Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Auf den link einer fake amazon email geklickt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 07.05.2015, 20:08   #1
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Hallo Zusammen,

Ich hab vor ungefähr 2 Stunden eine email von "Amazon" erhalten, welche nicht als spam gekennzeichnet wurde und ich somit auf den link geklickt habe was mich auf eine Seite weitergeleitet hat.
Ich habe mich schon über diese seite informiert und rausbekommen das diese eine bedrohliche seite sein soll.
Kann mir deswegen jemand helfen??

MfG

Alt 07.05.2015, 20:35   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 07.05.2015, 20:51   #3
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-05-2015 01
Ran by Paddi (administrator) on PADDI-PC on 07-05-2015 21:47:38
Running from C:\Users\Paddi\Desktop
Loaded Profiles: Paddi (Available profiles: Paddi)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5746\Battle.net.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4016\Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2013-09-30] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-07] (Electronic Arts)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2015-01-07] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Paddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-02-16] ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-591826998-651340935-421247996-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-591826998-651340935-421247996-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP3E78F344-C1B9-4E91-82A4-E4237F5C0031&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-591826998-651340935-421247996-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-01-17] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-01-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-01-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-01-17] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{218B8ADA-67E2-46A6-8C27-DD0264EFDA53}: [NameServer] 8.8.4.4,8.8.8.8
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-01-17] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-01-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-01-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Paddi\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll [2014-11-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-591826998-651340935-421247996-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Paddi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Extension: YouTube Unblocker - C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-09]
FF Extension: MEGA - C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default\Extensions\firefox@mega.co.nz.xpi [2014-08-02]
FF Extension: {7db08dca-a90d-4884-bb50-726a931c4aec} - C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default\Extensions\{7db08dca-a90d-4884-bb50-726a931c4aec}.xpi [2014-08-25]
FF Extension: Adblock Plus - C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-13]

Chrome: 
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-11-12]
CHR Extension: (BetterTTV) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-10-30]
CHR Extension: (Google Drive) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-27]
CHR Extension: (YouTube) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-02]
CHR Extension: (Google Search) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-02]
CHR Extension: (Dark Vibe) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj [2014-10-30]
CHR Extension: (AdBlock) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-30]
CHR Extension: (Google Wallet) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-02]
CHR Extension: (Gmail) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-02]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [701824 2015-01-02] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-07] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-15] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-25] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
S2 TICalc; C:\Windows\SysWow64\Drivers\TICalc.sys [9152 1999-08-30] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 USBPNPA; \SystemRoot\system32\drivers\CM10864.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 21:47 - 2015-05-07 21:47 - 02102272 _____ (Farbar) C:\Users\Paddi\Desktop\FRST64.exe
2015-05-07 21:47 - 2015-05-07 21:47 - 00017254 _____ () C:\Users\Paddi\Desktop\FRST.txt
2015-04-30 17:53 - 2015-03-10 17:16 - 00000000 ____D () C:\Users\Paddi\Desktop\csgo cfg
2015-04-30 17:42 - 2015-04-30 17:42 - 00005829 _____ () C:\Users\Paddi\Downloads\syrinxx gaming cfg (10.03.2015).rar
2015-04-27 13:54 - 2015-04-27 13:54 - 00000000 ____D () C:\Users\Paddi\Documents\My Cheat Tables
2015-04-27 13:38 - 2015-04-27 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-04-27 13:38 - 2015-04-27 13:38 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-04-15 14:55 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 14:55 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 14:55 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 14:55 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 14:55 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 14:55 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 14:55 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 14:55 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 14:55 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 14:55 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 14:55 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 14:55 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 14:55 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 14:55 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 14:54 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 14:54 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 14:54 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 14:53 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 14:53 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 14:53 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 14:53 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 14:53 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 14:53 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 14:53 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 14:53 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 14:53 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 14:53 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 14:53 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 14:53 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 14:53 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 14:53 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 14:53 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 14:53 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 14:53 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 14:53 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 14:53 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 14:53 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 14:53 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 14:53 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 14:53 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 14:53 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 14:53 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 14:50 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 14:50 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 14:50 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 14:50 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 14:50 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 14:50 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 14:50 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 14:50 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 14:50 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 14:50 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 14:50 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 14:50 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 14:50 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 14:50 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 14:50 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 14:50 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 14:50 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 14:50 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 14:50 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 14:50 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 14:50 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 14:49 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 18:41 - 2015-04-14 18:41 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 17:33 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-14 17:29 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-14 17:29 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-14 17:11 - 2015-04-27 14:04 - 00000080 _____ () C:\Users\Paddi\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-04-14 17:11 - 2015-04-17 13:28 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-04-14 17:11 - 2015-04-14 17:11 - 00000000 ____D () C:\Users\Paddi\Documents\Rockstar Games
2015-04-14 17:11 - 2015-04-14 17:11 - 00000000 ____D () C:\Users\Paddi\AppData\Local\Rockstar Games
2015-04-14 17:10 - 2015-04-17 13:27 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-04-11 04:25 - 2015-04-11 04:25 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2015-04-07 17:46 - 2015-04-07 17:46 - 00000000 ____D () C:\Users\Paddi\AppData\Local\Supraball_Launcher
2015-04-07 17:39 - 2015-04-07 17:39 - 00001914 _____ () C:\Users\Paddi\Desktop\Supraball.lnk
2015-04-07 17:37 - 2015-04-07 17:37 - 00000000 ____D () C:\Program Files (x86)\Supraball

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-07 21:48 - 2014-02-13 22:48 - 00000000 ____D () C:\Users\Paddi\AppData\Roaming\Skype
2015-05-07 21:47 - 2014-12-24 19:59 - 00000000 ____D () C:\FRST
2015-05-07 21:45 - 2014-02-14 18:14 - 00000000 ____D () C:\Users\Paddi\AppData\Local\Battle.net
2015-05-07 21:41 - 2014-02-13 22:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-07 21:33 - 2014-10-31 14:34 - 02093297 _____ () C:\Windows\WindowsUpdate.log
2015-05-07 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-07 20:52 - 2014-07-02 16:36 - 00001136 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-07 20:03 - 2014-08-22 21:56 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2015-05-07 18:57 - 2014-03-05 04:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-07 18:45 - 2014-02-14 18:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-07 17:54 - 2014-02-13 22:40 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B5EDF6A5-63CD-4476-815A-3F21CEA1FFCC}
2015-05-07 15:52 - 2014-07-02 16:36 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-04 23:26 - 2014-02-13 22:37 - 00000000 ____D () C:\Users\Paddi
2015-05-04 23:19 - 2014-02-13 22:43 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-04 16:47 - 2015-01-07 16:33 - 00011381 _____ () C:\Windows\setupact.log
2015-05-04 16:47 - 2014-02-13 22:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-04 16:47 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-02 11:49 - 2014-02-13 22:48 - 00000000 ____D () C:\ProgramData\Skype
2015-04-27 19:43 - 2014-02-13 22:43 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-591826998-651340935-421247996-1001
2015-04-23 20:49 - 2015-02-23 16:41 - 00000000 ____D () C:\Users\Paddi\Desktop\schule
2015-04-19 15:35 - 2014-03-05 18:58 - 00000000 ____D () C:\Users\Paddi\Desktop\programme
2015-04-19 14:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-18 16:26 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-17 21:54 - 2014-02-22 02:35 - 00000000 ____D () C:\Users\Paddi\AppData\Roaming\TS3Client
2015-04-16 13:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 12:38 - 2014-12-10 21:49 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 12:38 - 2014-07-10 14:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 15:17 - 2014-02-19 14:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 15:03 - 2014-02-19 14:23 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 14:49 - 2014-11-13 10:08 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-14 22:00 - 2014-06-10 23:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-14 18:41 - 2014-02-13 22:47 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 17:31 - 2014-02-13 22:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-14 01:24 - 2014-10-17 20:15 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-10-17 20:15 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-09 02:58 - 2014-11-13 20:57 - 00029329 _____ () C:\Windows\system32\nvinfo.pb
2015-04-09 02:58 - 2014-02-13 22:46 - 00078480 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-04-09 02:58 - 2014-02-13 22:46 - 00066704 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-04-09 02:58 - 2014-02-13 22:43 - 12689592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-04-09 02:58 - 2013-09-05 03:47 - 17176128 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-04-09 02:58 - 2013-09-05 03:47 - 14617288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-04-09 02:58 - 2013-09-05 03:46 - 03317344 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-04-09 02:58 - 2013-09-05 03:46 - 02935416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-04-08 23:30 - 2014-02-13 22:46 - 06841488 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-04-08 23:30 - 2014-02-13 22:46 - 03478344 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-04-08 23:30 - 2014-02-13 22:46 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-04-08 23:30 - 2014-02-13 22:46 - 00936264 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-04-08 23:30 - 2014-02-13 22:46 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-04-08 23:30 - 2014-02-13 22:46 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-04-08 19:52 - 2014-02-13 22:46 - 04336074 _____ () C:\Windows\system32\nvcoproc.bin
2015-04-08 17:18 - 2014-03-15 14:45 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2015-04-07 17:38 - 2014-04-15 17:18 - 00000000 ____D () C:\Windows\SysWOW64\directx
2015-04-07 07:47 - 2014-02-15 13:40 - 00000000 ____D () C:\Users\Paddi\Documents\FIFA 14
2015-04-07 07:47 - 2014-02-14 15:53 - 00000000 ____D () C:\ProgramData\Origin
2015-04-07 07:29 - 2014-02-14 15:53 - 00000000 ____D () C:\Program Files (x86)\Origin
2015-04-07 04:47 - 2014-02-14 17:45 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft

==================== Files in the root of some directories =======

2014-05-04 17:22 - 2014-05-10 15:55 - 0000132 _____ () C:\Users\Paddi\AppData\Roaming\Adobe BMP Format CC Prefs
2014-05-04 17:22 - 2014-05-10 15:55 - 0000132 _____ () C:\Users\Paddi\AppData\Roaming\Adobe GIF Format CC Prefs
2014-04-05 18:51 - 2014-06-16 23:44 - 0000132 _____ () C:\Users\Paddi\AppData\Roaming\Adobe PNG Format CC Prefs
2014-12-22 20:56 - 2014-12-22 20:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-11 19:58 - 2014-04-11 20:03 - 0012420 _____ () C:\ProgramData\HirezPipeError.txt
2014-06-25 20:15 - 2014-10-31 01:03 - 0002206 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Paddi\AppData\Local\Temp\awesomium_setup.exe
C:\Users\Paddi\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Paddi\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Paddi\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Paddi\AppData\Local\Temp\nvStInst.exe
C:\Users\Paddi\AppData\Local\Temp\Quarantine.exe
C:\Users\Paddi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Paddi\AppData\Local\Temp\sqlite3.dll
C:\Users\Paddi\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-07 19:42

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-05-2015 01
Ran by Paddi at 2015-05-07 21:49:03
Running from C:\Users\Paddi\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-591826998-651340935-421247996-500 - Administrator - Disabled)
Guest (S-1-5-21-591826998-651340935-421247996-501 - Limited - Disabled)
Paddi (S-1-5-21-591826998-651340935-421247996-1001 - Administrator - Enabled) => C:\Users\Paddi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-591826998-651340935-421247996-1001\...\uTorrent) (Version: 3.4.2.37754 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
Awesomium Redistributable (HKLM-x32\...\{5BCB064B-9F65-4E15-BAFB-669E72E54FD9}) (Version: 1.7.4.2 - SIX Networks GmbH)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Ghosts - Multiplayer (HKLM-x32\...\Steam App 209170) (Version:  - )
Call of Duty: Ghosts (HKLM-x32\...\Steam App 209160) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Curse Client (HKU\S-1-5-21-591826998-651340935-421247996-1001\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
D2600 (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
DECUS Gaming Mouse (HKLM-x32\...\{B62CC42A-D1D9-4E91-BEDE-8614DE2AD943}) (Version: 1.0 - SPEEDLINK)
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
DJ_SF_05_D2600_Software_Min (x32 Version: 140.0.841.000 - Hewlett-Packard) Hidden
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.41.623 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.41.623 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
Gyazo 2.0.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc.)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet D2600 Printer Driver Software 14.0 Rel. 6 (HKLM\...\{841C974B-1B01-4896-B996-6CD68C060EBE}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.11 - www.leaguereplays.com)
Macro Recorder 5.7.7 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.7.7 - Jitbit Software)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 33.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0 (x86 de)) (Version: 33.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
My Game Long Name (HKLM\...\UDK-80e9ad23-7fdf-4702-b67c-974e6f52c813) (Version:  - Epic Games, Inc.)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 350.12 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Graphics Driver 350.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 350.12 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
OnTopReplica (HKU\S-1-5-21-591826998-651340935-421247996-1001\...\OnTopReplica) (Version: 3.4 - Lorenz Cuno Klopfenstein)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{7b297a36-6fa6-4e2c-9c07-53a86a37cac7}) (Version: latest - ppy Pty Ltd)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12952.91 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
Rogue Legacy (HKLM-x32\...\GOGPACKROGUELEGACY_is1) (Version: 2.2.0.10 - GOG.com)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Special Force 2 Beta_is1) (Version:  - )
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version:  - Valve)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Super Meat Boy v1.5 (HKLM-x32\...\Super Meat Boy v1.5_is1) (Version:  - Team Meat)
Supraball (HKLM-x32\...\Supraball) (Version:  - Supra Games Gbr)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.)
TI-Black Link (HKLM-x32\...\TI-Black Link) (Version:  - )
TI-Graph Link 83 Plus (HKLM-x32\...\TI-Graph Link 83 Plus) (Version:  - )
TikiOne Steam Cleaner (HKLM-x32\...\TikiOneSteamCleaner) (Version:  - Jonathan Lermitage)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Unity Web Player (HKU\S-1-5-21-591826998-651340935-421247996-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB  (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.)
Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB  (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.)
Windows KMS Activator Ultimate 2014 v2.3 (HKLM\...\Windows KMS Activator Ultimate 2014 v2.3_is1) (Version: v2.3 - )
Windows Vista - 7 - 8 - 8.1 KMS Activator Ultimate 2014 v1.7 (HKLM-x32\...\Windows Vista - 7 - 8 - 8.1 KMS Activator Ultima~17A353D0_is1) (Version: v1.7 - )
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-591826998-651340935-421247996-1001_Classes\CLSID\{94dafdab-d11c-4bdb-8a77-40f87733b33d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

18-04-2015 16:22:37 Windows Update
27-04-2015 13:09:43 Scheduled Checkpoint
07-05-2015 21:36:44 Scheduled Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {16009886-C996-4681-A263-9E847D11EBCE} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {1A5FD366-04C4-4B47-8855-20E772A9CB30} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {2708E59D-7A1C-4A36-95B5-D3692E25B233} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {280C93FF-2F97-4693-BCA1-B92AF3DFCAE3} - System32\Tasks\Driver Booster SkipUAC (Paddi) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {2FE83B99-9404-4C11-8717-11829FDD26A9} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {4AE57FEC-B37F-4D2C-8438-3E6C2CF9CA25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-02] (Google Inc.)
Task: {512D9E52-13B0-4EF8-8F85-7CB07A299AD6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {864C947A-2952-407F-8273-A7971A35067C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-02] (Google Inc.)
Task: {9BDE7632-FF42-4AB4-AD09-53E15D0FA22D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {AD8C1716-08FA-4302-8C5D-B95C9690FE7B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: {BA8E39A4-3324-4837-AED1-950216DF432D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D215B9CA-30D5-4719-A350-31E551066D2F} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {D74A3F72-10D6-4101-86A7-2E173B15ABCA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {DA3A7D62-E9ED-4101-8D0C-3A84F6E5A24E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {DED88C30-B942-4891-965A-09B1669882B0} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-05-01 15:25 - 2014-06-15 18:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-13 22:46 - 2015-04-08 23:30 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-08 17:47 - 2013-09-30 14:40 - 03587584 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
2015-04-14 17:22 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-03-08 17:47 - 2013-09-30 14:39 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Lang.dll
2014-03-08 17:47 - 2013-01-29 17:15 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\hiddriver.dll
2014-12-12 23:53 - 2014-12-06 03:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 23:53 - 2014-12-06 03:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 23:53 - 2014-12-06 03:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 23:53 - 2014-12-06 03:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 26065408 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\libcef.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00739840 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\libGLESv2.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00908288 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\platforms\qwindows.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00130048 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\libEGL.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00020992 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\imageformats\qgif.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00021504 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\imageformats\qico.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00205312 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\imageformats\qjpeg.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00225792 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\imageformats\qmng.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00015872 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\imageformats\qsvg.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00312832 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\imageformats\qtiff.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\qml\QtQuick.2\qtquick2plugin.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00054272 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-05-07 18:41 - 2015-05-07 18:41 - 00010240 _____ () C:\Program Files (x86)\Battle.net\Battle.net.5746\qml\QtQml\Models.2\modelsplugin.dll
2014-12-12 23:53 - 2014-12-06 03:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-591826998-651340935-421247996-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-591826998-651340935-421247996-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-591826998-651340935-421247996-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-591826998-651340935-421247996-1001\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-591826998-651340935-421247996-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Paddi\AppData\Roaming\Microsoft\Windows Photo Viewer\Windows Photo Viewer Wallpaper.jpg
DNS Servers: 8.8.4.4 - 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "HP Digital Imaging Monitor.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "vmware-tray.exe"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\StartupFolder: => "CurseClientStartup.ccip"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\StartupFolder: => "Curse.lnk"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\StartupFolder: => "Stickies.lnk"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\Run: => "Gyazo"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\Run: => "Beamrise"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\Run: => "MurGee.com Auto Keyboard"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\StartupApproved\Run: => "puush"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{24DE0CBE-AC28-4492-AF2B-FD899D0C3209}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{0026E92F-A8E9-48CF-8803-F5976E95E7DE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{A87BCA36-FE61-4D23-A630-B03EC11A35EB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{7494E75D-3E04-4CDF-8DCD-2BFD49B81531}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FE02EE2F-EC30-488D-874F-8A71497BCE0B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{51B6E3AE-A50F-49A2-9596-EABA0F3C56B7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{EDF0FBF0-7125-411B-AE46-9A0BF8C44209}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7E13597D-3343-400F-8623-C3D884CE798D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8BA60EDA-E752-4AF7-8326-CA3ABF7B8A5E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F1CBD196-E6B1-4172-8EB2-D1E4C95534BF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [TCP Query User{4D4AA3DF-05F9-4551-BA13-745F7C145A2F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{132ABE73-0479-4DAB-82D8-819E3A2B55CB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{2C7F5CC5-2867-4B1A-A6D8-83756686C99C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F2001E79-F6AF-4FCA-9672-CC1DBA14958A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{02D845B2-78AD-4AA9-BBD1-D48FEFD3EFEF}] => (Allow) C:\Users\Paddi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F0F347CE-0F70-4394-8AF5-F13ECA5A9398}] => (Allow) C:\Users\Paddi\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B1579C44-FEFD-4B1A-9DE5-6938D555B26E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{22A4CEEE-2017-4B80-BF0E-089290105F5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{E01092C3-8442-4F8D-BF45-92FAA30BB7E1}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{A5C6B431-AA31-4667-B721-06B1F0722841}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{E07828E7-CECE-43B7-A5EB-FEC6307DC544}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{11078B4C-13C5-41D5-9B92-1FAE08061B15}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{C77FA0C9-B8DE-4C55-9DE0-E35365E7414E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{85CE0BBA-9FC2-4532-83F1-C95FAC8E1DE0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Ghosts\iw6mp64_ship.exe
FirewallRules: [{F041D98C-362B-4CC2-80D8-B422F70AD370}] => (Allow) LPort=1688
FirewallRules: [{ABB4B715-AA48-46DB-94CF-DA9D8C1F897F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{E92F415E-7B97-412B-8E84-504E53CC652D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A9A68B4F-B314-4FDB-B580-8C6E0F830153}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{F9C315BE-C824-426C-B2C2-48805F5B6D1A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{B039FE22-AAF9-4D38-AC8A-A8F2FE80070B}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{13D599EF-80C1-450F-BF3E-C689BACB9358}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{89BC78DF-E36C-4F45-9D21-0A4D7F08BDE8}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{EA6B30A3-A0AA-48F5-AAF7-CD7F43F7B679}] => (Allow) C:\Program Files (x86)\Origin Games\FIFA 14\Game\fifa14.exe
FirewallRules: [{9792474F-EEEE-4E4D-8387-534507655D6F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{B279E440-AB6F-4770-9D1B-B32A3CBB6A63}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{7D4E38C6-645A-417C-873C-BDB36042F967}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D00D3922-CF2F-4A0C-8FD3-FE5C94CD6AA5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FE2EB984-4DFE-4AEE-BDE4-78C64126E1AD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E108E290-DA39-4C37-A3DF-F0C4E77942BC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{EAA1D6F7-8563-4A96-A265-79B89B4A9C2C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{4499FF20-670E-4CF6-A9DC-989D05FB3AF0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{CD8E9EDC-0B80-4293-96FB-2819361F748D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{79E74158-12AA-4188-947E-4FB7FC06CADD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{093F1F27-F976-4E18-AF88-1FE1FBAB84C2}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{05B4E20D-E6CA-4438-8C01-7DB54CD3252B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{BC60E65C-DB2D-4F87-8477-3C7C94A5A421}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{BE68FB66-1813-4536-813F-5B084A488465}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{384B9723-A39F-4397-89EF-75F41736DB8B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{C565DA67-0E7E-488E-BA73-4C172A6DE63B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{93B6FE23-1FC3-4608-B863-5FCB4E6CE667}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{3BE1A8EA-BCA2-495D-946E-F3704CC22DF8}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{78177B20-5791-4EEC-8164-FF8EF01F935D}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{C3A4C058-8DB4-4779-98CB-A3512B59B91D}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{7280A405-2DC3-44F1-A33D-7203EACDBFD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{04A3CD2B-01E3-4346-8252-311FC80E90C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{443841DB-9A87-4B2E-86DA-8404EA473732}] => (Allow) %ProgramFiles% (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{3035A00A-8EFA-450B-BE70-A7611CBEB889}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{95811AAA-44C5-4A9A-B26D-2BBFA2841007}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{2658D92A-7BA4-491E-B78D-03A906A13DB1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CB7B6B07-EC9F-43AB-A6B8-716D40E65496}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{8603DB14-D58E-468C-A58C-B5DA5CBEAEBA}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [UDP Query User{653CFD22-36DB-44A3-AB7A-B1D8ADF86FFA}C:\program files\java\jre1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_20\bin\javaw.exe
FirewallRules: [{7837B071-11D8-4A3B-8460-DB3D61A95A40}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{1EE94250-3014-44B5-A8AF-4AC8F46E8AE6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [TCP Query User{745F68FD-C06B-4138-8CA4-87D83F6EDA6D}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{BC887CC3-DEA7-4ADD-8376-5A1352EAFF49}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{49746228-C26C-4813-9650-1E5F5CFEA48F}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{F540D0F9-9E7B-48F9-98D1-6A1090BFCBEF}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\GBR_eng\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{193FFCC2-FE04-4B90-87B2-AACCFFF43E4B}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\GBR_eng\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{80D78717-5EE9-4248-9AB1-04C751C14BC7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{81A1125D-4E51-4725-870F-5670FD54137B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{92BD61D4-F195-4962-9C70-3BCF51C551AB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{DC8BB590-D74D-4583-888B-7B7352803FA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{14F4FE62-9064-46F6-8B66-C228C3D9485B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{720B2035-0167-4952-A10D-86054339512A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [TCP Query User{A7FC15B7-6FF7-407D-8C68-471A78174301}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{7C864CAF-3F26-4493-AA75-C7BB8C58EEFF}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{562CC10D-73EF-4A30-B1FC-99F8D44C56A8}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{25792452-EC60-4CAB-BCAE-CFB929EAECD9}] => (Allow) C:\Program Files (x86)\Diablo III Public Test\Diablo III.exe
FirewallRules: [{91AF5039-9734-40CE-BAD6-4A3DA967778C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{56A644AF-C994-4702-866F-9D178D8AF584}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{EE1E513E-8668-4043-A61A-BF30B4A49C72}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{96B1B049-D6A0-4AE2-9FD2-B63E74F0D987}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{EE84CF60-3557-47BE-BF8F-D8F10C519982}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{803499F2-1704-48E2-8F85-1A4FA5F8768C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{FA5569A8-0624-46CC-8141-B4C360B68F07}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{22449B09-65C1-4DF9-8FBC-8632C92533DE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{D68EC54D-6CE2-45FB-A188-2938C05E348B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{A5F06EE6-3656-426B-A4B3-40236AA14CEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{CEB8F2A8-A297-40A1-A498-4336AF854733}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{3F711180-5ACA-4921-AFC9-C1371CF2B819}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{C6AD0780-E2E6-4316-9159-90F94927D94C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\Expansion\beta\Arma2OA.exe
FirewallRules: [{A0085F41-C828-4794-90DF-09093F80D7DB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{7ACEA7E4-0EDF-4266-B19B-F59694F20E04}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{958B2710-D2DC-4634-A99C-7F1375F6FF2B}] => (Allow) LPort=25565
FirewallRules: [{4B914DB0-0991-4521-9C45-ED1B08F2C60E}] => (Allow) LPort=25565
FirewallRules: [TCP Query User{5B75745E-F540-4E0B-A136-E771A5C65515}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [UDP Query User{6822A005-4442-4D49-8BA4-8E807594BA38}C:\program files\java\jre1.8.0_25\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\java.exe
FirewallRules: [TCP Query User{B6B8CC02-4FFA-4BC7-98D4-6271F8B42F88}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{05695DC3-CDC0-4A28-B48F-6F72F1E54FF8}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{9EC08767-D4C9-4C8A-ADAF-0E6E3C6DAE1F}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{5E8BB339-B065-491F-8DDB-FAC2025756A7}] => (Allow) %ProgramFiles% (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
FirewallRules: [{C4C34458-89C9-46F0-9782-0576738A5634}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{9B187F35-BEFD-4137-B674-B4CB03B1D19E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{75CF2C10-9DD6-49F0-B75B-BB2CAB935C02}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [{F464D02C-26CA-4CB7-9272-6A9662F94506}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{8669E47F-B7DE-4E2F-9246-F29F52325A97}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{6125AE80-08B8-4C77-9F0D-81F296CE042E}C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{490F87E6-6FF1-4D78-9A77-A2165F9F7B02}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe
FirewallRules: [UDP Query User{FAF957EA-5C8E-4F83-915A-6BC23FB70A24}C:\program files (x86)\origin games\fifa 14\game\fifa14.exe] => (Allow) C:\program files (x86)\origin games\fifa 14\game\fifa14.exe
FirewallRules: [TCP Query User{007EE9BA-1FE6-4A3A-B74E-DE9965A11195}C:\program files (x86)\supraball\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\supraball\binaries\win32\udk.exe
FirewallRules: [UDP Query User{C72A1D10-9CDC-4859-B7D5-3D906A383795}C:\program files (x86)\supraball\binaries\win32\udk.exe] => (Allow) C:\program files (x86)\supraball\binaries\win32\udk.exe
FirewallRules: [{2A4EDDD8-E0A0-4848-AD67-F8352151E63F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0127FC70-F0FE-4B56-A30C-FDBAC45C14F0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{782251A8-4483-486F-8806-D905B0C4A5D0}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{1A4533CC-A9EF-4DFF-9F39-619EDB057947}C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe

==================== Faulty Device Manager Devices =============

Name: SAMSUNG Mobile USB Composite Device 
Description: SAMSUNG Mobile USB Composite Device 
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: SAMSUNG Electronics Co., Ltd. 
Service: dg_ssudbus
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Microsoft PS/2 Mouse
Description: Microsoft PS/2 Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is disabled because the firmware of the device did not give it the required resources. (Code 29)
Resolution: Enable the device in the BIOS of the device.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/07/2015 09:36:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (05/07/2015 11:29:44 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/06/2015 03:31:29 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/04/2015 11:40:07 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 11:24:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nvstreamsvc.exe, version: 4.1.1944.2762, time stamp: 0x5515f674
Faulting module name: nvstreamsvc.exe, version: 4.1.1944.2762, time stamp: 0x5515f674
Exception code: 0xc0000005
Fault offset: 0x0000000000687672
Faulting process id: 0x1cc
Faulting application start time: 0xnvstreamsvc.exe0
Faulting application path: nvstreamsvc.exe1
Faulting module path: nvstreamsvc.exe2
Report Id: nvstreamsvc.exe3
Faulting package full name: nvstreamsvc.exe4
Faulting package-relative application ID: nvstreamsvc.exe5

Error: (05/03/2015 11:24:15 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/02/2015 11:48:12 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/01/2015 11:55:02 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/30/2015 01:19:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/29/2015 07:17:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Hearthstone.exe, version: 2.5.0.8416, time stamp: 0x54eccad8
Faulting module name: Hearthstone.exe, version: 2.5.0.8416, time stamp: 0x54eccad8
Exception code: 0xc0000005
Fault offset: 0x00033c28
Faulting process id: 0x1354
Faulting application start time: 0xHearthstone.exe0
Faulting application path: Hearthstone.exe1
Faulting module path: Hearthstone.exe2
Report Id: Hearthstone.exe3
Faulting package full name: Hearthstone.exe4
Faulting package-relative application ID: Hearthstone.exe5


System errors:
=============
Error: (05/07/2015 07:43:30 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/07/2015 07:43:00 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/07/2015 01:16:41 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/07/2015 01:16:03 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/07/2015 00:30:30 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/07/2015 00:30:00 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/05/2015 11:09:56 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/05/2015 11:09:26 PM) (Source: DCOM) (EventID: 10010) (User: Paddi-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/04/2015 04:48:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error: 
%%1053

Error: (05/04/2015 04:48:15 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the LogMeIn Hamachi Tunneling Engine service to connect.


Microsoft Office Sessions:
=========================
Error: (05/07/2015 09:36:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.

Error: (05/07/2015 11:29:44 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/06/2015 03:31:29 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/04/2015 11:40:07 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/03/2015 11:24:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvstreamsvc.exe4.1.1944.27625515f674nvstreamsvc.exe4.1.1944.27625515f674c000000500000000006876721cc01d08582ecadfa2aC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeC:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe2d498d54-f176-11e4-82d3-d027881e176b

Error: (05/03/2015 11:24:15 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/02/2015 11:48:12 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (05/01/2015 11:55:02 AM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/30/2015 01:19:50 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcFailed continue stopping. [6]

Error: (04/29/2015 07:17:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Hearthstone.exe2.5.0.841654eccad8Hearthstone.exe2.5.0.841654eccad8c000000500033c28135401d0829d5eeb8974C:\Program Files (x86)\Hearthstone\Hearthstone.exeC:\Program Files (x86)\Hearthstone\Hearthstone.exea980f1ac-ee93-11e4-82d3-d027881e176b


CodeIntegrity Errors:
===================================
  Date: 2015-05-04 22:40:21.933
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 22:40:21.712
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 22:40:21.494
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 22:40:18.505
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 22:40:18.257
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 19:59:35.391
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 19:59:35.095
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 19:59:34.837
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 19:59:29.105
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2015-05-04 19:59:28.705
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X6 1045T Processor
Percentage of memory in use: 42%
Total physical RAM: 8183.76 MB
Available physical RAM: 4695.5 MB
Total Pagefile: 9463.76 MB
Available Pagefile: 4791.55 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:456.45 GB) (Free:73.97 GB) NTFS
Drive e: () (Fixed) (Total:456.9 GB) (Free:454.87 GB) NTFS
Drive f: () (Fixed) (Total:18 GB) (Free:17.9 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 382FC85C)
Partition 1: (Not Active) - (Size=18 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=456.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=456.9 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
__________________

Alt 08.05.2015, 16:46   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.05.2015, 19:06   #5
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Ich hab ein Problem und zwar wenn ich Malwarebytes laufen lassen kommt nach einem bestimmten Zeitpunkt die Meldung Malewarebytes has stopped working.
Das war jetzt schon zum 2ten mal in Folge.An was liegt das?


Alt 09.05.2015, 17:08   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Kann ich so nicht sagen. Lass MBAR weg.
__________________
--> Auf den link einer fake amazon email geklickt

Alt 09.05.2015, 17:51   #7
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Code:
ATTFilter
18:18:51.0423 0x0148  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
18:18:56.0908 0x0148  ============================================================
18:18:56.0909 0x0148  Current date / time: 2015/05/09 18:18:56.0908
18:18:56.0909 0x0148  SystemInfo:
18:18:56.0909 0x0148  
18:18:56.0909 0x0148  OS Version: 6.3.9600 ServicePack: 0.0
18:18:56.0909 0x0148  Product type: Workstation
18:18:56.0909 0x0148  ComputerName: PADDI-PC
18:18:56.0909 0x0148  UserName: Paddi
18:18:56.0909 0x0148  Windows directory: C:\Windows
18:18:56.0909 0x0148  System windows directory: C:\Windows
18:18:56.0909 0x0148  Running under WOW64
18:18:56.0909 0x0148  Processor architecture: Intel x64
18:18:56.0909 0x0148  Number of processors: 6
18:18:56.0909 0x0148  Page size: 0x1000
18:18:56.0909 0x0148  Boot type: Normal boot
18:18:56.0909 0x0148  ============================================================
18:18:57.0401 0x0148  KLMD registered as C:\Windows\system32\drivers\53803459.sys
18:18:58.0317 0x0148  System UUID: {914CA48F-FB3D-FA6A-8BEE-17CF0B65F7D4}
18:18:59.0037 0x0148  Drive \Device\Harddisk0\DR0 - Size: 0xE8DCDB0000 ( 931.45 Gb ), SectorSize: 0x200, Cylinders: 0x1DAF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:18:59.0101 0x0148  ============================================================
18:18:59.0101 0x0148  \Device\Harddisk0\DR0:
18:18:59.0101 0x0148  MBR partitions:
18:18:59.0101 0x0148  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x23FF800
18:18:59.0101 0x0148  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2400774, BlocksNum 0x32190
18:18:59.0101 0x0148  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x2432904, BlocksNum 0x390E70FC
18:18:59.0144 0x0148  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x3B51A800, BlocksNum 0x391CB800
18:18:59.0144 0x0148  ============================================================
18:18:59.0171 0x0148  C: <-> \Device\Harddisk0\DR0\Partition3
18:18:59.0203 0x0148  E: <-> \Device\Harddisk0\DR0\Partition4
18:18:59.0215 0x0148  F: <-> \Device\Harddisk0\DR0\Partition1
18:18:59.0215 0x0148  ============================================================
18:18:59.0215 0x0148  Initialize success
18:18:59.0215 0x0148  ============================================================
18:19:12.0877 0x0a18  ============================================================
18:19:12.0877 0x0a18  Scan started
18:19:12.0877 0x0a18  Mode: Manual; 
18:19:12.0877 0x0a18  ============================================================
18:19:12.0877 0x0a18  KSN ping started
18:19:15.0463 0x0a18  KSN ping finished: true
18:19:38.0255 0x0a18  ================ Scan system memory ========================
18:19:38.0255 0x0a18  Scan was interrupted by user!
18:19:38.0336 0x0a18  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
18:19:38.0349 0x0a18  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
18:19:38.0353 0x0a18  Win FW state via NFP2: enabled
18:19:40.0798 0x0a18  ============================================================
18:19:40.0798 0x0a18  Scan finished
18:19:40.0798 0x0a18  ============================================================
18:19:40.0806 0x0b30  Detected object count: 0
18:19:40.0806 0x0b30  Actual detected object count: 0
18:28:16.0016 0x05d8  ============================================================
18:28:16.0016 0x05d8  Scan started
18:28:16.0016 0x05d8  Mode: Manual; SigCheck; TDLFS; 
18:28:16.0016 0x05d8  ============================================================
18:28:16.0016 0x05d8  KSN ping started
18:28:18.0391 0x05d8  KSN ping finished: true
18:28:20.0488 0x05d8  ================ Scan system memory ========================
18:28:20.0488 0x05d8  System memory - ok
18:28:20.0489 0x05d8  ================ Scan services =============================
18:28:20.0658 0x05d8  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:28:20.0761 0x05d8  1394ohci - ok
18:28:20.0798 0x05d8  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
18:28:20.0815 0x05d8  3ware - ok
18:28:20.0871 0x05d8  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:28:20.0909 0x05d8  ACPI - ok
18:28:20.0934 0x05d8  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:28:20.0950 0x05d8  acpiex - ok
18:28:20.0964 0x05d8  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:28:20.0993 0x05d8  acpipagr - ok
18:28:21.0013 0x05d8  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
18:28:21.0044 0x05d8  AcpiPmi - ok
18:28:21.0049 0x05d8  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:28:21.0079 0x05d8  acpitime - ok
18:28:21.0172 0x05d8  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:28:21.0190 0x05d8  AdobeFlashPlayerUpdateSvc - ok
18:28:21.0234 0x05d8  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
18:28:21.0289 0x05d8  ADP80XX - ok
18:28:21.0329 0x05d8  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:28:21.0374 0x05d8  AeLookupSvc - ok
18:28:21.0424 0x05d8  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
18:28:21.0457 0x05d8  AFD - ok
18:28:21.0469 0x05d8  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:28:21.0486 0x05d8  agp440 - ok
18:28:21.0522 0x05d8  [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
18:28:21.0556 0x05d8  ahcache - ok
18:28:21.0581 0x05d8  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\Windows\System32\alg.exe
18:28:21.0664 0x05d8  ALG - ok
18:28:21.0689 0x05d8  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
18:28:21.0719 0x05d8  AmdK8 - ok
18:28:21.0728 0x05d8  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:28:21.0780 0x05d8  AmdPPM - ok
18:28:21.0787 0x05d8  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:28:21.0803 0x05d8  amdsata - ok
18:28:21.0827 0x05d8  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:28:21.0846 0x05d8  amdsbs - ok
18:28:21.0853 0x05d8  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:28:21.0867 0x05d8  amdxata - ok
18:28:21.0894 0x05d8  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\Windows\system32\drivers\appid.sys
18:28:21.0923 0x05d8  AppID - ok
18:28:21.0954 0x05d8  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:28:21.0989 0x05d8  AppIDSvc - ok
18:28:22.0010 0x05d8  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\Windows\System32\appinfo.dll
18:28:22.0031 0x05d8  Appinfo - ok
18:28:22.0072 0x05d8  [ 1A8EA3500576DD4B43E9318F10709E0E, 85F8581C319DE241B223366F08A5F9301858DA9DA1A0CAA10ED387A2B99EC216 ] AppMgmt         C:\Windows\System32\appmgmts.dll
18:28:22.0114 0x05d8  AppMgmt - ok
18:28:22.0155 0x05d8  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
18:28:22.0197 0x05d8  AppReadiness - ok
18:28:22.0262 0x05d8  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
18:28:22.0332 0x05d8  AppXSvc - ok
18:28:22.0342 0x05d8  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:28:22.0362 0x05d8  arcsas - ok
18:28:22.0409 0x05d8  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
18:28:22.0430 0x05d8  aswHwid - ok
18:28:22.0450 0x05d8  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
18:28:22.0465 0x05d8  aswMonFlt - ok
18:28:22.0490 0x05d8  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
18:28:22.0504 0x05d8  aswRdr - ok
18:28:22.0528 0x05d8  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
18:28:22.0542 0x05d8  aswRvrt - ok
18:28:22.0647 0x05d8  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
18:28:22.0697 0x05d8  aswSnx - ok
18:28:22.0723 0x05d8  [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
18:28:22.0745 0x05d8  aswSP - ok
18:28:22.0770 0x05d8  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
18:28:22.0786 0x05d8  aswStm - ok
18:28:22.0866 0x05d8  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
18:28:22.0927 0x05d8  aswVmm - ok
18:28:22.0953 0x05d8  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:28:23.0023 0x05d8  AsyncMac - ok
18:28:23.0072 0x05d8  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:28:23.0088 0x05d8  atapi - ok
18:28:23.0127 0x05d8  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:28:23.0169 0x05d8  AudioEndpointBuilder - ok
18:28:23.0226 0x05d8  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:28:23.0308 0x05d8  Audiosrv - ok
18:28:23.0386 0x05d8  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:28:23.0406 0x05d8  avast! Antivirus - ok
18:28:23.0584 0x05d8  [ 46C430FE178028F7AD151B62EBA3EEC5, C883B7A974A629549470B28532640C1FD2166CC4F95C69E4C4A1596AF5A5A331 ] AvastVBoxSvc    C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
18:28:23.0694 0x05d8  AvastVBoxSvc - ok
18:28:23.0720 0x05d8  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:28:23.0801 0x05d8  AxInstSV - ok
18:28:23.0841 0x05d8  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:28:23.0872 0x05d8  b06bdrv - ok
18:28:23.0897 0x05d8  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
18:28:23.0936 0x05d8  BasicDisplay - ok
18:28:23.0972 0x05d8  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
18:28:24.0002 0x05d8  BasicRender - ok
18:28:24.0010 0x05d8  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
18:28:24.0023 0x05d8  bcmfn2 - ok
18:28:24.0064 0x05d8  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\Windows\System32\bdesvc.dll
18:28:24.0094 0x05d8  BDESVC - ok
18:28:24.0106 0x05d8  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
18:28:24.0120 0x05d8  Beep - ok
18:28:24.0198 0x05d8  [ 29875A9AEF3F6CB1BDCD190222AEA31C, E673C26BACC0F5A2234F82C3AEE0EF5E7C969FD633E6DD796D9B278E530AA5AE ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
18:28:24.0226 0x05d8  BEService - ok
18:28:24.0289 0x05d8  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\Windows\System32\bfe.dll
18:28:24.0328 0x05d8  BFE - ok
18:28:24.0392 0x05d8  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
18:28:24.0475 0x05d8  BITS - ok
18:28:24.0493 0x05d8  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:28:24.0523 0x05d8  bowser - ok
18:28:24.0552 0x05d8  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:28:24.0608 0x05d8  BrokerInfrastructure - ok
18:28:24.0644 0x05d8  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\Windows\System32\browser.dll
18:28:24.0671 0x05d8  Browser - ok
18:28:24.0690 0x05d8  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
18:28:24.0716 0x05d8  BthAvrcpTg - ok
18:28:24.0745 0x05d8  [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
18:28:24.0760 0x05d8  BthHFEnum - ok
18:28:24.0776 0x05d8  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
18:28:24.0807 0x05d8  bthhfhid - ok
18:28:24.0834 0x05d8  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
18:28:24.0858 0x05d8  BthHFSrv - ok
18:28:24.0908 0x05d8  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
18:28:24.0925 0x05d8  BTHMODEM - ok
18:28:24.0993 0x05d8  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\Windows\system32\bthserv.dll
18:28:25.0024 0x05d8  bthserv - ok
18:28:25.0047 0x05d8  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:28:25.0077 0x05d8  cdfs - ok
18:28:25.0105 0x05d8  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
18:28:25.0126 0x05d8  cdrom - ok
18:28:25.0194 0x05d8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:28:25.0223 0x05d8  CertPropSvc - ok
18:28:25.0238 0x05d8  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
18:28:25.0268 0x05d8  circlass - ok
18:28:25.0316 0x05d8  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
18:28:25.0341 0x05d8  CLFS - ok
18:28:25.0366 0x05d8  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
18:28:25.0382 0x05d8  CmBatt - ok
18:28:25.0426 0x05d8  [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:28:25.0457 0x05d8  CNG - ok
18:28:25.0489 0x05d8  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
18:28:25.0506 0x05d8  CompositeBus - ok
18:28:25.0512 0x05d8  COMSysApp - ok
18:28:25.0525 0x05d8  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
18:28:25.0544 0x05d8  condrv - ok
18:28:25.0565 0x05d8  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:28:25.0588 0x05d8  CryptSvc - ok
18:28:25.0639 0x05d8  [ 9DBC32A45CFA67074432D2AF6C2832B6, B3B26302961A95EDFD4F994D56B1E5A8452266E0C2161D15C1213BBE376227A2 ] CSC             C:\Windows\system32\drivers\csc.sys
18:28:25.0673 0x05d8  CSC - ok
18:28:25.0732 0x05d8  [ 86079FF8A3B625ABAEB68841D2BF6FE6, 49FF4D458DF8FAB4ECA8CAD9BBF88C929C8B9AB7F063938A6A332B31F2C0F8EB ] CscService      C:\Windows\System32\cscsvc.dll
18:28:25.0798 0x05d8  CscService - ok
18:28:25.0859 0x05d8  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
18:28:25.0872 0x05d8  dam - ok
18:28:25.0940 0x05d8  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:28:26.0004 0x05d8  DcomLaunch - ok
18:28:26.0037 0x05d8  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\Windows\System32\defragsvc.dll
18:28:26.0068 0x05d8  defragsvc - ok
18:28:26.0107 0x05d8  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
18:28:26.0145 0x05d8  DeviceAssociationService - ok
18:28:26.0177 0x05d8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
18:28:26.0214 0x05d8  DeviceInstall - ok
18:28:26.0253 0x05d8  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
18:28:26.0274 0x05d8  Dfsc - ok
18:28:26.0300 0x05d8  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:28:26.0313 0x05d8  dg_ssudbus - ok
18:28:26.0362 0x05d8  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:28:26.0391 0x05d8  Dhcp - ok
18:28:26.0403 0x05d8  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
18:28:26.0420 0x05d8  disk - ok
18:28:26.0438 0x05d8  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
18:28:26.0454 0x05d8  dmvsc - ok
18:28:26.0472 0x05d8  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:28:26.0497 0x05d8  Dnscache - ok
18:28:26.0534 0x05d8  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:28:26.0577 0x05d8  dot3svc - ok
18:28:26.0610 0x05d8  [ 27069CFFF29B7F04F4B1BB10154BE52B, 6869626F9A1D3F64224883C5E661638CEE893A3E29651C7B9302A03E52180415 ] dot4            C:\Windows\system32\DRIVERS\Dot4.sys
18:28:26.0623 0x05d8  dot4 - ok
18:28:26.0639 0x05d8  [ 0BD906A79F9CE3013F7D9D0AC45F9F9D, 2F7D5082E7E226D5EBEA164A8ACEE0A447C96EB1829224A6EFA3E7B4EFEE1D14 ] Dot4Print       C:\Windows\System32\drivers\Dot4Prt.sys
18:28:26.0648 0x05d8  Dot4Print - ok
18:28:26.0661 0x05d8  [ B7D595F2F464F7B628AD53F06547792C, F5D06A91EF54FBF56305FCC882B854350B266B2A005D80CC77AEBC2929440729 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
18:28:26.0670 0x05d8  dot4usb - ok
18:28:26.0709 0x05d8  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\Windows\system32\dps.dll
18:28:26.0744 0x05d8  DPS - ok
18:28:26.0768 0x05d8  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:28:26.0780 0x05d8  drmkaud - ok
18:28:26.0815 0x05d8  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
18:28:26.0836 0x05d8  DsmSvc - ok
18:28:26.0894 0x05d8  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:28:26.0965 0x05d8  DXGKrnl - ok
18:28:26.0972 0x05d8  EagleX64 - ok
18:28:27.0011 0x05d8  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\Windows\System32\eapsvc.dll
18:28:27.0036 0x05d8  Eaphost - ok
18:28:27.0153 0x05d8  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:28:27.0297 0x05d8  ebdrv - ok
18:28:27.0333 0x05d8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\Windows\System32\lsass.exe
18:28:27.0350 0x05d8  EFS - ok
18:28:27.0357 0x05d8  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
18:28:27.0371 0x05d8  EhStorClass - ok
18:28:27.0389 0x05d8  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:28:27.0406 0x05d8  EhStorTcgDrv - ok
18:28:27.0422 0x05d8  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
18:28:27.0457 0x05d8  ErrDev - ok
18:28:27.0487 0x05d8  [ 932C05033053ADA2404FD836C9AB2C70, 39E3C40DDDCA475F55CD6A044E8CF35A1C25A776B79204CBF76D0DD5D89568D8 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
18:28:27.0498 0x05d8  EuMusDesignVirtualAudioCableWdm - ok
18:28:27.0532 0x05d8  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\Windows\system32\es.dll
18:28:27.0574 0x05d8  EventSystem - ok
18:28:27.0594 0x05d8  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:28:27.0628 0x05d8  exfat - ok
18:28:27.0648 0x05d8  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:28:27.0668 0x05d8  fastfat - ok
18:28:27.0716 0x05d8  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\Windows\system32\fxssvc.exe
18:28:27.0764 0x05d8  Fax - ok
18:28:27.0783 0x05d8  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
18:28:27.0800 0x05d8  fdc - ok
18:28:27.0829 0x05d8  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\Windows\system32\fdPHost.dll
18:28:27.0855 0x05d8  fdPHost - ok
18:28:27.0886 0x05d8  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:28:27.0917 0x05d8  FDResPub - ok
18:28:27.0951 0x05d8  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\Windows\system32\fhsvc.dll
18:28:27.0977 0x05d8  fhsvc - ok
18:28:28.0014 0x05d8  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:28:28.0028 0x05d8  FileInfo - ok
18:28:28.0037 0x05d8  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:28:28.0068 0x05d8  Filetrace - ok
18:28:28.0083 0x05d8  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
18:28:28.0099 0x05d8  flpydisk - ok
18:28:28.0132 0x05d8  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:28:28.0154 0x05d8  FltMgr - ok
18:28:28.0230 0x05d8  [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache       C:\Windows\system32\FntCache.dll
18:28:28.0311 0x05d8  FontCache - ok
18:28:28.0384 0x05d8  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:28:28.0399 0x05d8  FontCache3.0.0.0 - ok
18:28:28.0435 0x05d8  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:28:28.0448 0x05d8  FsDepends - ok
18:28:28.0461 0x05d8  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:28:28.0474 0x05d8  Fs_Rec - ok
18:28:28.0513 0x05d8  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:28:28.0542 0x05d8  fvevol - ok
18:28:28.0580 0x05d8  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
18:28:28.0692 0x05d8  FxPPM - ok
18:28:28.0763 0x05d8  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:28:28.0800 0x05d8  gagp30kx - ok
18:28:28.0821 0x05d8  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
18:28:28.0856 0x05d8  gencounter - ok
18:28:28.0978 0x05d8  [ EBF714703106C1D5BC3E7B4C389A5828, D09472BCF71B58CF8F463131AD778F4D2E189047EE6B9AF088BCDE7B25398682 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:28:29.0012 0x05d8  GfExperienceService - ok
18:28:29.0043 0x05d8  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
18:28:29.0060 0x05d8  GPIOClx0101 - ok
18:28:29.0116 0x05d8  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\Windows\System32\gpsvc.dll
18:28:29.0234 0x05d8  gpsvc - ok
18:28:29.0314 0x05d8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:29.0324 0x05d8  gupdate - ok
18:28:29.0367 0x05d8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:28:29.0377 0x05d8  gupdatem - ok
18:28:29.0440 0x05d8  [ 7797D1580D933056023B822BB5CD0FE2, 24585AAFB43862AE4B9228B513658D906550EC8A475C67182933FB233621A85D ] Hamachi         C:\Windows\system32\DRIVERS\Hamdrv.sys
18:28:29.0452 0x05d8  Hamachi - ok
18:28:29.0482 0x05d8  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:28:29.0527 0x05d8  HdAudAddService - ok
18:28:29.0564 0x05d8  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
18:28:29.0597 0x05d8  HDAudBus - ok
18:28:29.0618 0x05d8  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
18:28:29.0635 0x05d8  HidBatt - ok
18:28:29.0753 0x05d8  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
18:28:29.0871 0x05d8  HidBth - ok
18:28:29.0896 0x05d8  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
18:28:29.0929 0x05d8  hidi2c - ok
18:28:29.0935 0x05d8  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
18:28:29.0958 0x05d8  HidIr - ok
18:28:30.0000 0x05d8  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\Windows\system32\hidserv.dll
18:28:30.0018 0x05d8  hidserv - ok
18:28:30.0062 0x05d8  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
18:28:30.0092 0x05d8  HidUsb - ok
18:28:30.0122 0x05d8  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:28:30.0141 0x05d8  hkmsvc - ok
18:28:30.0201 0x05d8  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:28:30.0226 0x05d8  HomeGroupListener - ok
18:28:30.0280 0x05d8  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:28:30.0313 0x05d8  HomeGroupProvider - ok
18:28:30.0452 0x05d8  [ 930370725FA0FE272346583A7A7D6BDB, 98195638D548A6E5E574E062FDCF4E5833DDE834399787EC51C340699B6E5E64 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
18:28:30.0467 0x05d8  hpqcxs08 - ok
18:28:30.0488 0x05d8  [ EE281DD6843F3F697C1AD7933EEB1E9B, 1ECE31C2150B92DDC1DCBBCECFE3E979F2C60B3F106280E3167BEC0269BF7A41 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
18:28:30.0502 0x05d8  hpqddsvc - ok
18:28:30.0615 0x05d8  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:28:30.0628 0x05d8  HpSAMD - ok
18:28:30.0691 0x05d8  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:28:30.0746 0x05d8  HTTP - ok
18:28:30.0840 0x05d8  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
18:28:30.0934 0x05d8  HWiNFO32 - ok
18:28:30.0946 0x05d8  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:28:31.0011 0x05d8  hwpolicy - ok
18:28:31.0027 0x05d8  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
18:28:31.0052 0x05d8  hyperkbd - ok
18:28:31.0068 0x05d8  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
18:28:31.0086 0x05d8  HyperVideo - ok
18:28:31.0121 0x05d8  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
18:28:31.0138 0x05d8  i8042prt - ok
18:28:31.0143 0x05d8  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
18:28:31.0154 0x05d8  iaLPSSi_GPIO - ok
18:28:31.0161 0x05d8  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
18:28:31.0235 0x05d8  iaLPSSi_I2C - ok
18:28:31.0403 0x05d8  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
18:28:31.0485 0x05d8  iaStorAV - ok
18:28:31.0525 0x05d8  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:28:31.0553 0x05d8  iaStorV - ok
18:28:31.0558 0x05d8  IEEtwCollectorService - ok
18:28:31.0637 0x05d8  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:28:31.0728 0x05d8  IKEEXT - ok
18:28:31.0873 0x05d8  [ 39246F2CFBF1D32C3A12E242661EC039, EADF06D9B142844C16C2B0E412D708DB02BA07E2CD96BBFB2F0984DD6BB63E28 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:28:32.0013 0x05d8  IntcAzAudAddService - ok
18:28:32.0028 0x05d8  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:28:32.0044 0x05d8  intelide - ok
18:28:32.0087 0x05d8  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
18:28:32.0102 0x05d8  intelpep - ok
18:28:32.0115 0x05d8  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
18:28:32.0135 0x05d8  intelppm - ok
18:28:32.0142 0x05d8  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:28:32.0178 0x05d8  IpFilterDriver - ok
18:28:32.0236 0x05d8  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:28:32.0305 0x05d8  iphlpsvc - ok
18:28:32.0347 0x05d8  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
18:28:32.0379 0x05d8  IPMIDRV - ok
18:28:32.0409 0x05d8  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:28:32.0440 0x05d8  IPNAT - ok
18:28:32.0461 0x05d8  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:28:32.0481 0x05d8  IRENUM - ok
18:28:32.0497 0x05d8  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:28:32.0511 0x05d8  isapnp - ok
18:28:32.0555 0x05d8  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
18:28:32.0581 0x05d8  iScsiPrt - ok
18:28:32.0612 0x05d8  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
18:28:32.0627 0x05d8  kbdclass - ok
18:28:32.0633 0x05d8  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
18:28:32.0649 0x05d8  kbdhid - ok
18:28:32.0655 0x05d8  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\Windows\system32\drivers\kbldfltr.sys
18:28:32.0672 0x05d8  kbldfltr - ok
18:28:32.0684 0x05d8  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
18:28:32.0712 0x05d8  kdnic - ok
18:28:32.0744 0x05d8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
18:28:32.0760 0x05d8  KeyIso - ok
18:28:32.0804 0x05d8  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:28:32.0819 0x05d8  KSecDD - ok
18:28:32.0855 0x05d8  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:28:32.0873 0x05d8  KSecPkg - ok
18:28:32.0880 0x05d8  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:28:32.0912 0x05d8  ksthunk - ok
18:28:32.0957 0x05d8  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:28:33.0002 0x05d8  KtmRm - ok
18:28:33.0067 0x05d8  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:28:33.0098 0x05d8  LanmanServer - ok
18:28:33.0115 0x05d8  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:28:33.0141 0x05d8  LanmanWorkstation - ok
18:28:33.0167 0x05d8  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
18:28:33.0217 0x05d8  lfsvc - ok
18:28:33.0236 0x05d8  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:28:33.0265 0x05d8  lltdio - ok
18:28:33.0289 0x05d8  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:28:33.0326 0x05d8  lltdsvc - ok
18:28:33.0361 0x05d8  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:28:33.0378 0x05d8  lmhosts - ok
18:28:33.0400 0x05d8  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:28:33.0418 0x05d8  LSI_SAS - ok
18:28:33.0425 0x05d8  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:28:33.0441 0x05d8  LSI_SAS2 - ok
18:28:33.0446 0x05d8  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
18:28:33.0463 0x05d8  LSI_SAS3 - ok
18:28:33.0470 0x05d8  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
18:28:33.0484 0x05d8  LSI_SSS - ok
18:28:33.0537 0x05d8  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\Windows\System32\lsm.dll
18:28:33.0589 0x05d8  LSM - ok
18:28:33.0627 0x05d8  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:28:33.0647 0x05d8  luafv - ok
18:28:33.0689 0x05d8  [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
18:28:33.0702 0x05d8  mbamchameleon - ok
18:28:33.0735 0x05d8  [ E9CD058C79EA15B4AA93E259FA713B07, 2B09F65188D8782F9C797545F2F791EC7EAB85D8914B2C0B30BD869C412E3980 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:28:33.0749 0x05d8  MBAMSwissArmy - ok
18:28:33.0756 0x05d8  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
18:28:33.0770 0x05d8  megasas - ok
18:28:33.0803 0x05d8  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
18:28:33.0839 0x05d8  megasr - ok
18:28:33.0854 0x05d8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\Windows\system32\mmcss.dll
18:28:33.0885 0x05d8  MMCSS - ok
18:28:33.0905 0x05d8  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
18:28:33.0923 0x05d8  Modem - ok
18:28:33.0941 0x05d8  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
18:28:33.0973 0x05d8  monitor - ok
18:28:34.0013 0x05d8  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\Windows\System32\drivers\MijXfilt.sys
18:28:34.0032 0x05d8  MotioninJoyXFilter - detected UnsignedFile.Multi.Generic ( 1 )
18:28:36.0390 0x05d8  Detect skipped due to KSN trusted
18:28:36.0390 0x05d8  MotioninJoyXFilter - ok
18:28:36.0428 0x05d8  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:28:36.0442 0x05d8  mouclass - ok
18:28:36.0485 0x05d8  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:28:36.0515 0x05d8  mouhid - ok
18:28:36.0553 0x05d8  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:28:36.0569 0x05d8  mountmgr - ok
18:28:36.0624 0x05d8  [ 6ACCF2E8210880D7005C608AFDB5301C, D00122C928C5818A24E6C11183F79C253CFB6576AD54DC92AEEFC630ABBDE655 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:28:36.0639 0x05d8  MozillaMaintenance - ok
18:28:36.0660 0x05d8  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:28:36.0694 0x05d8  mpsdrv - ok
18:28:36.0755 0x05d8  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:28:36.0811 0x05d8  MpsSvc - ok
18:28:36.0852 0x05d8  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:28:36.0873 0x05d8  MRxDAV - ok
18:28:36.0914 0x05d8  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:28:36.0955 0x05d8  mrxsmb - ok
18:28:36.0997 0x05d8  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:28:37.0044 0x05d8  mrxsmb10 - ok
18:28:37.0077 0x05d8  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:28:37.0110 0x05d8  mrxsmb20 - ok
18:28:37.0128 0x05d8  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:28:37.0148 0x05d8  MsBridge - ok
18:28:37.0187 0x05d8  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\Windows\System32\msdtc.exe
18:28:37.0211 0x05d8  MSDTC - ok
18:28:37.0221 0x05d8  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:28:37.0241 0x05d8  Msfs - ok
18:28:37.0252 0x05d8  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
18:28:37.0265 0x05d8  msgpiowin32 - ok
18:28:37.0284 0x05d8  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:28:37.0320 0x05d8  mshidkmdf - ok
18:28:37.0373 0x05d8  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
18:28:37.0533 0x05d8  mshidumdf - ok
18:28:37.0591 0x05d8  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:28:37.0605 0x05d8  msisadrv - ok
18:28:37.0628 0x05d8  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:28:37.0659 0x05d8  MSiSCSI - ok
18:28:37.0663 0x05d8  msiserver - ok
18:28:37.0685 0x05d8  [ 4C1A0E9B4C6CC09E8C68FD33998013AA, 190ADFCCAE844DB9F807BD9668EB90BE0C9887719DF2820E66D121655AF27614 ] MsKeyboardFilter C:\Windows\System32\KeyboardFilterSvc.dll
18:28:37.0702 0x05d8  MsKeyboardFilter - ok
18:28:37.0710 0x05d8  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:28:37.0736 0x05d8  MSKSSRV - ok
18:28:37.0763 0x05d8  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:28:37.0779 0x05d8  MsLldp - ok
18:28:37.0794 0x05d8  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:28:37.0810 0x05d8  MSPCLOCK - ok
18:28:37.0822 0x05d8  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:28:37.0839 0x05d8  MSPQM - ok
18:28:37.0859 0x05d8  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:28:37.0884 0x05d8  MsRPC - ok
18:28:37.0905 0x05d8  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:28:37.0919 0x05d8  mssmbios - ok
18:28:37.0928 0x05d8  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:28:37.0960 0x05d8  MSTEE - ok
18:28:37.0973 0x05d8  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:28:37.0989 0x05d8  MTConfig - ok
18:28:37.0995 0x05d8  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
18:28:38.0010 0x05d8  Mup - ok
18:28:38.0029 0x05d8  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:28:38.0043 0x05d8  mvumis - ok
18:28:38.0081 0x05d8  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
18:28:38.0110 0x05d8  napagent - ok
18:28:38.0131 0x05d8  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:28:38.0158 0x05d8  NativeWifiP - ok
18:28:38.0173 0x05d8  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:28:38.0194 0x05d8  NcaSvc - ok
18:28:38.0229 0x05d8  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
18:28:38.0263 0x05d8  NcbService - ok
18:28:38.0284 0x05d8  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:28:38.0303 0x05d8  NcdAutoSetup - ok
18:28:38.0370 0x05d8  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:28:38.0436 0x05d8  NDIS - ok
18:28:38.0471 0x05d8  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:28:38.0498 0x05d8  NdisCap - ok
18:28:38.0521 0x05d8  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:28:38.0540 0x05d8  NdisImPlatform - ok
18:28:38.0575 0x05d8  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:28:38.0601 0x05d8  NdisTapi - ok
18:28:38.0609 0x05d8  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:28:38.0640 0x05d8  Ndisuio - ok
18:28:38.0655 0x05d8  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
18:28:38.0677 0x05d8  NdisVirtualBus - ok
18:28:38.0697 0x05d8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:28:38.0724 0x05d8  NdisWan - ok
18:28:38.0742 0x05d8  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
18:28:38.0766 0x05d8  NdisWanLegacy - ok
18:28:38.0799 0x05d8  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:28:38.0829 0x05d8  NDProxy - ok
18:28:38.0848 0x05d8  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
18:28:38.0897 0x05d8  Ndu - ok
18:28:38.0934 0x05d8  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\System32\HPZinw12.dll
18:28:38.0963 0x05d8  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:28:41.0361 0x05d8  Detect skipped due to KSN trusted
18:28:41.0361 0x05d8  Net Driver HPZ12 - ok
18:28:41.0399 0x05d8  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:28:41.0435 0x05d8  NetBIOS - ok
18:28:41.0449 0x05d8  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:28:41.0486 0x05d8  NetBT - ok
18:28:41.0500 0x05d8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
18:28:41.0519 0x05d8  Netlogon - ok
18:28:41.0551 0x05d8  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
18:28:41.0582 0x05d8  Netman - ok
18:28:41.0628 0x05d8  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:28:41.0688 0x05d8  netprofm - ok
18:28:41.0806 0x05d8  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:28:41.0827 0x05d8  NetTcpPortSharing - ok
18:28:41.0882 0x05d8  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
18:28:41.0918 0x05d8  netvsc - ok
18:28:41.0972 0x05d8  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:28:42.0024 0x05d8  NlaSvc - ok
18:28:42.0049 0x05d8  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:28:42.0086 0x05d8  Npfs - ok
18:28:42.0103 0x05d8  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
18:28:42.0150 0x05d8  npsvctrig - ok
18:28:42.0195 0x05d8  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\Windows\system32\nsisvc.dll
18:28:42.0233 0x05d8  nsi - ok
18:28:42.0290 0x05d8  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:28:42.0313 0x05d8  nsiproxy - ok
18:28:42.0415 0x05d8  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:28:42.0586 0x05d8  Ntfs - ok
18:28:42.0609 0x05d8  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
18:28:42.0630 0x05d8  Null - ok
18:28:42.0671 0x05d8  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:28:42.0690 0x05d8  NVHDA - ok
18:28:43.0098 0x05d8  [ 7C28BA74B766F3470128107DA764F711, 43738B3B7F7A493D2B0102B889612A1E91545F38BA82CD911D63361F08048314 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:28:43.0548 0x05d8  nvlddmkm - ok
18:28:43.0717 0x05d8  [ F758A5752CA282925CE3324FDBBADBED, E9DE21AE4509BC401FE7BD717E1585BDEAF2E016A4DC8BB829DD43F54101923F ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:28:43.0790 0x05d8  NvNetworkService - ok
18:28:43.0818 0x05d8  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:28:43.0840 0x05d8  nvraid - ok
18:28:43.0850 0x05d8  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:28:43.0873 0x05d8  nvstor - ok
18:28:43.0957 0x05d8  [ 0772513BF441995A61A6C6F87BE12174, 308203FACAAFC87AA18765F0F358ADF5F99D0CAA9ADE51C14C43416FAB68FA18 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:28:43.0971 0x05d8  NvStreamKms - ok
18:28:43.0976 0x05d8  NvStreamSvc - ok
18:28:44.0031 0x05d8  [ 2A4F832243E869FD7564AA90402D74BD, E730A517EB6D49036B6FC196BFC930ED93EDB4FD4FA7EB1EB69A434BB94AE3C0 ] nvsvc           C:\Windows\system32\nvvsvc.exe
18:28:44.0078 0x05d8  nvsvc - ok
18:28:44.0116 0x05d8  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:28:44.0128 0x05d8  nvvad_WaveExtensible - ok
18:28:44.0137 0x05d8  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:28:44.0157 0x05d8  nv_agp - ok
18:28:44.0274 0x05d8  [ D6567FA6D4B682340A9A4B0AB269C9A5, 2F544C84F239E122E27259F6CB412D880C0A62CD2DE0F6AB97FE07AF602B646B ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
18:28:44.0418 0x05d8  Origin Client Service - ok
18:28:44.0468 0x05d8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:28:44.0555 0x05d8  p2pimsvc - ok
18:28:44.0598 0x05d8  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
18:28:44.0656 0x05d8  p2psvc - ok
18:28:44.0686 0x05d8  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
18:28:44.0716 0x05d8  Parport - ok
18:28:44.0753 0x05d8  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:28:44.0779 0x05d8  partmgr - ok
18:28:44.0853 0x05d8  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:28:44.0907 0x05d8  PcaSvc - ok
18:28:44.0950 0x05d8  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
18:28:45.0006 0x05d8  pci - ok
18:28:45.0019 0x05d8  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:28:45.0035 0x05d8  pciide - ok
18:28:45.0045 0x05d8  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:28:45.0063 0x05d8  pcmcia - ok
18:28:45.0079 0x05d8  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:28:45.0101 0x05d8  pcw - ok
18:28:45.0133 0x05d8  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
18:28:45.0151 0x05d8  pdc - ok
18:28:45.0205 0x05d8  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:28:45.0294 0x05d8  PEAUTH - ok
18:28:45.0404 0x05d8  [ A35EC8F902475350DA31BDF0E1402A91, 5AB43B4BD70B44A62FFD21A9D3CB8D1BC035B6E001DBB1BAC30D6D7A07475D83 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
18:28:45.0558 0x05d8  PeerDistSvc - ok
18:28:46.0059 0x05d8  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:28:46.0106 0x05d8  PerfHost - ok
18:28:46.0242 0x05d8  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\Windows\system32\pla.dll
18:28:46.0375 0x05d8  pla - ok
18:28:46.0411 0x05d8  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:28:46.0466 0x05d8  PlugPlay - ok
18:28:46.0517 0x05d8  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\System32\HPZipm12.dll
18:28:46.0548 0x05d8  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
18:28:49.0912 0x05d8  Detect skipped due to KSN trusted
18:28:49.0912 0x05d8  Pml Driver HPZ12 - ok
18:28:49.0935 0x05d8  PnkBstrA - ok
18:28:49.0968 0x05d8  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:28:49.0988 0x05d8  PNRPAutoReg - ok
18:28:50.0003 0x05d8  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:28:50.0063 0x05d8  PNRPsvc - ok
18:28:50.0108 0x05d8  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:28:50.0150 0x05d8  PolicyAgent - ok
18:28:50.0185 0x05d8  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\Windows\system32\umpo.dll
18:28:50.0207 0x05d8  Power - ok
18:28:50.0244 0x05d8  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:28:50.0282 0x05d8  PptpMiniport - ok
18:28:50.0412 0x05d8  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:28:50.0563 0x05d8  PrintNotify - ok
18:28:50.0607 0x05d8  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
18:28:50.0627 0x05d8  Processor - ok
18:28:50.0657 0x05d8  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:28:50.0706 0x05d8  ProfSvc - ok
18:28:50.0739 0x05d8  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:28:50.0779 0x05d8  Psched - ok
18:28:50.0807 0x05d8  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\Windows\system32\qwave.dll
18:28:50.0839 0x05d8  QWAVE - ok
18:28:50.0881 0x05d8  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:28:50.0923 0x05d8  QWAVEdrv - ok
18:28:50.0956 0x05d8  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:28:50.0983 0x05d8  RasAcd - ok
18:28:51.0026 0x05d8  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:28:51.0049 0x05d8  RasAgileVpn - ok
18:28:51.0089 0x05d8  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\Windows\System32\rasauto.dll
18:28:51.0121 0x05d8  RasAuto - ok
18:28:51.0167 0x05d8  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:28:51.0207 0x05d8  Rasl2tp - ok
18:28:51.0259 0x05d8  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
18:28:51.0333 0x05d8  RasMan - ok
18:28:51.0362 0x05d8  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:28:51.0391 0x05d8  RasPppoe - ok
18:28:51.0416 0x05d8  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:28:51.0436 0x05d8  RasSstp - ok
18:28:51.0476 0x05d8  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:28:51.0527 0x05d8  rdbss - ok
18:28:51.0546 0x05d8  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
18:28:51.0581 0x05d8  rdpbus - ok
18:28:51.0609 0x05d8  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
18:28:51.0635 0x05d8  RDPDR - ok
18:28:51.0688 0x05d8  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:28:51.0705 0x05d8  RdpVideoMiniport - ok
18:28:51.0741 0x05d8  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:28:51.0765 0x05d8  rdyboost - ok
18:28:51.0813 0x05d8  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
18:28:51.0916 0x05d8  ReFS - ok
18:28:51.0993 0x05d8  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:28:52.0046 0x05d8  RemoteAccess - ok
18:28:52.0149 0x05d8  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:28:52.0188 0x05d8  RemoteRegistry - ok
18:28:52.0207 0x05d8  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:28:52.0254 0x05d8  RpcEptMapper - ok
18:28:52.0273 0x05d8  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
18:28:52.0307 0x05d8  RpcLocator - ok
18:28:52.0368 0x05d8  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\Windows\system32\rpcss.dll
18:28:52.0416 0x05d8  RpcSs - ok
18:28:52.0426 0x05d8  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:28:52.0451 0x05d8  rspndr - ok
18:28:52.0514 0x05d8  [ 0D992B69029D1F23A872FF5A3352FB5B, 0ACA4447EE54D635F76B941F6100B829DC8B2E0DF27BDF584ACB90F15F12FBDA ] RTCore64        C:\Program Files (x86)\MSI Afterburner\RTCore64.sys
18:28:52.0541 0x05d8  RTCore64 - ok
18:28:52.0620 0x05d8  [ 28BEF2E6CCB3BA4AB67B832FF6F82BF6, DBC02CE0BC044166DD3F79977AC61C4FA2509114665AFF038C89576E6C0CC4E7 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
18:28:52.0665 0x05d8  RTL8168 - ok
18:28:52.0699 0x05d8  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
18:28:52.0719 0x05d8  s3cap - ok
18:28:52.0757 0x05d8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\Windows\system32\lsass.exe
18:28:52.0778 0x05d8  SamSs - ok
18:28:52.0799 0x05d8  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:28:52.0818 0x05d8  sbp2port - ok
18:28:52.0855 0x05d8  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:28:52.0905 0x05d8  SCardSvr - ok
18:28:52.0932 0x05d8  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
18:28:52.0959 0x05d8  ScDeviceEnum - ok
18:28:52.0975 0x05d8  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:28:53.0028 0x05d8  scfilter - ok
18:28:53.0124 0x05d8  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\Windows\system32\schedsvc.dll
18:28:53.0236 0x05d8  Schedule - ok
18:28:53.0261 0x05d8  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:28:53.0285 0x05d8  SCPolicySvc - ok
18:28:53.0321 0x05d8  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
18:28:53.0348 0x05d8  sdbus - ok
18:28:53.0388 0x05d8  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
18:28:53.0406 0x05d8  sdstor - ok
18:28:53.0428 0x05d8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:28:53.0458 0x05d8  secdrv - ok
18:28:53.0521 0x05d8  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\Windows\system32\seclogon.dll
18:28:53.0543 0x05d8  seclogon - ok
18:28:53.0557 0x05d8  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
18:28:53.0659 0x05d8  SENS - ok
18:28:53.0722 0x05d8  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:28:53.0766 0x05d8  SensrSvc - ok
18:28:53.0784 0x05d8  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
18:28:53.0801 0x05d8  SerCx - ok
18:28:53.0831 0x05d8  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
18:28:53.0852 0x05d8  SerCx2 - ok
18:28:53.0871 0x05d8  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
18:28:53.0890 0x05d8  Serenum - ok
18:28:53.0903 0x05d8  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
18:28:53.0926 0x05d8  Serial - ok
18:28:53.0946 0x05d8  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
18:28:53.0994 0x05d8  sermouse - ok
18:28:54.0048 0x05d8  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
18:28:54.0137 0x05d8  SessionEnv - ok
18:28:54.0160 0x05d8  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
18:28:54.0192 0x05d8  sfloppy - ok
18:28:54.0222 0x05d8  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:28:54.0255 0x05d8  SharedAccess - ok
18:28:54.0312 0x05d8  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:28:54.0474 0x05d8  ShellHWDetection - ok
18:28:54.0503 0x05d8  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:28:54.0519 0x05d8  SiSRaid2 - ok
18:28:54.0645 0x05d8  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:28:54.0694 0x05d8  SiSRaid4 - ok
18:28:54.0743 0x05d8  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
18:28:54.0768 0x05d8  SkypeUpdate - ok
18:28:54.0801 0x05d8  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\Windows\System32\smphost.dll
18:28:54.0824 0x05d8  smphost - ok
18:28:54.0840 0x05d8  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:28:54.0886 0x05d8  SNMPTRAP - ok
18:28:54.0919 0x05d8  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
18:28:54.0952 0x05d8  spaceport - ok
18:28:54.0959 0x05d8  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
18:28:54.0980 0x05d8  SpbCx - ok
18:28:55.0017 0x05d8  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\Windows\System32\spoolsv.exe
18:28:55.0088 0x05d8  Spooler - ok
18:28:55.0323 0x05d8  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
18:28:55.0619 0x05d8  sppsvc - ok
18:28:55.0674 0x05d8  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:28:55.0703 0x05d8  srv - ok
18:28:55.0738 0x05d8  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:28:55.0787 0x05d8  srv2 - ok
18:28:55.0832 0x05d8  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:28:55.0853 0x05d8  srvnet - ok
18:28:55.0871 0x05d8  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:28:55.0914 0x05d8  SSDPSRV - ok
18:28:55.0945 0x05d8  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:28:55.0967 0x05d8  SstpSvc - ok
18:28:55.0993 0x05d8  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
18:28:56.0011 0x05d8  ssudmdm - ok
18:28:56.0066 0x05d8  [ EBAA82F7C9B97C0E450449178E007340, D470927CC216C4E3EA23236E6C6464187CD3A49C3A4A456F488FEC8E713EA31B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:28:56.0118 0x05d8  Steam Client Service - ok
18:28:56.0214 0x05d8  [ F82B2FC221CA0E408874884787491667, A9C7FB9C4719484BDA4FB69A8F948DC556CFEA19DFE89D2E63536F2C42725E66 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
18:28:56.0234 0x05d8  Stereo Service - ok
18:28:56.0241 0x05d8  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:28:56.0254 0x05d8  stexstor - ok
18:28:56.0289 0x05d8  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
18:28:56.0367 0x05d8  stisvc - ok
18:28:56.0389 0x05d8  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
18:28:56.0409 0x05d8  storahci - ok
18:28:56.0449 0x05d8  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
18:28:56.0465 0x05d8  storflt - ok
18:28:56.0494 0x05d8  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
18:28:56.0510 0x05d8  stornvme - ok
18:28:56.0544 0x05d8  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\Windows\system32\storsvc.dll
18:28:56.0566 0x05d8  StorSvc - ok
18:28:56.0576 0x05d8  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
18:28:56.0590 0x05d8  storvsc - ok
18:28:56.0597 0x05d8  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\Windows\System32\drivers\storvsp.sys
18:28:56.0632 0x05d8  storvsp - ok
18:28:56.0668 0x05d8  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\Windows\system32\svsvc.dll
18:28:56.0689 0x05d8  svsvc - ok
18:28:56.0717 0x05d8  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
18:28:56.0733 0x05d8  swenum - ok
18:28:56.0765 0x05d8  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\Windows\System32\swprv.dll
18:28:56.0838 0x05d8  swprv - ok
18:28:56.0925 0x05d8  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\Windows\system32\sysmain.dll
18:28:57.0011 0x05d8  SysMain - ok
18:28:57.0249 0x05d8  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:28:57.0303 0x05d8  SystemEventsBroker - ok
18:28:57.0334 0x05d8  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:28:57.0376 0x05d8  TabletInputService - ok
18:28:57.0422 0x05d8  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:28:57.0503 0x05d8  TapiSrv - ok
18:28:57.0603 0x05d8  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:28:57.0765 0x05d8  Tcpip - ok
18:28:57.0873 0x05d8  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:28:57.0963 0x05d8  TCPIP6 - ok
18:28:58.0012 0x05d8  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:28:58.0039 0x05d8  tcpipreg - ok
18:28:58.0063 0x05d8  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:28:58.0098 0x05d8  tdx - ok
18:28:58.0116 0x05d8  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
18:28:58.0134 0x05d8  terminpt - ok
18:28:58.0228 0x05d8  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\Windows\System32\termsrv.dll
18:28:58.0338 0x05d8  TermService - ok
18:28:58.0422 0x05d8  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
18:28:58.0449 0x05d8  Themes - ok
18:28:58.0488 0x05d8  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\Windows\system32\mmcss.dll
18:28:58.0508 0x05d8  THREADORDER - ok
18:28:58.0513 0x05d8  TICalc - ok
18:28:58.0549 0x05d8  [ 199C2E87D9A5EC58D0BCD94E893BF629, A3CE21A62BB3D31FEE36E517D7ED7B86E41D4A80F22A51B9821AC57991014DC9 ] TIEHDUSB        C:\Windows\System32\drivers\tiehdusb.sys
18:28:58.0597 0x05d8  TIEHDUSB - ok
18:28:58.0640 0x05d8  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
18:28:58.0673 0x05d8  TimeBroker - ok
18:28:58.0693 0x05d8  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
18:28:58.0713 0x05d8  TPM - ok
18:28:58.0750 0x05d8  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
18:28:58.0777 0x05d8  TrkWks - ok
18:28:58.0834 0x05d8  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:28:58.0876 0x05d8  TrustedInstaller - ok
18:28:58.0898 0x05d8  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:28:58.0918 0x05d8  TsUsbFlt - ok
18:28:58.0958 0x05d8  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
18:28:58.0995 0x05d8  TsUsbGD - ok
18:28:59.0003 0x05d8  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:28:59.0074 0x05d8  tunnel - ok
18:28:59.0083 0x05d8  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:28:59.0099 0x05d8  uagp35 - ok
18:28:59.0117 0x05d8  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
18:28:59.0133 0x05d8  UASPStor - ok
18:28:59.0179 0x05d8  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
18:28:59.0209 0x05d8  UCX01000 - ok
18:28:59.0236 0x05d8  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:28:59.0268 0x05d8  udfs - ok
18:28:59.0281 0x05d8  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
18:28:59.0304 0x05d8  UEFI - ok
18:28:59.0343 0x05d8  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:28:59.0385 0x05d8  UI0Detect - ok
18:28:59.0392 0x05d8  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:28:59.0426 0x05d8  uliagpkx - ok
18:28:59.0441 0x05d8  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
18:28:59.0464 0x05d8  umbus - ok
18:28:59.0478 0x05d8  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
18:28:59.0508 0x05d8  UmPass - ok
18:28:59.0573 0x05d8  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:28:59.0605 0x05d8  UmRdpService - ok
18:28:59.0804 0x05d8  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
18:28:59.0991 0x05d8  upnphost - ok
18:29:00.0028 0x05d8  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
18:29:00.0056 0x05d8  usbaudio - ok
18:29:00.0096 0x05d8  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
18:29:00.0122 0x05d8  usbccgp - ok
18:29:00.0147 0x05d8  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
18:29:00.0189 0x05d8  usbcir - ok
18:29:00.0239 0x05d8  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
18:29:00.0268 0x05d8  usbehci - ok
18:29:00.0313 0x05d8  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
18:29:00.0349 0x05d8  usbhub - ok
18:29:00.0394 0x05d8  [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
18:29:00.0437 0x05d8  USBHUB3 - ok
18:29:00.0484 0x05d8  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
18:29:00.0574 0x05d8  usbohci - ok
18:29:00.0580 0x05d8  USBPNPA - ok
18:29:00.0599 0x05d8  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
18:29:00.0688 0x05d8  usbprint - ok
18:29:00.0719 0x05d8  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
18:29:00.0742 0x05d8  USBSTOR - ok
18:29:00.0835 0x05d8  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
18:29:00.0913 0x05d8  usbuhci - ok
18:29:00.0955 0x05d8  [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
18:29:00.0984 0x05d8  USBXHCI - ok
18:29:01.0000 0x05d8  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
18:29:01.0025 0x05d8  VaultSvc - ok
18:29:01.0099 0x05d8  [ EB2461E88E1E9F2243FAA3F167BFB94E, 1A7E51BC964CC42A2839FE6DB20A7E2E695E827B62851B0B25CCDB091A144D24 ] VBoxAswDrv      C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
18:29:01.0123 0x05d8  VBoxAswDrv - ok
18:29:01.0144 0x05d8  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:29:01.0160 0x05d8  vdrvroot - ok
18:29:01.0215 0x05d8  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\Windows\System32\vds.exe
18:29:01.0368 0x05d8  vds - ok
18:29:01.0405 0x05d8  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
18:29:01.0426 0x05d8  VerifierExt - ok
18:29:01.0475 0x05d8  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
18:29:01.0513 0x05d8  vhdmp - ok
18:29:01.0529 0x05d8  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:29:01.0544 0x05d8  viaide - ok
18:29:01.0575 0x05d8  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\Windows\System32\drivers\Vid.sys
18:29:01.0599 0x05d8  Vid - ok
18:29:01.0636 0x05d8  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
18:29:01.0663 0x05d8  vmbus - ok
18:29:01.0694 0x05d8  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
18:29:01.0714 0x05d8  VMBusHID - ok
18:29:01.0736 0x05d8  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\Windows\System32\drivers\vmbusr.sys
18:29:01.0794 0x05d8  vmbusr - ok
18:29:01.0799 0x05d8  vmci - ok
18:29:01.0850 0x05d8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
18:29:01.0937 0x05d8  vmicguestinterface - ok
18:29:01.0954 0x05d8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
18:29:01.0995 0x05d8  vmicheartbeat - ok
18:29:02.0012 0x05d8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:29:02.0101 0x05d8  vmickvpexchange - ok
18:29:02.0181 0x05d8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\Windows\System32\ICSvc.dll
18:29:02.0217 0x05d8  vmicrdv - ok
18:29:02.0234 0x05d8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
18:29:02.0271 0x05d8  vmicshutdown - ok
18:29:02.0291 0x05d8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
18:29:02.0329 0x05d8  vmictimesync - ok
18:29:02.0354 0x05d8  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\Windows\System32\ICSvc.dll
18:29:02.0408 0x05d8  vmicvss - ok
18:29:02.0458 0x05d8  VMnetAdapter - ok
18:29:02.0467 0x05d8  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:29:02.0488 0x05d8  volmgr - ok
18:29:02.0544 0x05d8  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:29:02.0578 0x05d8  volmgrx - ok
18:29:02.0626 0x05d8  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:29:02.0654 0x05d8  volsnap - ok
18:29:02.0671 0x05d8  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\Windows\System32\drivers\vpci.sys
18:29:02.0689 0x05d8  vpci - ok
18:29:02.0695 0x05d8  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\Windows\System32\drivers\vpcivsp.sys
18:29:02.0739 0x05d8  vpcivsp - ok
18:29:02.0748 0x05d8  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:29:02.0774 0x05d8  vsmraid - ok
18:29:02.0846 0x05d8  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\Windows\system32\vssvc.exe
18:29:02.0976 0x05d8  VSS - ok
18:29:03.0014 0x05d8  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
18:29:03.0038 0x05d8  VSTXRAID - ok
18:29:03.0090 0x05d8  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:29:03.0173 0x05d8  vwifibus - ok
18:29:03.0443 0x05d8  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\Windows\system32\w32time.dll
18:29:03.0494 0x05d8  W32Time - ok
18:29:03.0587 0x05d8  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
18:29:03.0659 0x05d8  WacomPen - ok
18:29:03.0702 0x05d8  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:29:03.0724 0x05d8  WANARP - ok
18:29:03.0730 0x05d8  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:29:03.0749 0x05d8  Wanarpv6 - ok
18:29:03.0811 0x05d8  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\Windows\system32\wbengine.exe
18:29:03.0894 0x05d8  wbengine - ok
18:29:03.0940 0x05d8  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:29:03.0990 0x05d8  WbioSrvc - ok
18:29:04.0015 0x05d8  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
18:29:04.0048 0x05d8  Wcmsvc - ok
18:29:04.0081 0x05d8  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:29:04.0113 0x05d8  wcncsvc - ok
18:29:04.0146 0x05d8  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:29:04.0182 0x05d8  WcsPlugInService - ok
18:29:04.0218 0x05d8  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
18:29:04.0234 0x05d8  WdBoot - ok
18:29:04.0260 0x05d8  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:29:04.0300 0x05d8  Wdf01000 - ok
18:29:04.0324 0x05d8  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
18:29:04.0347 0x05d8  WdFilter - ok
18:29:04.0428 0x05d8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:29:04.0634 0x05d8  WdiServiceHost - ok
18:29:04.0768 0x05d8  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:29:04.0799 0x05d8  WdiSystemHost - ok
18:29:04.0850 0x05d8  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
18:29:04.0875 0x05d8  WdNisDrv - ok
18:29:04.0918 0x05d8  WdNisSvc - ok
18:29:05.0054 0x05d8  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\Windows\System32\webclnt.dll
18:29:05.0119 0x05d8  WebClient - ok
18:29:05.0151 0x05d8  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:29:05.0179 0x05d8  Wecsvc - ok
18:29:05.0204 0x05d8  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
18:29:05.0491 0x05d8  WEPHOSTSVC - ok
18:29:05.0582 0x05d8  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:29:06.0120 0x05d8  wercplsupport - ok
18:29:06.0201 0x05d8  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
18:29:06.0229 0x05d8  WerSvc - ok
18:29:06.0302 0x05d8  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
18:29:06.0322 0x05d8  WFPLWFS - ok
18:29:06.0355 0x05d8  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
18:29:06.0399 0x05d8  WiaRpc - ok
18:29:06.0427 0x05d8  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:29:06.0443 0x05d8  WIMMount - ok
18:29:06.0447 0x05d8  WinDefend - ok
18:29:06.0545 0x05d8  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:29:06.0664 0x05d8  WinHttpAutoProxySvc - ok
18:29:06.0749 0x05d8  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:29:06.0823 0x05d8  Winmgmt - ok
18:29:06.0935 0x05d8  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:29:07.0174 0x05d8  WinRM - ok
18:29:07.0260 0x05d8  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
18:29:07.0297 0x05d8  WinUsb - ok
18:29:07.0366 0x05d8  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\Windows\System32\wlansvc.dll
18:29:07.0502 0x05d8  WlanSvc - ok
18:29:07.0567 0x05d8  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
18:29:07.0637 0x05d8  wlidsvc - ok
18:29:07.0675 0x05d8  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
18:29:07.0711 0x05d8  WmiAcpi - ok
18:29:07.0757 0x05d8  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:29:07.0781 0x05d8  wmiApSrv - ok
18:29:07.0801 0x05d8  WMPNetworkSvc - ok
18:29:07.0816 0x05d8  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
18:29:07.0835 0x05d8  Wof - ok
18:29:07.0943 0x05d8  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
18:29:08.0061 0x05d8  workfolderssvc - ok
18:29:08.0374 0x05d8  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
18:29:08.0430 0x05d8  wpcfltr - ok
18:29:08.0509 0x05d8  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:29:08.0563 0x05d8  WPCSvc - ok
18:29:08.0591 0x05d8  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:29:08.0632 0x05d8  WPDBusEnum - ok
18:29:08.0650 0x05d8  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
18:29:08.0666 0x05d8  WpdUpFltr - ok
18:29:08.0677 0x05d8  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:29:08.0707 0x05d8  ws2ifsl - ok
18:29:08.0748 0x05d8  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\Windows\System32\wscsvc.dll
18:29:08.0776 0x05d8  wscsvc - ok
18:29:08.0782 0x05d8  WSearch - ok
18:29:08.0908 0x05d8  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\Windows\System32\WSService.dll
18:29:09.0087 0x05d8  WSService - ok
18:29:09.0238 0x05d8  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:29:09.0444 0x05d8  wuauserv - ok
18:29:09.0482 0x05d8  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:29:09.0506 0x05d8  WudfPf - ok
18:29:09.0521 0x05d8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
18:29:09.0555 0x05d8  WUDFRd - ok
18:29:09.0588 0x05d8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
18:29:09.0625 0x05d8  WUDFSensorLP - ok
18:29:09.0640 0x05d8  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:29:09.0670 0x05d8  wudfsvc - ok
18:29:09.0680 0x05d8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\Windows\System32\drivers\WUDFRd.sys
18:29:09.0704 0x05d8  WUDFWpdFs - ok
18:29:09.0714 0x05d8  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
18:29:09.0745 0x05d8  WUDFWpdMtp - ok
18:29:09.0794 0x05d8  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:29:09.0852 0x05d8  WwanSvc - ok
18:29:09.0862 0x05d8  xhunter1 - ok
18:29:09.0895 0x05d8  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\Windows\System32\drivers\xusb21.sys
18:29:09.0919 0x05d8  xusb21 - ok
18:29:09.0926 0x05d8  ================ Scan global ===============================
18:29:09.0982 0x05d8  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\Windows\system32\basesrv.dll
18:29:10.0001 0x05d8  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
18:29:10.0045 0x05d8  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
18:29:10.0096 0x05d8  [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\Windows\system32\services.exe
18:29:10.0109 0x05d8  [ Global ] - ok
18:29:10.0109 0x05d8  ================ Scan MBR ==================================
18:29:10.0120 0x05d8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:29:10.0832 0x05d8  \Device\Harddisk0\DR0 - ok
18:29:10.0833 0x05d8  ================ Scan VBR ==================================
18:29:10.0884 0x05d8  [ 74E8042A79B877E9FD681D9F52DD1A86 ] \Device\Harddisk0\DR0\Partition1
18:29:10.0944 0x05d8  \Device\Harddisk0\DR0\Partition1 - ok
18:29:10.0947 0x05d8  [ 232878DA9A0C47F1629D57F1D76D335C ] \Device\Harddisk0\DR0\Partition2
18:29:10.0965 0x05d8  \Device\Harddisk0\DR0\Partition2 - ok
18:29:10.0969 0x05d8  [ 684D90811A2133EB2D9BB2DBC2791E99 ] \Device\Harddisk0\DR0\Partition3
18:29:10.0980 0x05d8  \Device\Harddisk0\DR0\Partition3 - ok
18:29:11.0003 0x05d8  [ 219C997ECB5C923023D14D2766949E9F ] \Device\Harddisk0\DR0\Partition4
18:29:11.0015 0x05d8  \Device\Harddisk0\DR0\Partition4 - ok
18:29:11.0015 0x05d8  ================ Scan generic autorun ======================
18:29:11.0160 0x05d8  [ 638644168D9B5B5093AD84C9C162B550, BDBAB13BA6D369B7F87F721518F7EBD4B14D85B80BCC1E37FA929BB77200401B ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:29:11.0368 0x05d8  NvBackend - ok
18:29:11.0410 0x05d8  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
18:29:11.0434 0x05d8  ShadowPlay - ok
18:29:11.0584 0x05d8  [ ABB241C563C9E817B95DFA59974268C7, 10E5D544681C6619C338417A71F66785F5BC0807F315071783B6B57F7CDEB13D ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
18:29:11.0638 0x05d8  AdobeAAMUpdater-1.0 - ok
18:29:11.0785 0x05d8  [ D94D3F3B205839648E314E3E50691C6B, D1780F2B874BDA47E62B83FC2FBCE04D0912D49E3851586FB567A7DC77A4263D ] C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe
18:29:11.0960 0x05d8  SL-6397 Gaming Mouse - detected UnsignedFile.Multi.Generic ( 1 )
18:29:14.0435 0x05d8  SL-6397 Gaming Mouse ( UnsignedFile.Multi.Generic ) - warning
18:29:14.0435 0x05d8  Force sending object to P2P due to detect: C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe
18:29:17.0012 0x05d8  Object send P2P result: true
18:29:19.0529 0x05d8  [ D658AB1B55127D18DCFBCAC8CAAEA522, 9FB818F3899542CB7F1B979644423A66842D98D1762B1C38AE04AEE23320DA8E ] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
18:29:19.0542 0x05d8  HP Software Update - ok
18:29:19.0727 0x05d8  [ D1125F32ACB24ECC5147093167340181, D26DFABFEDC9AFC8412C5F59BCC3E64B5459A5EFE33BA1CCDFEA3E2F237EF150 ] C:\Program Files (x86)\Origin\Origin.exe
18:29:19.0920 0x05d8  EADM - ok
18:29:20.0050 0x05d8  [ DDE16105862139906957070ADC7F5B65, 25959206EBD3BF768A88D47A9AAF3B854D8BBB51E6ABF1AE0B76D906C3C0B9D8 ] C:\Program Files (x86)\Gyazo\GyStation.exe
18:29:20.0206 0x05d8  Gyazo - ok
18:29:20.0787 0x05d8  [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files\CCleaner\CCleaner64.exe
18:29:21.0160 0x05d8  CCleaner Monitoring - ok
18:29:21.0235 0x05d8  Skype - ok
18:29:21.0293 0x05d8  [ 9A0ABBB44CBDF1F35D9657E9BF141898, B5D7822EE77998EBA4A4F08998B387BC8BE835C6668615F88C9910FFFD96A421 ] C:\Program Files (x86)\puush\puush.exe
18:29:21.0331 0x05d8  puush - ok
18:29:21.0332 0x05d8  Waiting for KSN requests completion. In queue: 5
18:29:22.0334 0x05d8  Waiting for KSN requests completion. In queue: 5
18:29:23.0335 0x05d8  Waiting for KSN requests completion. In queue: 5
18:29:24.0342 0x05d8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
18:29:24.0343 0x05d8  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
18:29:24.0345 0x05d8  Win FW state via NFP2: enabled
18:29:26.0782 0x05d8  ============================================================
18:29:26.0782 0x05d8  Scan finished
18:29:26.0782 0x05d8  ============================================================
18:29:26.0793 0x09dc  Detected object count: 1
18:29:26.0793 0x09dc  Actual detected object count: 1
18:49:26.0949 0x09dc  SL-6397 Gaming Mouse ( UnsignedFile.Multi.Generic ) - skipped by user
18:49:26.0950 0x09dc  SL-6397 Gaming Mouse ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:50:39.0109 0x1094  Deinitialize success
         

Alt 10.05.2015, 06:45   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.05.2015, 11:11   #9
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



anti-malware
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 10.05.2015
Suchlauf-Zeit: 11:21:22
Logdatei: malwarebytes.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.10.02
Rootkit Datenbank: v2015.04.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Paddi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 362815
Verstrichene Zeit: 22 Min, 51 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 2
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAedBlockeu\KExrclmclJnS0C.dll, In Quarantäne, [a555761b6f1bc076ad16063007fb6b95], 
PUP.Optional.Multiplug, C:\Program Files (x86)\YoutubeAedBlockeu\KExrclmclJnS0C.x64.dll, In Quarantäne, [d525266b15751e1887d18ea842c001ff], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
adwcleaner
Code:
ATTFilter
# AdwCleaner v4.203 - Logfile created 10/05/2015 at 11:59:51
# Updated 30/04/2015 by Xplode
# Database : 2015-05-09.1 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Paddi - PADDI-PC
# Running from : C:\Users\Paddi\Downloads\AdwCleaner_4.203.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\YoutubeAedBlockeu
File Deleted : C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\npnkeeiehehhefofiekoflfedgehcdhl
File Deleted : C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage
File Deleted : C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_de.reimageplus.com_0.localstorage-journal
File Deleted : C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Deleted : C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Deleted : C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.searchoholic.info_0.localstorage
File Deleted : C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_websearch.searchoholic.info_0.localstorage-journal

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\DriverTuner_Init
Key Deleted : HKCU\Software\DriverTuner
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v33.0 (x86 de)


-\\ Google Chrome v42.0.2311.135


*************************

AdwCleaner[R0].txt - [4436 bytes] - [03/06/2014 19:48:52]
AdwCleaner[R1].txt - [6759 bytes] - [24/12/2014 12:59:11]
AdwCleaner[R2].txt - [6819 bytes] - [24/12/2014 13:02:13]
AdwCleaner[R3].txt - [3057 bytes] - [24/12/2014 13:07:17]
AdwCleaner[R4].txt - [2535 bytes] - [10/05/2015 11:57:53]
AdwCleaner[S0].txt - [3922 bytes] - [03/06/2014 19:49:21]
AdwCleaner[S1].txt - [3915 bytes] - [24/12/2014 13:07:01]
AdwCleaner[S2].txt - [3021 bytes] - [24/12/2014 13:08:43]
AdwCleaner[S3].txt - [2389 bytes] - [10/05/2015 11:59:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [2448  bytes] ##########
         
jrt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.0 (05.09.2015:1)
OS: Windows 8.1 Pro x64
Ran by Paddi on 10.05.2015 at 12:05:23,64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (Paddi)
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-591826998-651340935-421247996-1001



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\Users\Paddi\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\Paddi\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\Paddi\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\Paddi\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.05.2015 at 12:08:37,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 11.05.2015, 06:01   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 11.05.2015, 20:39   #11
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



ESET
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=43359502afbe114e8fcda08ad0a80b19
# engine=23789
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-11 10:57:16
# local_time=2015-05-11 12:57:16 (+0100, W. Europe Daylight Time)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 91 312255 312482 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 350703 8424228 0 0
# scanned=66161
# found=7
# cleaned=0
# scan_time=2984
sh=C1C60C0F669F0A1BD17E116765D7BE3918D23A10 ft=1 fh=c71c0011301fb8cd vn="Variante von Win32/Adware.MultiPlug.EG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BuyNsave\068CpfoYX6tVuq.dll.vir"
sh=566D7633907629212EB457A1DE45040881D91DD8 ft=1 fh=c71c0011eb8f3f3b vn="Variante von Win32/Adware.MultiPlug.JY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BuyNsave\068CpfoYX6tVuq.exe.vir"
sh=0311EB4519DE6933886B946708CE514ADDD93AFC ft=1 fh=2d15bb0f1ae54e29 vn="Variante von Win64/Adware.MultiPlug.E Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BuyNsave\068CpfoYX6tVuq.x64.dll.vir"
sh=566D7633907629212EB457A1DE45040881D91DD8 ft=1 fh=c71c0011eb8f3f3b vn="Variante von Win32/Adware.MultiPlug.JY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BuyNsave\BuYNsave.exe.vir"
sh=C28D7672F99DDD219A62CC288108637D96CBE484 ft=1 fh=c71c0011505f06a3 vn="Variante von Win32/SProtector.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DeltaFix\DeltaFix.dll.vir"
sh=C0D767350E5C0C483DC4435E55466A8CF7B43E29 ft=1 fh=92dde1894f16f654 vn="Variante von MSIL/Riskware.HackTool.WinActivator.A Anwendung" ac=I fn="C:\Program Files\Windows KMS Activator Ultimate 2014 v2.3\Windows KMS Activator Ultimate 2014 v2.3.exe"
sh=E978937AC7FAAC9A69609B2A4A3B8E2D43466DF9 ft=1 fh=b7b8c96c17c22525 vn="Win32/Patched.NFQ Trojaner" ac=I fn="C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\chrome.dll"
         
securitycheck
Code:
ATTFilter
 Results of screen317's Security Check version 1.001  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
 Windows Firewall Disabled!  
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 7 Update 80  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	17.0.0.169  
 Mozilla Firefox 33.0.3 Firefox out of Date!  
 Google Chrome 39.0.2171.95  Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
frst

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-05-2015
Ran by Paddi (administrator) on PADDI-PC on 11-05-2015 21:38:07
Running from C:\Users\Paddi\Desktop\programme\antiviren
Loaded Profiles: Paddi (Available profiles: Paddi)
Platform: Windows 8.1 Pro (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SL-6397 Gaming Mouse] => C:\Program Files (x86)\SPEEDLINK\DECUS Gaming Mouse\Monitor.exe [3587584 2013-09-30] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-07] (Avast Software s.r.o.)
HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1
HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3632472 2015-04-07] (Electronic Arts)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-30] (Nota Inc.)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31282816 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-591826998-651340935-421247996-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [567880 2015-01-07] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2014-06-25]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\Users\Paddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2014-02-16] ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-07] (Avast Software s.r.o.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\S-1-5-21-591826998-651340935-421247996-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-591826998-651340935-421247996-1001 -> URL hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP3E78F344-C1B9-4E91-82A4-E4237F5C0031&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-591826998-651340935-421247996-1001 -> SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2015-05-07] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-07] (Avast Software s.r.o.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2015-05-07] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-05-07] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-07] (Avast Software s.r.o.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-05-07] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{218B8ADA-67E2-46A6-8C27-DD0264EFDA53}: [NameServer] 8.8.4.4,8.8.8.8
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2015-05-07] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-09-23] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-05-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.80.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-05-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-04-08] (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Paddi\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-07] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-05-07] (Google Inc.)
FF Plugin HKU\S-1-5-21-591826998-651340935-421247996-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Paddi\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Extension: YouTube Unblocker - C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default\Extensions\youtubeunblocker@unblocker.yt [2014-11-09]
FF Extension: MEGA - C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default\Extensions\firefox@mega.co.nz.xpi [2014-08-02]
FF Extension: Adblock Plus - C:\Users\Paddi\AppData\Roaming\Mozilla\Firefox\Profiles\ylxuvsbi.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-02-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-05-07]

Chrome: 
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://google.de/"
CHR Profile: C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-11-12]
CHR Extension: (BetterTTV) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-10-30]
CHR Extension: (Google Drive) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-02]
CHR Extension: (YouTube) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-02]
CHR Extension: (Google Search) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-02]
CHR Extension: (Dark Vibe) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj [2014-10-30]
CHR Extension: (AdBlock) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-10-30]
CHR Extension: (Bookmark Manager) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-07]
CHR Extension: (Google Wallet) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-02]
CHR Extension: (Gmail) - C:\Users\Paddi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-05-07]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-07] (Avast Software s.r.o.)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-07] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [701824 2015-01-02] ()
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1878672 2015-03-28] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1930608 2015-04-07] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-15] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-07] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-07] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-07] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-07] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-07] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-07] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-07] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-07] ()
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2014-12-22] (REALiX(tm))
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
S2 TICalc; C:\Windows\SysWow64\Drivers\TICalc.sys [9152 1999-08-30] ()
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-07] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 mbamchameleon; \??\C:\Windows\system32\drivers\mbamchameleon.sys [X]
S3 USBPNPA; \SystemRoot\system32\drivers\CM10864.sys [X]
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-11 21:28 - 2015-05-11 21:28 - 00000000 ____D () C:\Users\Paddi\Desktop\BKII - Prüfung
2015-05-11 12:00 - 2015-05-11 12:00 - 00322816 _____ () C:\Windows\Minidump\051115-36515-01.dmp
2015-05-11 12:00 - 2015-05-11 12:00 - 00000000 ____D () C:\Windows\Minidump
2015-05-11 11:59 - 2015-05-11 11:59 - 663337806 _____ () C:\Windows\MEMORY.DMP
2015-05-10 21:42 - 2015-05-10 22:03 - 00002656 _____ () C:\Users\Paddi\Documents\Neue Datenbank.odb
2015-05-10 12:06 - 2015-05-11 11:50 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-591826998-651340935-421247996-1001
2015-05-10 12:05 - 2015-05-10 12:05 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-PADDI-PC-Windows-8.1-Pro-(64-bit).dat
2015-05-10 12:05 - 2015-05-10 12:05 - 00000000 ____D () C:\RegBackup
2015-05-09 22:22 - 2015-05-11 12:00 - 00001740 _____ () C:\Windows\setupact.log
2015-05-09 22:22 - 2015-05-09 22:22 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-09 22:21 - 2015-05-10 12:01 - 00002194 _____ () C:\Windows\PFRO.log
2015-05-09 16:28 - 2015-05-09 16:33 - 121367965 _____ () C:\Users\Paddi\Downloads\Ciara - Jackie (Deluxe Edition).zip
2015-05-09 16:27 - 2015-05-09 16:34 - 116338277 _____ () C:\Users\Paddi\Downloads\Lil Blood - Down To The Wire 3 [GangstaRapTalk.com].zip
2015-05-09 16:26 - 2015-05-09 17:02 - 108625498 _____ () C:\Users\Paddi\Downloads\LB.-B.2015.WWW.DEUTSCHRAP.ORG.rar
2015-05-09 15:29 - 2015-05-09 15:31 - 140118758 _____ () C:\Users\Paddi\Downloads\Who_Is_Rickey_Wayne-(DatPiff.com).zip
2015-05-09 15:27 - 2015-05-09 15:30 - 130488063 _____ () C:\Users\Paddi\Downloads\Smells_Like_Queensbridge-(DatPiff.com).zip
2015-05-09 15:27 - 2015-05-09 15:30 - 101732991 _____ () C:\Users\Paddi\Downloads\MINKS-(DatPiff.com).zip
2015-05-09 15:25 - 2015-05-09 15:27 - 118989732 _____ () C:\Users\Paddi\Downloads\Da_Position_Of_Doubt-(DatPiff.com).zip
2015-05-09 13:56 - 2015-05-11 19:09 - 00637954 _____ () C:\Windows\WindowsUpdate.log
2015-05-09 13:23 - 2015-05-09 13:26 - 113454046 _____ () C:\Users\Paddi\Downloads\Vee_Tha_Rula-Rula_2.zip
2015-05-09 13:23 - 2015-05-09 13:25 - 74595596 _____ () C:\Users\Paddi\Downloads\Royce Rizzy - PreRolled.zip
2015-05-09 13:23 - 2015-05-09 13:24 - 47027547 _____ () C:\Users\Paddi\Downloads\OJ_Da_Juiceman-The_Realest_Nigga_I_Know_2.zip
2015-05-09 13:22 - 2015-05-09 13:26 - 94754552 _____ () C:\Users\Paddi\Downloads\SMG Squad - Training Day 2.rar
2015-05-09 13:22 - 2015-05-09 13:26 - 138385516 _____ () C:\Users\Paddi\Downloads\Young_Chop-King_100_James-Fat_Gang.zip
2015-05-09 13:22 - 2015-05-09 13:24 - 90376397 _____ () C:\Users\Paddi\Downloads\Wekazay Jay - This Unpredictable Weather II (Winters Ally).rar
2015-05-09 13:16 - 2015-05-09 13:17 - 97716076 _____ () C:\Users\Paddi\Downloads\Bad Lucc - Off The Porch (iTunes).rar
2015-05-09 13:15 - 2015-05-09 13:20 - 121300316 _____ () C:\Users\Paddi\Downloads\Trapnati.zip
2015-05-09 13:14 - 2015-05-09 13:18 - 111921184 _____ () C:\Users\Paddi\Downloads\Joe Moses - Brackin (iMatch).rar
2015-05-09 13:14 - 2015-05-09 13:15 - 44533686 _____ () C:\Users\Paddi\Downloads\Onyx - Against All Authorities EP.zip
2015-05-09 13:13 - 2015-05-09 13:14 - 165649978 _____ () C:\Users\Paddi\Downloads\Requiem.zip
2015-05-09 12:46 - 2015-05-09 12:46 - 59318616 _____ () C:\Users\Paddi\Downloads\Jamie Foxx - Hollywood A Story of A Dozen Roses.zip
2015-05-09 12:45 - 2015-05-09 12:45 - 90028426 _____ () C:\Users\Paddi\Downloads\BUSH.zip
2015-05-08 18:14 - 2015-05-10 11:50 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-07 22:29 - 2015-05-07 22:28 - 00320424 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2015-05-07 22:28 - 2015-05-07 22:28 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2015-05-07 22:28 - 2015-05-07 22:28 - 00189864 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2015-05-07 22:28 - 2015-05-07 22:28 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-05-07 22:28 - 2015-05-07 22:28 - 00000000 ____D () C:\Program Files\Java
2015-05-07 22:27 - 2014-04-16 01:34 - 00029888 _____ (Microsoft Corporation) C:\Windows\system32\aspnet_counters.dll
2015-05-07 22:26 - 2014-04-16 01:35 - 00028352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aspnet_counters.dll
2015-05-07 22:25 - 2015-05-07 22:24 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2015-05-07 22:24 - 2015-05-07 22:24 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2015-05-07 22:24 - 2015-05-07 22:24 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2015-05-07 22:24 - 2015-05-07 22:24 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-05-07 22:24 - 2015-05-07 22:24 - 00000000 ____D () C:\Program Files (x86)\Java
2015-05-07 22:15 - 2015-05-07 22:15 - 00000000 ____D () C:\Users\Paddi\AppData\Roaming\AVAST Software
2015-05-07 22:13 - 2015-05-07 22:16 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2015-05-07 22:13 - 2015-05-07 22:16 - 00000000 ____D () C:\Windows\system32\vbox
2015-05-07 22:13 - 2015-05-07 22:13 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2015-05-07 22:13 - 2015-05-07 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-05-07 22:13 - 2015-05-07 22:12 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-07 22:13 - 2015-05-07 22:12 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-07 22:13 - 2015-05-07 22:12 - 00272248 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2015-05-07 22:13 - 2015-05-07 22:12 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-07 22:13 - 2015-05-07 22:12 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-07 22:13 - 2015-05-07 22:12 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-07 22:13 - 2015-05-07 22:12 - 00065736 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-07 22:13 - 2015-05-07 22:12 - 00029168 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2015-05-07 22:12 - 2015-05-07 22:12 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-07 22:12 - 2015-05-07 22:12 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-07 22:10 - 2015-05-07 22:10 - 00000000 ____D () C:\Program Files\AVAST Software
2015-05-07 22:09 - 2015-05-07 22:09 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-04-27 13:54 - 2015-04-27 13:54 - 00000000 ____D () C:\Users\Paddi\Documents\My Cheat Tables
2015-04-27 13:38 - 2015-04-27 13:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-04-27 13:38 - 2015-04-27 13:38 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4
2015-04-15 14:55 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 14:55 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 14:55 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 14:55 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 14:55 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 14:55 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 14:55 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 14:55 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 14:55 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 14:55 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 14:55 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 14:55 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 14:55 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-15 14:55 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-15 14:54 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 14:54 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 14:54 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 14:53 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 14:53 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 14:53 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 14:53 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 14:53 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 14:53 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 14:53 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 14:53 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 14:53 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 14:53 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 14:53 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 14:53 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 14:53 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 14:53 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 14:53 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 14:53 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 14:53 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 14:53 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 14:53 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 14:53 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 14:53 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 14:53 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 14:53 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 14:53 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 14:53 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-15 14:50 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 14:50 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 14:50 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 14:50 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 14:50 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 14:50 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 14:50 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 14:50 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 14:50 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 14:50 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 14:50 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 14:50 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 14:50 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 14:50 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 14:50 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 14:50 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 14:50 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 14:50 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 14:50 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 14:50 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 14:50 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 14:49 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 14:49 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-14 18:41 - 2015-04-14 18:41 - 18178736 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-04-14 17:33 - 2015-04-08 22:32 - 00560968 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-04-14 17:29 - 2015-04-09 02:58 - 31570064 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 30397072 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 25375048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 24053576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 15818528 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 15716232 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 14006752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 12852784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 11380728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 10423952 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-04-14 17:29 - 2015-04-09 02:58 - 02896528 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 02573456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01895568 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435012.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435012.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01086424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01047368 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 01037640 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00970568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00962192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00927440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-04-14 17:29 - 2015-04-09 02:58 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-04-14 17:11 - 2015-04-27 14:04 - 00000080 _____ () C:\Users\Paddi\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-04-14 17:11 - 2015-04-17 13:28 - 00000000 ____D () C:\Program Files (x86)\Rockstar Games
2015-04-14 17:11 - 2015-04-14 17:11 - 00000000 ____D () C:\Users\Paddi\Documents\Rockstar Games
2015-04-14 17:11 - 2015-04-14 17:11 - 00000000 ____D () C:\Users\Paddi\AppData\Local\Rockstar Games
2015-04-14 17:10 - 2015-04-17 13:27 - 00000000 ____D () C:\Program Files\Rockstar Games
2015-04-11 04:25 - 2015-04-11 04:25 - 00000000 ____D () C:\Windows\SysWOW64\Adobe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-11 21:38 - 2014-12-24 19:59 - 00000000 ____D () C:\FRST
2015-05-11 21:36 - 2014-07-02 16:36 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-11 21:31 - 2014-02-13 22:43 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-11 21:30 - 2014-11-03 21:17 - 00000000 ____D () C:\Users\Paddi\Desktop\bewerbung
2015-05-11 21:25 - 2014-02-13 22:48 - 00000000 ____D () C:\Users\Paddi\AppData\Roaming\Skype
2015-05-11 21:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-11 20:59 - 2014-03-05 04:25 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-11 20:41 - 2014-02-13 22:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-11 19:41 - 2014-02-14 18:14 - 00000000 ____D () C:\Users\Paddi\AppData\Local\Battle.net
2015-05-11 19:41 - 2014-02-14 18:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2015-05-11 17:48 - 2014-02-13 22:40 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B5EDF6A5-63CD-4476-815A-3F21CEA1FFCC}
2015-05-11 14:11 - 2014-11-09 19:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-11 12:02 - 2014-07-02 16:36 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-11 12:00 - 2014-02-13 22:47 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-05-11 12:00 - 2014-02-13 22:37 - 00000000 ____D () C:\Users\Paddi
2015-05-11 12:00 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-11 11:59 - 2014-02-13 22:42 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-10 14:35 - 2014-08-22 21:56 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2015-05-10 12:15 - 2014-03-05 18:58 - 00000000 ____D () C:\Users\Paddi\Desktop\programme
2015-05-10 11:59 - 2014-06-03 19:48 - 00000000 ____D () C:\AdwCleaner
2015-05-10 11:50 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\LiveKernelReports
2015-05-09 22:20 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-05-09 13:36 - 2015-01-02 00:33 - 00000000 ____D () C:\Users\Paddi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-05-09 13:35 - 2015-04-07 17:37 - 00000000 ____D () C:\Program Files (x86)\Supraball
2015-05-09 13:32 - 2014-10-30 16:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-05-09 13:24 - 2014-03-11 22:23 - 00000000 ____D () C:\Users\Paddi\AppData\Roaming\uTorrent
2015-05-09 13:17 - 2014-10-31 13:39 - 00000000 ____D () C:\Program Files\CCleaner
2015-05-08 17:38 - 2014-02-22 02:35 - 00000000 ____D () C:\Users\Paddi\AppData\Roaming\TS3Client
2015-05-07 22:34 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-05-07 22:32 - 2014-10-30 17:27 - 00002263 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-07 22:31 - 2014-07-02 16:36 - 00004098 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-07 22:31 - 2014-07-02 16:36 - 00003862 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-02 11:49 - 2014-02-13 22:48 - 00000000 ____D () C:\ProgramData\Skype
2015-04-23 20:49 - 2015-02-23 16:41 - 00000000 ____D () C:\Users\Paddi\Desktop\schule
2015-04-19 14:37 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-16 13:09 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 12:38 - 2014-12-10 21:49 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-16 12:38 - 2014-07-10 14:25 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 15:17 - 2014-02-19 14:23 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 15:03 - 2014-02-19 14:23 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 14:49 - 2014-11-13 10:08 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wuaext.dll
2015-04-14 22:00 - 2014-06-10 23:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2015-04-14 18:41 - 2014-02-13 22:47 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 17:31 - 2014-02-13 22:42 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2015-04-14 01:24 - 2014-10-17 20:15 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-10-17 20:15 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-05-04 17:22 - 2014-05-10 15:55 - 0000132 _____ () C:\Users\Paddi\AppData\Roaming\Adobe BMP Format CC Prefs
2014-05-04 17:22 - 2014-05-10 15:55 - 0000132 _____ () C:\Users\Paddi\AppData\Roaming\Adobe GIF Format CC Prefs
2014-04-05 18:51 - 2014-06-16 23:44 - 0000132 _____ () C:\Users\Paddi\AppData\Roaming\Adobe PNG Format CC Prefs
2014-12-22 20:56 - 2014-12-22 20:56 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-04-11 19:58 - 2014-04-11 20:03 - 0012420 _____ () C:\ProgramData\HirezPipeError.txt
2014-06-25 20:15 - 2014-10-31 01:03 - 0002206 _____ () C:\ProgramData\hpzinstall.log

Some content of TEMP:
====================
C:\Users\Paddi\AppData\Local\Temp\awesomium_setup.exe
C:\Users\Paddi\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Paddi\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Paddi\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Paddi\AppData\Local\Temp\nvStInst.exe
C:\Users\Paddi\AppData\Local\Temp\Quarantine.exe
C:\Users\Paddi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Paddi\AppData\Local\Temp\sqlite3.dll
C:\Users\Paddi\AppData\Local\Temp\vlc-2.1.5-win64.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-07 19:42

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 12.05.2015, 11:24   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Zitat:
C:\Program Files\Windows KMS Activator Ultimate 2014 v2.3
Wasn das für ein Kram?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.05.2015, 13:53   #13
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Gute Frage

Habe den PC geschenkt bekommen, kenne das Programm nicht

Alt 13.05.2015, 11:13   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Crack für Office. Das Programm sowie Office komplett deinstallieren, erst dann geht es weiter.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.05.2015, 12:21   #15
Laggx
 
Auf den link einer fake amazon email geklickt - Standard

Auf den link einer fake amazon email geklickt



Habe gar kein office aufm rechner

Antwort

Themen zu Auf den link einer fake amazon email geklickt
amazon, bedrohliche, email, erhalte, erhalten, fake, formiert, geklickt, hallo zusammen, link, link geklickt, rausbekommen, seite, spam, stunde, stunden, weitergeleitet, zusammen



Ähnliche Themen: Auf den link einer fake amazon email geklickt


  1. Auf Link einer Spam-Mail geklickt
    Plagegeister aller Art und deren Bekämpfung - 20.09.2015 (8)
  2. Programm (DATEV) funktioniert nicht mehr nachdem ich auf einen Link in einer Mail geklickt habe
    Plagegeister aller Art und deren Bekämpfung - 25.08.2015 (15)
  3. Windows 7: Ich habe blöderweise auf einen Link in einer gefälschten DHL Mail geklickt und bin auf website umgeleitet worden...
    Plagegeister aller Art und deren Bekämpfung - 08.06.2015 (10)
  4. Link aus Fake-Email geöffnet - MBAM findet nichts
    Plagegeister aller Art und deren Bekämpfung - 11.05.2015 (11)
  5. Link in einer gut gemachten Amazon Spammail geöffnet, Rechner arbeitet dauernd
    Plagegeister aller Art und deren Bekämpfung - 19.04.2015 (13)
  6. DHL-Fake-Email Link geöffnet
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (17)
  7. DHL Fake Email - Phishing Link leider angeklickt
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (5)
  8. DHL-Fake-Email Link geöffnet, wie kann ich die Malware entfernen?
    Plagegeister aller Art und deren Bekämpfung - 08.03.2015 (9)
  9. DHL Fake Email - Phishing Link leider angeklickt
    Plagegeister aller Art und deren Bekämpfung - 28.02.2015 (8)
  10. Auf den Link einer Phishing-Mail geklickt. (Angeblich PayPal)
    Plagegeister aller Art und deren Bekämpfung - 25.09.2014 (5)
  11. Email von einer Bekannten erhalten mit fragwürdigem Link, sie hat jedoch keine Email verschickt.
    Plagegeister aller Art und deren Bekämpfung - 11.07.2014 (3)
  12. wahrscheinlich auf phishing link geklickt, http://click.glass.google-email.com/?qs=***
    Plagegeister aller Art und deren Bekämpfung - 18.04.2014 (8)
  13. Auf den link in einer phishing email geklickt.
    Plagegeister aller Art und deren Bekämpfung - 15.03.2014 (5)
  14. Link in Email geklickt... getarnt als Telekom Email
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (1)
  15. Amazon Fake Email / bin ich infiziert?
    Überwachung, Datenschutz und Spam - 05.11.2013 (0)
  16. Auf den Link in einer Phishing E-Mail geklickt - Was nun?
    Plagegeister aller Art und deren Bekämpfung - 20.09.2013 (5)
  17. Link in einer Mail ohne Betreff zu HCG Tropfen geklickt
    Plagegeister aller Art und deren Bekämpfung - 03.08.2012 (21)

Zum Thema Auf den link einer fake amazon email geklickt - Hallo Zusammen, Ich hab vor ungefähr 2 Stunden eine email von "Amazon" erhalten, welche nicht als spam gekennzeichnet wurde und ich somit auf den link geklickt habe was mich auf - Auf den link einer fake amazon email geklickt...
Archiv
Du betrachtest: Auf den link einer fake amazon email geklickt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.