F7FDD013D21 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:52:01.0499 0x19bc Origin Client Service - ok
16:52:01.0508 0x19bc [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:52:01.0546 0x19bc ose - ok
16:52:01.0638 0x19bc [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:52:01.0750 0x19bc osppsvc - ok
16:52:01.0764 0x19bc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:52:01.0781 0x19bc p2pimsvc - ok
16:52:01.0794 0x19bc [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\Windows\system32\p2psvc.dll
16:52:01.0812 0x19bc p2psvc - ok
16:52:01.0818 0x19bc [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
16:52:01.0830 0x19bc Parport - ok
16:52:01.0835 0x19bc [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:52:01.0846 0x19bc partmgr - ok
16:52:01.0859 0x19bc [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:52:01.0879 0x19bc PcaSvc - ok
16:52:01.0890 0x19bc [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
16:52:01.0905 0x19bc pci - ok
16:52:01.0909 0x19bc [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
16:52:01.0918 0x19bc pciide - ok
16:52:01.0925 0x19bc [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:52:01.0937 0x19bc pcmcia - ok
16:52:01.0941 0x19bc [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
16:52:01.0952 0x19bc pcw - ok
16:52:01.0957 0x19bc [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
16:52:01.0969 0x19bc pdc - ok
16:52:01.0985 0x19bc [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:52:02.0006 0x19bc PEAUTH - ok
16:52:02.0049 0x19bc [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:52:02.0098 0x19bc PeerDistSvc - ok
16:52:02.0139 0x19bc [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:52:02.0154 0x19bc PerfHost - ok
16:52:02.0188 0x19bc [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll
16:52:02.0226 0x19bc pla - ok
16:52:02.0234 0x19bc [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:52:02.0248 0x19bc PlugPlay - ok
16:52:02.0253 0x19bc [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
16:52:02.0261 0x19bc Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:52:05.0898 0x19bc Detect skipped due to KSN trusted
16:52:05.0898 0x19bc Pml Driver HPZ12 - ok
16:52:05.0900 0x19bc PnkBstrA - ok
16:52:05.0903 0x19bc [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:52:05.0915 0x19bc PNRPAutoReg - ok
16:52:05.0925 0x19bc [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:52:05.0943 0x19bc PNRPsvc - ok
16:52:05.0954 0x19bc [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:52:05.0972 0x19bc PolicyAgent - ok
16:52:05.0978 0x19bc [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll
16:52:05.0991 0x19bc Power - ok
16:52:06.0051 0x19bc [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
16:52:06.0114 0x19bc PrintNotify - ok
16:52:06.0122 0x19bc [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
16:52:06.0133 0x19bc Processor - ok
16:52:06.0142 0x19bc [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll
16:52:06.0157 0x19bc ProfSvc - ok
16:52:06.0164 0x19bc [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:52:06.0178 0x19bc Psched - ok
16:52:06.0188 0x19bc [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll
16:52:06.0204 0x19bc QWAVE - ok
16:52:06.0208 0x19bc [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:52:06.0220 0x19bc QWAVEdrv - ok
16:52:06.0223 0x19bc [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:52:06.0233 0x19bc RasAcd - ok
16:52:06.0239 0x19bc [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll
16:52:06.0252 0x19bc RasAuto - ok
16:52:06.0266 0x19bc [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\Windows\System32\rasmans.dll
16:52:06.0287 0x19bc RasMan - ok
16:52:06.0292 0x19bc [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:52:06.0306 0x19bc RasPppoe - ok
16:52:06.0318 0x19bc [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:52:06.0336 0x19bc rdbss - ok
16:52:06.0341 0x19bc [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
16:52:06.0351 0x19bc rdpbus - ok
16:52:06.0359 0x19bc [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:52:06.0373 0x19bc RDPDR - ok
16:52:06.0379 0x19bc [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:52:06.0389 0x19bc RdpVideoMiniport - ok
16:52:06.0397 0x19bc [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:52:06.0412 0x19bc rdyboost - ok
16:52:06.0433 0x19bc [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\Windows\system32\drivers\ReFS.sys
16:52:06.0466 0x19bc ReFS - ok
16:52:06.0476 0x19bc [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:52:06.0492 0x19bc RemoteAccess - ok
16:52:06.0499 0x19bc [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:52:06.0513 0x19bc RemoteRegistry - ok
16:52:06.0521 0x19bc [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
16:52:06.0534 0x19bc RFCOMM - ok
16:52:06.0539 0x19bc [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:52:06.0552 0x19bc RpcEptMapper - ok
16:52:06.0555 0x19bc [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe
16:52:06.0566 0x19bc RpcLocator - ok
16:52:06.0584 0x19bc [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\Windows\system32\rpcss.dll
16:52:06.0610 0x19bc RpcSs - ok
16:52:06.0615 0x19bc [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:52:06.0628 0x19bc rspndr - ok
16:52:06.0643 0x19bc [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
16:52:06.0663 0x19bc RTL8168 - ok
16:52:06.0666 0x19bc [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
16:52:06.0677 0x19bc s3cap - ok
16:52:06.0681 0x19bc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe
16:52:06.0693 0x19bc SamSs - ok
16:52:06.0723 0x19bc [ 791EE9F4A82FC4E13133F107C1C4C286, F7B9E57D08EF68B17ADF70C2D1F7623EAE13CAADE5ACFF4CD54FB89DFDEAD9C6 ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
16:52:06.0759 0x19bc SAVAdminService - ok
16:52:06.0766 0x19bc [ 389609560D81988DA2B78F7AFE1384F0, 3AE26F2E4018D45027AA0DE09A0E58BF5F93A7E036AB73188B57C530869B0189 ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
16:52:06.0779 0x19bc SAVOnAccess - ok
16:52:06.0786 0x19bc [ D99F39D77432D1E979C1D918597C8A3E, 738740DB028B9A9838466714914A844AF72A669BAE1243123780F2C2FCD132CC ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
16:52:06.0814 0x19bc SAVService - ok
16:52:06.0821 0x19bc [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:52:06.0833 0x19bc sbp2port - ok
16:52:06.0841 0x19bc [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:52:06.0856 0x19bc SCardSvr - ok
16:52:06.0861 0x19bc [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
16:52:06.0875 0x19bc ScDeviceEnum - ok
16:52:06.0879 0x19bc [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:52:06.0891 0x19bc scfilter - ok
16:52:06.0917 0x19bc [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule C:\Windows\system32\schedsvc.dll
16:52:06.0950 0x19bc Schedule - ok
|
|
18.02.2016, 17:05
| #8 |
| | Versuchte Zugriffe auf Accounts TDSSKiller Report 2/2: Code:
ATTFilter 16:52:06.0958 0x19bc [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:52:06.0971 0x19bc SCPolicySvc - ok
16:52:06.0981 0x19bc [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys
16:52:06.0995 0x19bc sdbus - ok
16:52:07.0000 0x19bc [ 75B98959013B22F8F40C08095B8AB73C, EF608EFBF72AF48EFC9352FCEDF0523BDBA6055612FFD22654E3B241AA9C8033 ] sdcfilter C:\Windows\system32\DRIVERS\sdcfilter.sys
16:52:07.0009 0x19bc sdcfilter - ok
16:52:07.0015 0x19bc [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
16:52:07.0026 0x19bc sdstor - ok
16:52:07.0029 0x19bc [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:52:07.0040 0x19bc secdrv - ok
16:52:07.0043 0x19bc [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\Windows\system32\seclogon.dll
16:52:07.0056 0x19bc seclogon - ok
16:52:07.0061 0x19bc [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll
16:52:07.0074 0x19bc SENS - ok
16:52:07.0082 0x19bc [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:52:07.0097 0x19bc SensrSvc - ok
16:52:07.0102 0x19bc [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
16:52:07.0114 0x19bc SerCx - ok
16:52:07.0121 0x19bc [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
16:52:07.0134 0x19bc SerCx2 - ok
16:52:07.0137 0x19bc [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
16:52:07.0148 0x19bc Serenum - ok
16:52:07.0153 0x19bc [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
16:52:07.0165 0x19bc Serial - ok
16:52:07.0169 0x19bc [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys
16:52:07.0179 0x19bc sermouse - ok
16:52:07.0191 0x19bc [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\Windows\system32\sessenv.dll
16:52:07.0211 0x19bc SessionEnv - ok
16:52:07.0214 0x19bc [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
16:52:07.0225 0x19bc sfloppy - ok
16:52:07.0237 0x19bc [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:52:07.0256 0x19bc SharedAccess - ok
16:52:07.0276 0x19bc [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:52:07.0302 0x19bc ShellHWDetection - ok
16:52:07.0305 0x19bc [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:52:07.0316 0x19bc SiSRaid2 - ok
16:52:07.0321 0x19bc [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:52:07.0332 0x19bc SiSRaid4 - ok
16:52:07.0342 0x19bc [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:52:07.0380 0x19bc SkypeUpdate - ok
16:52:07.0384 0x19bc [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll
16:52:07.0394 0x19bc smphost - ok
16:52:07.0399 0x19bc [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:52:07.0411 0x19bc SNMPTRAP - ok
16:52:07.0421 0x19bc [ BEBFF064A8DC3C2FF634B7CFDCF6778B, DB49FDBB625112EFABC9E893DB61DD2E92F1BD06191450C33BF95FCEF0F415AA ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
16:52:07.0453 0x19bc Sophos AutoUpdate Service - ok
16:52:07.0463 0x19bc [ E26625A4A22E5BADF495B8FB613F27AD, C040328B0838A1DD2F5E12863611B3755681697D1ADA2F0C014694762B4F8F72 ] Sophos Web Control Service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Control\swc_service.exe
16:52:07.0524 0x19bc Sophos Web Control Service - ok
16:52:07.0528 0x19bc [ FFD056D55C46946ACA218F0A61DA2743, A9E3910EBEFC8674704F42C6D43A12A521C212B911D46FCD669D8AAFA8381C55 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
16:52:07.0538 0x19bc SophosBootDriver - ok
16:52:07.0551 0x19bc [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\Windows\system32\drivers\spaceport.sys
16:52:07.0569 0x19bc spaceport - ok
16:52:07.0573 0x19bc [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
16:52:07.0585 0x19bc SpbCx - ok
16:52:07.0604 0x19bc [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\Windows\System32\spoolsv.exe
16:52:07.0630 0x19bc Spooler - ok
16:52:07.0745 0x19bc [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
16:52:07.0890 0x19bc sppsvc - ok
16:52:07.0906 0x19bc [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:52:07.0924 0x19bc srv - ok
16:52:07.0941 0x19bc [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:52:07.0963 0x19bc srv2 - ok
16:52:07.0973 0x19bc [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:52:07.0988 0x19bc srvnet - ok
16:52:07.0996 0x19bc [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:52:08.0012 0x19bc SSDPSRV - ok
16:52:08.0016 0x19bc [ 9D961B6C067BC90FEE9BB9BF22C1372E, DBD98567D38751767024C228AC09E597509791452F7672CC4EF5915C3B830E71 ] sshid C:\Windows\System32\drivers\sshid.sys
16:52:08.0027 0x19bc sshid - ok
16:52:08.0034 0x19bc [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:52:08.0048 0x19bc SstpSvc - ok
16:52:08.0056 0x19bc [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:52:08.0069 0x19bc ssudmdm - ok
16:52:08.0089 0x19bc [ 591249EA969797C2A24629AF7C71A6F8, 61F28FB495657916514DE2A7FFD4AD833A1B2BBA5591616BE0C9CCD7DAFA40B7 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:52:08.0139 0x19bc Steam Client Service - ok
16:52:08.0153 0x19bc [ 49B1E5AF3AA400752A20BE169CB73DFA, D990BC79B289912EB07F3FD50F1236C593A45C5E9B7BD8162269687258E07CE2 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:52:08.0188 0x19bc Stereo Service - ok
16:52:08.0192 0x19bc [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:52:08.0202 0x19bc stexstor - ok
16:52:08.0218 0x19bc [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll
16:52:08.0243 0x19bc stisvc - ok
16:52:08.0248 0x19bc [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
16:52:08.0260 0x19bc storahci - ok
16:52:08.0264 0x19bc [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:52:08.0276 0x19bc storflt - ok
16:52:08.0280 0x19bc [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
16:52:08.0291 0x19bc stornvme - ok
16:52:08.0295 0x19bc [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll
16:52:08.0307 0x19bc StorSvc - ok
16:52:08.0311 0x19bc [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:52:08.0323 0x19bc storvsc - ok
16:52:08.0327 0x19bc [ 7D123389FCD97D84881BA9C07012BA0C, 044442D8FCFE7935A025602F817C726576BA1C515CB594C4320A8AC6D8DA8F41 ] storvsp C:\Windows\System32\drivers\storvsp.sys
16:52:08.0339 0x19bc storvsp - ok
16:52:08.0343 0x19bc [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll
16:52:08.0354 0x19bc svsvc - ok
16:52:08.0358 0x19bc [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys
16:52:08.0368 0x19bc swenum - ok
16:52:08.0372 0x19bc [ 6E08BD408572E27A6BD1ED615A2AFA84, FACA5D621F34B6DA9B18096D817531A268EC1DC07B03B68D740BC8095EB1083C ] swi_callout C:\Windows\system32\DRIVERS\swi_callout.sys
16:52:08.0382 0x19bc swi_callout - ok
16:52:08.0391 0x19bc [ 924EB991407B4628D176749A94241E66, F34EDBE913ACFAAD66093CB78D68996BC1205A9B68F3A834F65304F2508770C7 ] swi_filter C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_filter.exe
16:52:08.0542 0x19bc swi_filter - ok
16:52:08.0604 0x19bc [ C21DC9916D355CAE580D61080BDAB2B0, 87CD569B97311B69972A8FC7BD56F54D2E49AE2D3805FE379FF29E7D74DA09C9 ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
16:52:08.0696 0x19bc swi_service - ok
16:52:08.0715 0x19bc [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll
16:52:08.0741 0x19bc swprv - ok
16:52:08.0767 0x19bc [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain C:\Windows\system32\sysmain.dll
16:52:08.0801 0x19bc SysMain - ok
16:52:08.0811 0x19bc [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
16:52:08.0828 0x19bc SystemEventsBroker - ok
16:52:08.0834 0x19bc [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:52:08.0848 0x19bc TabletInputService - ok
16:52:08.0858 0x19bc [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll
16:52:08.0877 0x19bc TapiSrv - ok
16:52:08.0926 0x19bc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:52:08.0991 0x19bc Tcpip - ok
16:52:09.0040 0x19bc [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:52:09.0104 0x19bc TCPIP6 - ok
16:52:09.0111 0x19bc [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:52:09.0123 0x19bc tcpipreg - ok
16:52:09.0129 0x19bc [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:52:09.0141 0x19bc tdx - ok
16:52:09.0241 0x19bc [ E1E13735B6D2FE4FFEAEB91989B9C46F, 32CCCDD17C72ECBD96BB15B9362AD5BC0B173E95F9A4045F084719A5E956932B ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:52:09.0900 0x19bc TeamViewer - ok
16:52:09.0909 0x19bc [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
16:52:09.0921 0x19bc terminpt - ok
16:52:09.0944 0x19bc [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\Windows\System32\termsrv.dll
16:52:09.0979 0x19bc TermService - ok
16:52:09.0986 0x19bc [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll
16:52:10.0001 0x19bc Themes - ok
16:52:10.0006 0x19bc [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll
16:52:10.0018 0x19bc THREADORDER - ok
16:52:10.0027 0x19bc [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
16:52:10.0044 0x19bc TimeBroker - ok
16:52:10.0051 0x19bc [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys
16:52:10.0066 0x19bc TPM - ok
16:52:10.0071 0x19bc [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll
16:52:10.0086 0x19bc TrkWks - ok
16:52:10.0090 0x19bc [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:52:10.0106 0x19bc TrustedInstaller - ok
16:52:10.0113 0x19bc [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:52:10.0125 0x19bc TsUsbFlt - ok
16:52:10.0129 0x19bc [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
16:52:10.0140 0x19bc TsUsbGD - ok
16:52:10.0146 0x19bc [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:52:10.0160 0x19bc tunnel - ok
16:52:10.0179 0x19bc [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:52:10.0192 0x19bc uagp35 - ok
16:52:10.0197 0x19bc [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
16:52:10.0211 0x19bc UASPStor - ok
16:52:10.0229 0x19bc [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
16:52:10.0247 0x19bc UCX01000 - ok
16:52:10.0259 0x19bc [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:52:10.0278 0x19bc udfs - ok
16:52:10.0282 0x19bc [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
16:52:10.0294 0x19bc UEFI - ok
16:52:10.0301 0x19bc [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:52:10.0314 0x19bc UI0Detect - ok
16:52:10.0334 0x19bc [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:52:10.0347 0x19bc uliagpkx - ok
16:52:10.0351 0x19bc [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
16:52:10.0364 0x19bc umbus - ok
16:52:10.0367 0x19bc [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
16:52:10.0379 0x19bc UmPass - ok
16:52:10.0389 0x19bc [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\Windows\System32\umrdp.dll
16:52:10.0406 0x19bc UmRdpService - ok
16:52:10.0419 0x19bc [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll
16:52:10.0441 0x19bc upnphost - ok
16:52:10.0448 0x19bc [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
16:52:10.0461 0x19bc usbaudio - ok
16:52:10.0468 0x19bc [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
16:52:10.0483 0x19bc usbccgp - ok
16:52:10.0493 0x19bc [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys
16:52:10.0506 0x19bc usbcir - ok
16:52:10.0512 0x19bc [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci C:\Windows\System32\drivers\usbehci.sys
16:52:10.0524 0x19bc usbehci - ok
16:52:10.0539 0x19bc [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub C:\Windows\System32\drivers\usbhub.sys
16:52:10.0560 0x19bc usbhub - ok
16:52:10.0574 0x19bc [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
16:52:10.0595 0x19bc USBHUB3 - ok
16:52:10.0599 0x19bc [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys
16:52:10.0610 0x19bc usbohci - ok
16:52:10.0614 0x19bc [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
16:52:10.0626 0x19bc usbprint - ok
16:52:10.0630 0x19bc [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\Windows\System32\drivers\usbscan.sys
16:52:10.0641 0x19bc usbscan - ok
16:52:10.0649 0x19bc [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
16:52:10.0667 0x19bc USBSTOR - ok
16:52:10.0672 0x19bc [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
16:52:10.0683 0x19bc usbuhci - ok
16:52:10.0695 0x19bc [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
16:52:10.0712 0x19bc USBXHCI - ok
16:52:10.0716 0x19bc [ B73B55A194BEAF71985211279585A316, A40B0E362ABF4F33818696150086C4FBCA38F6E306838C825C73F57F55A49347 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
16:52:10.0727 0x19bc usb_rndisx - ok
16:52:10.0736 0x19bc [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe
16:52:10.0755 0x19bc VaultSvc - ok
16:52:10.0763 0x19bc [ CDA796F41C2B64CEEC143B3A86904CFB, 8D9CACB74608C145A75424F4169E447A9EFA0EC3DD1412F097B56F86C0FC8E6E ] VBoxDrv C:\Windows\system32\DRIVERS\VBoxDrv.sys
16:52:10.0781 0x19bc VBoxDrv - ok
16:52:10.0787 0x19bc [ 8CD776EB77695524CCE594AAC3A71569, AEF6F9B0E5F67E87819EB0E9FA5220EEF247A160A2BF8511CEDC8D12A9D4D941 ] VBoxNetAdp C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
16:52:10.0800 0x19bc VBoxNetAdp - ok
16:52:10.0806 0x19bc [ 39D80811EB7E87CD7F682A3124693CBA, C90A08CCE322FB01F5D8E7CE269CFC5B91E7A30FC4BCCEE047C636D651E5A59A ] VBoxNetFlt C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
16:52:10.0821 0x19bc VBoxNetFlt - ok
16:52:10.0827 0x19bc [ 248C6ADD9467AF319D1882A5E8B12966, EE23FB426C6408354A1D212978528F5ECA8ADBB7441C5734F5675D7306235163 ] VBoxUSBMon C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
16:52:10.0839 0x19bc VBoxUSBMon - ok
16:52:10.0848 0x19bc [ DBDEF06F1EA1E942BB141F0C2BE9992A, FFD74B73E122A568077F2BF5157FD2ADC37F9C8DDB1F0850BA2271C96A232B35 ] VC10SecS C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe
16:52:10.0936 0x19bc VC10SecS - ok
16:52:10.0940 0x19bc [ F0FAF3FB9B138F8CAFB65ECFFE9F4AB6, E0869E4E9271B484209BB44E6E17D99BE6CEA08A983132C0D69FA373202B14D7 ] vcd10bus C:\Windows\System32\drivers\vcd10bus.sys
16:52:10.0950 0x19bc vcd10bus - ok
16:52:10.0958 0x19bc [ B61BDFD94D4C7B37BF4C898B32BA6396, 4D4DAAFCFDCA6495FE50D77988067023262AE0448148E899AC1C8FAA20A18437 ] vdrv1000 C:\Windows\System32\drivers\vdrv1000.sys
16:52:10.0971 0x19bc vdrv1000 - ok
16:52:10.0977 0x19bc [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:52:10.0988 0x19bc vdrvroot - ok
16:52:11.0015 0x19bc [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe
16:52:11.0053 0x19bc vds - ok
16:52:11.0061 0x19bc [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
16:52:11.0076 0x19bc VerifierExt - ok
16:52:11.0093 0x19bc [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
16:52:11.0116 0x19bc vhdmp - ok
16:52:11.0120 0x19bc [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
16:52:11.0130 0x19bc viaide - ok
16:52:11.0138 0x19bc [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\Windows\System32\drivers\Vid.sys
16:52:11.0152 0x19bc Vid - ok
16:52:11.0158 0x19bc [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:52:11.0171 0x19bc vmbus - ok
16:52:11.0174 0x19bc [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
16:52:11.0185 0x19bc VMBusHID - ok
16:52:11.0192 0x19bc [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
16:52:11.0205 0x19bc vmbusr - ok
16:52:11.0218 0x19bc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
16:52:11.0241 0x19bc vmicguestinterface - ok
16:52:11.0254 0x19bc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
16:52:11.0275 0x19bc vmicheartbeat - ok
16:52:11.0288 0x19bc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
16:52:11.0309 0x19bc vmickvpexchange - ok
16:52:11.0322 0x19bc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll
16:52:11.0343 0x19bc vmicrdv - ok
16:52:11.0356 0x19bc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll
16:52:11.0378 0x19bc vmicshutdown - ok
16:52:11.0391 0x19bc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll
16:52:11.0413 0x19bc vmictimesync - ok
16:52:11.0426 0x19bc [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll
16:52:11.0448 0x19bc vmicvss - ok
16:52:11.0454 0x19bc [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:52:11.0466 0x19bc volmgr - ok
16:52:11.0477 0x19bc [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:52:11.0496 0x19bc volmgrx - ok
16:52:11.0508 0x19bc [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:52:11.0525 0x19bc volsnap - ok
16:52:11.0530 0x19bc [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\Windows\System32\drivers\vpci.sys
16:52:11.0542 0x19bc vpci - ok
16:52:11.0546 0x19bc [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
16:52:11.0558 0x19bc vpcivsp - ok
16:52:11.0565 0x19bc [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:52:11.0578 0x19bc vsmraid - ok
16:52:11.0607 0x19bc [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\Windows\system32\vssvc.exe
16:52:11.0646 0x19bc VSS - ok
16:52:11.0657 0x19bc [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
16:52:11.0675 0x19bc VSTXRAID - ok
16:52:11.0680 0x19bc [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:52:11.0690 0x19bc vwifibus - ok
16:52:11.0695 0x19bc [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:52:11.0707 0x19bc vwififlt - ok
16:52:11.0718 0x19bc [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll
16:52:11.0737 0x19bc W32Time - ok
16:52:11.0742 0x19bc [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
16:52:11.0753 0x19bc WacomPen - ok
16:52:11.0785 0x19bc [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\Windows\system32\wbengine.exe
16:52:11.0825 0x19bc wbengine - ok
16:52:11.0839 0x19bc [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:52:11.0859 0x19bc WbioSrvc - ok
16:52:11.0870 0x19bc [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
16:52:11.0889 0x19bc Wcmsvc - ok
16:52:11.0901 0x19bc [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:52:11.0921 0x19bc wcncsvc - ok
16:52:11.0926 0x19bc [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:52:11.0938 0x19bc WcsPlugInService - ok
16:52:11.0943 0x19bc [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
16:52:11.0955 0x19bc WdBoot - ok
16:52:11.0958 0x19bc [ D0335A55E5C3F812548E18300C2ACB62, 7EF7C3A21E97197E1A6D2956D0F5A7C23F2D590C9709708394426031634990A5 ] WDC_SAM C:\Windows\System32\drivers\wdcsam64.sys
16:52:11.0969 0x19bc WDC_SAM - ok
16:52:11.0988 0x19bc [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:52:12.0019 0x19bc Wdf01000 - ok
16:52:12.0030 0x19bc [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
16:52:12.0045 0x19bc WdFilter - ok
16:52:12.0050 0x19bc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:52:12.0065 0x19bc WdiServiceHost - ok
16:52:12.0069 0x19bc [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:52:12.0083 0x19bc WdiSystemHost - ok
16:52:12.0088 0x19bc [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
16:52:12.0101 0x19bc WdNisDrv - ok
16:52:12.0104 0x19bc WdNisSvc - ok
16:52:12.0111 0x19bc [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient C:\Windows\System32\webclnt.dll
16:52:12.0127 0x19bc WebClient - ok
16:52:12.0134 0x19bc [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:52:12.0150 0x19bc Wecsvc - ok
16:52:12.0154 0x19bc [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
16:52:12.0165 0x19bc WEPHOSTSVC - ok
16:52:12.0170 0x19bc [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:52:12.0186 0x19bc wercplsupport - ok
16:52:12.0191 0x19bc [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll
16:52:12.0206 0x19bc WerSvc - ok
16:52:12.0211 0x19bc [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
16:52:12.0225 0x19bc WFPLWFS - ok
16:52:12.0229 0x19bc [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll
16:52:12.0242 0x19bc WiaRpc - ok
16:52:12.0246 0x19bc [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:52:12.0257 0x19bc WIMMount - ok
16:52:12.0258 0x19bc WinDefend - ok
16:52:12.0278 0x19bc [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
16:52:12.0308 0x19bc WinHttpAutoProxySvc - ok
16:52:12.0323 0x19bc [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:52:12.0339 0x19bc Winmgmt - ok
16:52:12.0389 0x19bc [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\Windows\system32\WsmSvc.dll
16:52:12.0455 0x19bc WinRM - ok
16:52:12.0465 0x19bc [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:52:12.0476 0x19bc WinUsb - ok
16:52:12.0506 0x19bc [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\Windows\System32\wlansvc.dll
16:52:12.0544 0x19bc WlanSvc - ok
16:52:12.0578 0x19bc [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll
16:52:12.0617 0x19bc wlidsvc - ok
16:52:12.0622 0x19bc [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
16:52:12.0631 0x19bc WmiAcpi - ok
16:52:12.0640 0x19bc [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:52:12.0654 0x19bc wmiApSrv - ok
16:52:12.0657 0x19bc WMPNetworkSvc - ok
16:52:12.0663 0x19bc [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
16:52:12.0676 0x19bc Wof - ok
16:52:12.0712 0x19bc [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
16:52:12.0756 0x19bc workfolderssvc - ok
16:52:12.0762 0x19bc [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
16:52:12.0774 0x19bc wpcfltr - ok
16:52:12.0778 0x19bc [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:52:12.0790 0x19bc WPCSvc - ok
16:52:12.0794 0x19bc [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:52:12.0808 0x19bc WPDBusEnum - ok
16:52:12.0811 0x19bc [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
16:52:12.0822 0x19bc WpdUpFltr - ok
16:52:12.0826 0x19bc [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:52:12.0839 0x19bc ws2ifsl - ok
16:52:12.0845 0x19bc [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\Windows\System32\wscsvc.dll
16:52:12.0859 0x19bc wscsvc - ok
16:52:12.0862 0x19bc WSearch - ok
16:52:12.0927 0x19bc [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll
16:52:13.0013 0x19bc WSService - ok
16:52:13.0087 0x19bc [ 8223EE1D7F869C35D8D4F7B6B6CA9016, 99C6A47EADB2D565B668FF50C56078B2019C658502A587972F034C663CA1BF18 ] wuauserv C:\Windows\system32\wuaueng.dll
16:52:13.0164 0x19bc wuauserv - ok
16:52:13.0172 0x19bc [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:52:13.0184 0x19bc WudfPf - ok
16:52:13.0192 0x19bc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
16:52:13.0206 0x19bc WUDFRd - ok
16:52:13.0212 0x19bc [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:52:13.0225 0x19bc wudfsvc - ok
16:52:13.0233 0x19bc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys
16:52:13.0246 0x19bc WUDFWpdFs - ok
16:52:13.0254 0x19bc [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
16:52:13.0268 0x19bc WUDFWpdMtp - ok
16:52:13.0281 0x19bc [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:52:13.0302 0x19bc WwanSvc - ok
16:52:13.0312 0x19bc [ 90C662D649FFDB3D43199528C8C0E81D, 3BFDC04054864971CE8C9B515CCE335F45F91868E28339C498EBEE3FD4AC6AB4 ] yukonw8 C:\Windows\system32\DRIVERS\yk63x64.sys
16:52:13.0327 0x19bc yukonw8 - ok
16:52:13.0334 0x19bc ================ Scan global ===============================
16:52:13.0340 0x19bc [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\Windows\system32\basesrv.dll
16:52:13.0349 0x19bc [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
16:52:13.0357 0x19bc [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
16:52:13.0369 0x19bc [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
16:52:13.0376 0x19bc [ Global ] - ok
16:52:13.0376 0x19bc ================ Scan MBR ==================================
16:52:13.0379 0x19bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:52:13.0577 0x19bc \Device\Harddisk0\DR0 - ok
16:52:13.0603 0x19bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:52:13.0694 0x19bc \Device\Harddisk1\DR1 - ok
16:52:13.0696 0x19bc [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:52:13.0908 0x19bc \Device\Harddisk2\DR2 - ok
16:52:13.0909 0x19bc ================ Scan VBR ==================================
16:52:13.0910 0x19bc [ 4CC7659A951C554C18645EC6303ACD73 ] \Device\Harddisk0\DR0\Partition1
16:52:13.0912 0x19bc \Device\Harddisk0\DR0\Partition1 - ok
16:52:13.0914 0x19bc [ B429F921DBB834A80AABEFD34A992F27 ] \Device\Harddisk0\DR0\Partition2
16:52:13.0916 0x19bc \Device\Harddisk0\DR0\Partition2 - ok
16:52:13.0918 0x19bc [ 0FAB03BF47D4F8159BECA7B030B9CC05 ] \Device\Harddisk1\DR1\Partition1
16:52:13.0963 0x19bc \Device\Harddisk1\DR1\Partition1 - ok
16:52:13.0964 0x19bc [ 248A0AA1A1D1B7801D568EE029634272 ] \Device\Harddisk1\DR1\Partition2
16:52:14.0007 0x19bc \Device\Harddisk1\DR1\Partition2 - ok
16:52:14.0009 0x19bc [ 72EE0AF0E068B909B081AB95EF42E114 ] \Device\Harddisk1\DR1\Partition3
16:52:14.0066 0x19bc \Device\Harddisk1\DR1\Partition3 - ok
16:52:14.0068 0x19bc [ 74DEFB3A3CDC04C79661E667F98F2B54 ] \Device\Harddisk2\DR2\Partition1
16:52:14.0069 0x19bc \Device\Harddisk2\DR2\Partition1 - ok
16:52:14.0071 0x19bc [ 3C4868DCDBFE85F1565ED6CD4E9833DB ] \Device\Harddisk2\DR2\Partition2
16:52:14.0073 0x19bc \Device\Harddisk2\DR2\Partition2 - ok
16:52:14.0075 0x19bc [ 68DDB4B10997571E80C201CD87C86682 ] \Device\Harddisk2\DR2\Partition3
16:52:14.0076 0x19bc \Device\Harddisk2\DR2\Partition3 - ok
16:52:14.0076 0x19bc ================ Scan generic autorun ======================
16:52:14.0125 0x19bc [ 463C40BFC0FB8FF59049E2CA78695A40, 8D693A061A19E47CCADEEC844D4ACF59B5CD3CE97452018807884D2ACBEDA7FF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:52:14.0331 0x19bc NvBackend - ok
16:52:14.0337 0x19bc [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
16:52:14.0354 0x19bc ShadowPlay - ok
16:52:14.0387 0x19bc [ 8BFE805555CDAF6387912A34D7978DAA, 6F9195D85B386099F9F63E3319F5E9E85E0F3A1F0D48CFC9A37E7EFF65225933 ] C:\Windows\syswow64\RunDll32.exe
16:52:14.0419 0x19bc CmPCIaudio - ok
16:52:14.0427 0x19bc [ 838258B7655F2309F7BE63F844AF51BB, 50E5831663E8BD4627C9D532AB4B0D451D668CFC519163E5D75952BA9BD6EE12 ] C:\Program Files\iTunes\iTunesHelper.exe
16:52:14.0440 0x19bc iTunesHelper - ok
16:52:14.0453 0x19bc [ 0B7876608B87AA316A47C40A1E920B7F, 7559ACC88178F48917B416FD1EB930B2CF3522374D66A34A03602111BDA321F0 ] C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE
16:52:16.0236 0x19bc RoccatKone+ - detected UnsignedFile.Multi.Generic ( 1 )
16:52:22.0715 0x19bc RoccatKone+ ( UnsignedFile.Multi.Generic ) - warning
16:52:22.0715 0x19bc Force sending object to P2P due to detect: C:\Program Files (x86)\ROCCAT\Kone[+] Mouse\Kone[+]Monitor.EXE
16:52:33.0010 0x19bc Object send P2P result: true
16:52:37.0734 0x19bc [ D0B1DA5382433AFBF52DE8815298EB0C, A326D01783359CCA1054210D82F17533638A9769A7A08C2BD0621DE016909359 ] C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE
16:52:39.0513 0x19bc RoccatIsku - detected UnsignedFile.Multi.Generic ( 1 )
16:52:45.0104 0x19bc RoccatIsku ( UnsignedFile.Multi.Generic ) - warning
16:52:54.0455 0x19bc [ FABF67C8EC45DB0D5874B191BAEC0E2F, 031BF0540DFE35A3D587105F210081B610CC33E1495E529F5EF45FC80FC7684E ] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe
16:52:54.0576 0x19bc Sophos AutoUpdate Monitor - ok
16:52:54.0583 0x19bc [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
16:52:54.0687 0x19bc HP Software Update - ok
16:52:54.0739 0x19bc [ CEB52C454E0C7A088E06F4B593411630, 4525B44159F40D7E8E0ABE07EA1A1D498604B4C5BBF8A0BD92723C5B76066FEB ] C:\Users\ElPanso\AppData\Roaming\Spotify\SpotifyWebHelper.exe
16:52:54.0957 0x19bc Spotify Web Helper - ok
16:52:55.0046 0x19bc [ D6E2ED7F1F7BE7CCB8676491BF950B57, CBF07EE746F2C27ACC532E83ADC43FBE954DC3C598C4333F13B1A7615AEA9AD5 ] C:\Users\ElPanso\AppData\Local\Akamai\netsession_win.exe
16:52:55.0825 0x19bc Akamai NetSession Interface - ok
16:52:55.0834 0x19bc [ 33BFEC2B102B196B62ABB9947C7D7E23, 6EAF3462712629401CDBECF63B0848D1762A023FCA156F9FA146B0FEE75C83D0 ] C:\Users\ElPanso\AppData\Local\Dropbox\Update\DropboxUpdate.exe
16:52:55.0869 0x19bc Dropbox Update - ok
16:52:55.0870 0x19bc Waiting for KSN requests completion. In queue: 5
16:52:56.0871 0x19bc Waiting for KSN requests completion. In queue: 5
16:52:57.0872 0x19bc Waiting for KSN requests completion. In queue: 5
16:52:58.0872 0x19bc Waiting for KSN requests completion. In queue: 5
16:52:59.0872 0x19bc Waiting for KSN requests completion. In queue: 5
16:53:00.0872 0x19bc Waiting for KSN requests completion. In queue: 5
16:53:01.0873 0x19bc Waiting for KSN requests completion. In queue: 5
16:53:02.0880 0x19bc AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
16:53:02.0880 0x19bc AV detected via SS2: Sophos Anti-Virus, C:\Program Files (x86)\Sophos\Sophos Anti-Virus\WSCClient.exe ( 10.3.6.0 ), 0x51010 ( enabled : outofdate )
16:53:02.0890 0x19bc Win FW state via NFP2: enabled ( trusted )
16:53:09.0362 0x19bc ============================================================
16:53:09.0362 0x19bc Scan finished
16:53:09.0362 0x19bc ============================================================
16:53:09.0368 0x0afc Detected object count: 3
16:53:09.0368 0x0afc Actual detected object count: 3
16:57:17.0889 0x0afc HiPatchService ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:17.0889 0x0afc HiPatchService ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:57:17.0889 0x0afc RoccatKone+ ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:17.0889 0x0afc RoccatKone+ ( UnsignedFile.Multi.Generic ) - User select action: Skip
16:57:17.0890 0x0afc RoccatIsku ( UnsignedFile.Multi.Generic ) - skipped by user
16:57:17.0890 0x0afc RoccatIsku ( UnsignedFile.Multi.Generic ) - User select action: Skip
|
|
18.02.2016, 17:25
| #9 |
| /// Malwareteam | Versuchte Zugriffe auf Accounts Sachma, mehr Partitionen kannst aber nich machen oder   Schritt 1 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
18.02.2016, 18:17
| #10 |
| | Versuchte Zugriffe auf Accounts hehe hier das MDAM log Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.02.2016 Suchlaufzeit: 17:33 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.18.03 Rootkit-Datenbank: v2016.02.17.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: ElPanso Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 401062 Abgelaufene Zeit: 12 Min., 30 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 2 PUP.Optional.OpenCandy, C:\Users\ElPanso\Downloads\SetupImgBurn_2.5.8.0 (1).exe, In Quarantäne, [78b376ec85147bbbd28bc04143c241bf], PUP.Optional.OpenCandy, C:\Users\ElPanso\Downloads\SetupImgBurn_2.5.8.0.exe, In Quarantäne, [d15a0d558d0cdc5a15481fe2ac5920e0], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.034 - Bericht erstellt am 18/02/2016 um 18:13:09
# Aktualisiert am 16/02/2016 von Xplode
# Datenbank : 2016-02-16.2 [Server]
# Betriebssystem : Windows 8.1 Pro (x64)
# Benutzername : ElPanso - PANSO-DESK
# Gestartet von : C:\Users\ElPanso\Downloads\AdwCleaner_5.034.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.windfinder.com_0.localstorage
[-] Datei Gelöscht : C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.windfinder.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\ElPanso\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\watch4.de
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.com
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.watch4.de
***** [ Internetbrowser ] *****
[-] [C:\Users\ElPanso\AppData\Roaming\Mozilla\Firefox\Profiles\ss244mbr.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[-] [C:\Users\ElPanso\AppData\Roaming\Mozilla\Firefox\Profiles\ss244mbr.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", true);
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2286 Bytes] ##########
|
|
13.03.2016, 14:37
| #11 |
| /// Malwareteam | Versuchte Zugriffe auf Accounts Schritt: 1 ESET Online Scanner
Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern... Schritt: 2 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.  Hast du noch irgendwelche Probleme mit deinem Rechner?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
| Themen zu Versuchte Zugriffe auf Accounts |
| account, accounts, amazon, arbeit, mails, meinem, microsoft, monitore, plötzlich, schwarz, tagen, verhält, versuch, versucht, zugriffe |
Linear-Darstellung
