Ich verschicke Spam

benjay · 31.12.2015, 13:40

Hi zusammen,
Wie der Titel schon sagt, werden Spam Mails mit meinem Namen im Absender verschickt. Ca. einmal pro Woche kriege ich etwa 50 Meldungen, dass E-Mails nicht zugestellt werden konnten so wie persönliche Rückmeldungen, dass Spam Mails angekommen sind.
Diese sehen dann so aus:

Fw: new message

Hey!

Open message hxxp://flooring-tile.co.uk/took.php

benjay@freakmail.de

Ich nutze drei Mailaccounts. Bzw. nutzte. Der erste, bei dem es aufgetreten ist, ist mittlerweile deaktiviert (freenet/freakmail). Seit gestern ist aber anscheinend auch mein gmail Account kompromittiert. Kann mir da bitte jemand helfen?
Grüße

Addition

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by benjay (2015-12-31 13:20:12)
Running from C:\Users\benjay\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-11-02 23:20:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1780921663-2346165912-1911888604-500 - Administrator - Disabled)
benjay (S-1-5-21-1780921663-2346165912-1911888604-1000 - Administrator - Enabled) => C:\Users\benjay
Guest (S-1-5-21-1780921663-2346165912-1911888604-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1780921663-2346165912-1911888604-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.5.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF24 Creator 7.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
ScummVM 1.7.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.62  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12A21D38-E243-472B-AAAA-3D54F9FBBDB2} - System32\Tasks\{4DC7E083-C052-4F68-BE68-C0013673421C} => K:\INSTALL.EXE
Task: {12CF6B43-1715-4AD4-8844-D99D053BDA4D} - System32\Tasks\AdobeAAMUpdater-1.0-benjay-PC-benjay => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {2061113B-6101-49F1-ABE2-1CEA0E410B3E} - System32\Tasks\{BC482785-3E2F-40AC-AE4F-E1E7E50637BE} => J:\install.exe
Task: {2A569622-B446-4CD3-BA2D-62278738BB0B} - System32\Tasks\{5A684C7D-9519-4705-9E1B-FB11053117DA} => C:\Program Files (x86)\Atari\Desperados 2\Desperados2.exe
Task: {352485ED-ED40-4E44-AAF0-DBE87CE6C833} - System32\Tasks\{FFA36975-C895-4B07-A20F-D60C14C1A3BE} => K:\INSTALL.EXE
Task: {39BA6308-1331-4544-8C6B-A8544F2BA9CE} - System32\Tasks\{23BC10D8-8D1F-424E-97BC-F07142F25C5D} => J:\install.exe
Task: {3AEDCEF3-24CF-466C-B436-163BB6C95447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {3B7DEA0C-ABF1-4508-A9BF-0023A8E8D300} - System32\Tasks\{AA4FE6BD-B397-4668-93EB-D03E71BEFBE7} => J:\install.exe
Task: {4080960D-B993-4F5F-807C-3EEDB0105985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {62AD0709-1C33-4F4C-AB53-0E6938FC4BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {AD9FA85A-80BE-446A-9F5B-9B0CD2319E91} - System32\Tasks\{A8C03F36-13A2-4E4D-A512-9049A27573F6} => K:\INSTALL.EXE
Task: {BA7B668C-54F5-4D08-ADC1-828418329C1B} - System32\Tasks\{E99F55D7-FAE6-4D3D-A89C-0303810AEFB9} => K:\INSTALL.EXE
Task: {C434A2B8-A478-4876-9FCA-A7E2894D5CD2} - System32\Tasks\{FDCAB79B-0C3E-4704-A7A1-B6993F219C05} => J:\install.exe
Task: {CC562DC9-AE0C-4B9F-8B34-7756FC87EF84} - System32\Tasks\{1590464B-1892-4A4D-9F97-B5EF5826FE1A} => pcalua.exe -a K:\German\setup.exe -d K:\German
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DDBAD45E-4BAB-43D8-80E5-F41B86E6AD12} - System32\Tasks\{4105F22C-5814-41DE-9DA1-A44D7F7FAE34} => K:\INSTALL.EXE
Task: {FD6CCED3-2124-480C-B09F-78613D428D81} - System32\Tasks\{3A9ED561-51AE-4442-85B8-84CD49F4E3C0} => J:\install.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-01-26 22:30 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-08 22:29 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-06-08 22:29 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2015-12-16 23:05 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:05 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-11-10 11:12 - 2015-11-10 11:41 - 00348160 _____ () C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\GFSDK_GodraysLib.x64.dll
2015-05-27 23:26 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-08 22:29 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2015-12-08 11:35 - 2015-11-18 13:04 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll
2015-12-08 11:35 - 2015-11-18 13:04 - 00052256 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll
2015-03-09 21:37 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-23 19:22 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-23 19:22 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-13 19:36 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-02-24 16:58 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-31 13:05 - 2015-12-31 13:05 - 00153768 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-12-31 13:05 - 2015-12-31 13:05 - 00023208 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-10-20 17:45 - 00000027 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EvolveClient => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{0F6DFCC7-4D47-4924-B569-5C5755C48973}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{C295E058-2FA5-4B68-B678-B16B8BB29D1F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{1A5CD637-824E-4DAA-8FF9-FFC9AD8826BA}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{809A0247-19A7-4B5A-BE62-900769916E8D}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{39F87BDE-E5BB-47EA-A5C3-2CB3E387721F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BB5F0DD7-35EF-441F-982C-56FD6A010B83}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1238E446-DAD4-45FF-A2E0-9D676E7788CE}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1FBE5297-64A6-4534-AA37-EB5B0C54038C}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9B9C20B5-40F5-4A1C-997B-2035E72156A5}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{01A0A08D-C688-406A-A0C3-59D069B7172F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D0B543E3-5689-4079-B35C-05DB03942B43}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{6C182283-B207-4B36-A722-58F64512C243}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{3B9D77E6-DC50-4777-8829-3B978F3AABAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C0608C4A-07E6-4384-9553-78C9A244D0A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{8456CCC6-30AF-4E97-88EA-7D8E57F0C563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{66B8F3C1-E30B-4B64-9AB9-EDB29BFF6078}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{E9DF8FEF-C65E-42AA-BE51-39786C617FB6}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [TCP Query User{6AF58584-35A9-4C58-B40A-DABC2154EEF6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [UDP Query User{CD55E8A7-8561-4AB2-A3BA-7FFFDC2854C6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [TCP Query User{E71EDC47-AE54-47AA-8311-204B3F25EF4E}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [UDP Query User{F9996362-C16A-4FD9-A405-BCF88D3BF7CD}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [TCP Query User{80B1205D-75D4-4EBF-B7E2-59707ACB7B0F}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{AFE46DA5-5B41-4CB8-9A47-9AAE330D54E7}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{D0FC0044-A78A-4293-8AB4-EA58B6EB8F94}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [UDP Query User{5ACE821D-1517-4FFF-92D8-AF1377A98D81}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [TCP Query User{90E609CA-1A7D-4AF3-92DD-C89A8E464238}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{95AFA473-F5E1-4FE7-8CC4-265843ADBDB5}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{83766DDC-ACAD-429D-B16C-315454178B3A}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{EF9D19CD-EABF-4582-9426-5C45B8434839}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{3BEC5EC9-9E50-40EC-940C-342EC5A29B4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{FB57C8AE-661F-46B0-B20C-5850B5A1A027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{9B135F9A-03BB-44C3-A51B-53530255836E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{4036EAF4-0CB2-49E3-9ACE-1460C956D632}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{F1A66AE7-9472-41FF-A70A-DCB8333463BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{35C95002-4008-4D01-A4B4-662A70DB443C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{5C65D816-2D0B-4BDD-BAD3-EDA0A5A6E325}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{A07F7F2F-7189-4680-9E3C-B6F8A8610233}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{9FAF5BF7-6579-46CC-AD87-7A2AB1EA98C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{DC49891D-A36F-4179-A1EF-A18444CE7FDF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{D1C8E81E-DC8A-4B5C-84F3-5FC7019D889A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{6067107C-A2FE-4D23-9B6E-89D19884809F}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [{0B9B4838-1C2E-4E12-B2FC-6AD1A2761A98}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{9448DCCF-D1A1-434C-95D2-D1C4A7DA101F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{A61D4624-AA40-4850-B410-6726ED199DFB}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{28FBB594-EF61-4A1E-A8A7-39BEB7AE8528}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{8E277956-A6AC-4602-96FE-6E59A1BF8F6A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{657707A6-368C-4A83-A8F7-31009B949C6C}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{301A99A4-2A0C-42C4-B85C-929FA3DC578A}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{21E65557-DFDD-4924-85E2-392A8D5AF82C}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [TCP Query User{59727D75-5F3B-4B99-8AB6-EFB80CE6E454}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{B7AA76D9-3D59-4799-A7E2-354D4375DB70}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [{C6BAC3BA-0D22-4049-A7FE-BB103C34A86E}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{85D1E51E-B08E-4069-AF44-3FCE52AD05CC}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{E9EA77EC-002A-4C4E-8E58-249E9A51DC1D}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [UDP Query User{3584F9BD-8B3F-4146-8DF2-2D2D42189E64}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [{0FE34B5D-2679-4043-9C2E-351E36961F0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{4D832D93-9917-4763-834D-916AD6E8A2CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{16F224C7-0D96-4C95-AE8F-3851E1D403A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{87D35EAE-E971-4486-A17F-621552028416}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1360E61F-2488-4D29-8AB8-E2D746ADCF02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{17A605CE-48BE-42D0-9DFA-78A8C86E90C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{A5993935-A1A8-4C9A-B58D-F62858C74B7D}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [UDP Query User{B1280C40-46B6-43E0-9207-1D7B761D4681}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [{8FA81560-293C-4A58-9B62-D196921D8673}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E767DB21-500B-4EF0-8E09-C8BD8D1FD97A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{B5215464-8812-4390-9713-B0095039EC2E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B9E11CB2-7A3D-480A-A687-A8CC622B7544}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{055BA207-12A0-485B-8716-DE81F204FFE1}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{2E7329A4-9B19-4505-BD94-FC97BB794378}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{709E6C82-5293-46EB-A680-79439667ECD3}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{7FC58348-EA2D-4B93-97F5-1FCC28A13098}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3EA5B687-CB70-4B38-8EDB-DA92D5DEA03E}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E4CE38B1-67C6-48BE-AEB0-43741A5DB61A}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{3CEA719B-59CA-47A3-A128-EA38F6203767}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{ED046DE6-8593-4ACB-88AB-12FE9DADCE5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{50F22C28-A275-49F5-8FFB-4FC705790566}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CF30EEA-5266-4843-842E-A5848F3B3A8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{2071ED9D-CDA3-4AE0-AB99-589D0063C1A3}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{4AD09943-4E0B-4B4C-BE6F-8BEC47558360}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{E0C67E8B-538C-4C58-9B8D-E9A136C6561A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{089ABDF0-6301-454A-9E00-D13741DD5F78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{A62C35D7-1438-4E07-A376-9045403121FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CF93EF37-7C0C-4FBE-9E76-1DB4ECD36BE4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{258D4E68-9F48-4A3D-99FF-4B8A893327FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3CA64B4F-3945-45D9-B296-59A57D7668DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CA7BFC79-27B7-4FD4-8D55-A3D36F815288}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{2E631837-A925-4599-898C-62EDE02384B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [TCP Query User{3D05B55B-499A-43EA-AC1B-DC84C070E646}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [UDP Query User{BEBCDCC8-3A54-4488-888A-CC1124C73A24}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [{2525FEB5-4C76-4820-9E01-EEEE099226AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{738646F5-B9CD-48CC-8481-E5F32FE03D8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6BF1BE8E-9965-4F07-8A7F-098D1FA07692}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C000DB22-758D-4972-8ACE-D6846D0EBEBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{E08FA131-8EE3-4BC3-B230-A993E75926BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{7F43164F-A3E3-4828-A84D-3860D76E119D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E80D329B-C554-44EC-9AF2-6642CCEFFFF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{DC37F596-A736-4BC2-9EDD-7A571139BEB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{6315E9FB-005B-451B-9465-45F90B02F124}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CE581422-A7C9-4DD0-AEC7-A132E5ACA086}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{839CDCCA-5215-4C87-8F03-77F1DB5FC8CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BF82BF46-B9F3-4496-AF19-515B13C00AF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CE821BED-65FA-40E8-8B5C-9F0090F25DC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{0BA6424E-E16B-4462-BBC8-ABDDEF8AC93A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{3855BB20-4D88-4158-9639-EEF44C206138}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D9063798-C745-454E-8603-0A6D57671F75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{88712BB0-D5F5-4DE7-AE51-04E1A168B205}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{1ED02756-ED68-4E0C-A669-008DD26E65D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{281651BA-1176-4C05-A603-035167472F7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{42FF3278-2FD6-44B7-B0BD-B92F2B56992C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{53F137EF-F8F1-45EA-AA2B-4E646B5E6691}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D0FEAEA8-BF35-409E-838E-13FF2748490C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D58C92BB-93AB-4929-9097-D46A5915577E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{33CA1E79-5DDC-4344-BE83-402446E0E1A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{55230E58-E582-4278-B295-9881D7A259EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AD73000A-66E6-476A-B801-93276BB049C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED4B1177-E3C3-46F4-8D53-D0E5280FAE47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8C48C058-1ED7-491B-B109-1A2763612EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{34C1140C-BC6D-4169-A56A-197A4E6DF4B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7C41BEBA-7DCE-4F11-AAFB-191E2BD9696A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F2971CB-2AF3-4BA1-BF92-397547B2BC36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{DB683BEC-4583-40F1-ADB1-1639A8E4C0F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{50A20A17-A0F4-4551-9288-7C0FC6774E58}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{77ACD185-CEBC-4E21-B547-B9D1952775A6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{2A7955DA-B167-4725-914E-871EE27C98FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7CEEB1ED-31CC-47CC-A481-7F3A0B46A7DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9D2A75DE-90DE-4B23-A49F-A024821864BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F44820B3-9FB0-466D-8D5D-C6C1AD7EEEBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{31F0C286-4B92-4A29-AC2A-1F34C2F53DE8}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{9E8CF545-129E-471D-B4B4-1E2F56C06C1D}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{4A64229C-E342-4F29-A41D-563CEBC24A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{DC1AF2C8-DEC4-4329-AAC2-02E64FEFF89C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{EC78C749-D555-4833-9C3F-FE2B3BC1039B}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{3C686866-55BA-45BD-A161-9E4934ECCAFE}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{767C01C4-A9A7-43A4-8B4F-4819E2F57C62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

29-12-2015 20:52:19 Windows Update
29-12-2015 21:00:17 Windows Backup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/22/2015 04:54:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Avira.ServiceHost.exe, version: 1.1.49.18939, time stamp: 0x561e029a
Faulting module name: KERNELBASE.dll, version: 6.1.7601.19045, time stamp: 0x56258f05
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0xd00
Faulting application start time: 0xAvira.ServiceHost.exe0
Faulting application path: Avira.ServiceHost.exe1
Faulting module path: Avira.ServiceHost.exe2
Report Id: Avira.ServiceHost.exe3

Error: (11/22/2015 04:54:57 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: Avira.ServiceHost.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.InvalidOperationException
Stack:
   at System.ThrowHelper.ThrowInvalidOperationException(System.ExceptionResource)
   at System.Collections.Generic.Dictionary`2+ValueCollection+Enumerator[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089],[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]].MoveNext()
   at Avira.OE.ServiceHost.ServiceStatusProviderContainer.GetDeviceStatus()
   at Avira.OE.ServiceHost.ComputerAndServicesInfoFactory.CreateComputerAndServicesInfo()
   at Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.UpdateCurrentComputerAndServiceInfo()
   at Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.SendAnonymousSyncStatus()
   at Avira.OE.ServiceHost.AnonymousUserDeviceStatusConnector.AnonymousSyncStatusNeeded(System.Object, System.EventArgs)
   at Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.EventHandler`1<System.__Canon>, System.Object, System.__Canon)
   at Avira.OE.Communicator.Communicator.CheckAndRequestAnonymousSyncStatus()
   at Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(System.String)
   at Avira.OE.Communicator.Communicator.SessionChanged(Avira.OE.WinCore.Interface.Session, Avira.OE.WinCore.Interface.Session)
   at Avira.OE.Communicator.Communicator.OnActiveSessionChanged(System.Object, Avira.OE.WinCore.Interface.ActiveSessionChangedEventArgs)
   at Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.EventHandler`1<System.__Canon>, System.Object, System.__Canon)
   at Avira.OE.ServiceHost.SessionManager.FireActiveSessionChangeAndSetActiveSession(Avira.OE.WinCore.Interface.Session)
   at Avira.OE.ServiceHost.SessionManager.Initialize()
   at Avira.OE.ServiceHost.ServiceHost.Initialize()
   at Avira.OE.ServiceHost.Program+<>c__DisplayClass1.<OnServiceStart>b__0(System.Object)
   at System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   at System.Threading.ThreadPoolWorkQueue.Dispatch()
   at System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/17/2015 05:58:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Fallout4.exe, version: 1.1.30.0, time stamp: 0x563b8ba7
Faulting module name: Fallout4.exe, version: 1.1.30.0, time stamp: 0x563b8ba7
Exception code: 0xc000041d
Fault offset: 0x00000000016c723e
Faulting process id: 0x147c
Faulting application start time: 0xFallout4.exe0
Faulting application path: Fallout4.exe1
Faulting module path: Fallout4.exe2
Report Id: Fallout4.exe3

Error: (11/14/2015 04:44:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Fallout4.exe version 1.1.30.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1540

Start Time: 01d11ed224656f7e

Termination Time: 634

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4.exe

Report Id:

Error: (11/10/2015 10:28:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Fallout4.exe version 1.1.29.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 4c0

Start Time: 01d11ba9172af642

Termination Time: 898

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4.exe

Report Id:

Error: (11/08/2015 08:52:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Bioshock.exe, version: 1.0.0.0, time stamp: 0x474f5a3a
Faulting module name: kernel32.dll, version: 6.1.7601.19018, time stamp: 0x5609fed3
Exception code: 0xc0000005
Fault offset: 0x00011390
Faulting process id: 0x158
Faulting application start time: 0xBioshock.exe0
Faulting application path: Bioshock.exe1
Faulting module path: Bioshock.exe2
Report Id: Bioshock.exe3

Error: (09/07/2015 01:48:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Gothic3.exe, version: 1.74.25931.14, time stamp: 0x4c030371
Faulting module name: Engine.dll, version: 1.74.25931.14, time stamp: 0x4c02ffc9
Exception code: 0xc0000005
Fault offset: 0x000dfcc1
Faulting process id: 0xbec
Faulting application start time: 0xGothic3.exe0
Faulting application path: Gothic3.exe1
Faulting module path: Gothic3.exe2
Report Id: Gothic3.exe3

Error: (09/06/2015 06:39:33 PM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program Genome Gaming System because of this error.

Program: Genome Gaming System
File: 

The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
	- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
	- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.

Additional Data
Error value: 00000000
Disk type: 0

Error: (09/06/2015 06:39:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Gothic3.exe, version: 1.74.25931.14, time stamp: 0x4c030371
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000096
Fault offset: 0x3e931996
Faulting process id: 0x3f4
Faulting application start time: 0xGothic3.exe0
Faulting application path: Gothic3.exe1
Faulting module path: Gothic3.exe2
Report Id: Gothic3.exe3

Error: (07/21/2015 09:27:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: audacity.exe, version: 0.0.0.0, time stamp: 0x43791554
Faulting module name: ntdll.dll, version: 6.1.7601.18798, time stamp: 0x5507b3e0
Exception code: 0xc0000005
Fault offset: 0x00039e03
Faulting process id: 0x834
Faulting application start time: 0xaudacity.exe0
Faulting application path: audacity.exe1
Faulting module path: audacity.exe2
Report Id: audacity.exe3


System errors:
=============
Error: (12/31/2015 12:02:09 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/31/2015 12:02:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.

Error: (12/31/2015 12:02:09 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (12/30/2015 03:24:25 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/30/2015 03:24:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.

Error: (12/30/2015 01:20:33 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/30/2015 01:20:32 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.

Error: (12/30/2015 01:20:33 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80070420'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (12/29/2015 08:51:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (12/29/2015 08:51:37 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.


CodeIntegrity:
===================================
  Date: 2013-10-20 18:45:44.901
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 18:45:44.848
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 74%
Total physical RAM: 8173.57 MB
Available physical RAM: 2103.8 MB
Total Virtual: 16345.36 MB
Available Virtual: 6925.63 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:3.9 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Elements) (Fixed) (Total:465.75 GB) (Free:49.9 GB) NTFS
Drive g: () (Fixed) (Total:99.51 GB) (Free:71.44 GB) NTFS
Drive h: (Games) (Fixed) (Total:244.14 GB) (Free:92.53 GB) NTFS
Drive i: (Musik und Filme) (Fixed) (Total:587.76 GB) (Free:107.92 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 786EE9E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 61BCEE7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=587.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 946FF2BA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

benjay · 31.12.2015, 13:54

FRST

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by benjay (administrator) on BENJAY-PC (31-12-2015 13:19:52)
Running from C:\Users\benjay\Desktop
Loaded Profiles: benjay &  (Available Profiles: benjay)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Bethesda Softworks) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [221216 2015-11-18] (Geek Software GmbH)
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{644AFD7F-2BFA-4EAF-9367-910E4890C4A0}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6577D245-50AD-4FD1-BE32-C7919691D5E1}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{C6522AAA-71CD-4ABC-A830-78F97174AD2A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901
FF DefaultSearchEngine: LEO Eng-Deu
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-05-06] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1780921663-2346165912-1911888604-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\benjay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-05-11] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1780921663-2346165912-1911888604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\benjay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-05-11] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-images.xml [2014-12-30]
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-maps.xml [2014-12-30]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-03] [not signed]
FF Extension: FoxyProxy Standard - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\foxyproxy@eric.h.jung [2015-05-29]
FF Extension: Flash and Video Download - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-17]
FF Extension: Ghostery - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\firefox@ghostery.com.xpi [2015-12-14]
FF Extension: Adblock Plus - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-23]
CHR Extension: (Google Docs) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-23]
CHR Extension: (Google Drive) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-30]
CHR Extension: (Google-Suche) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-23]
CHR Extension: (Avira Browserschutz) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (Ghostery) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-06-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-11-07]
CHR Extension: (Google Mail) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-22] (Adobe Systems) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-03-08] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-01-20] (Echobit, LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-03-08] ()
S3 Maplom; no ImagePath
S3 MaplomL; no ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-19] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-31 13:19 - 2015-12-31 13:20 - 00023456 _____ C:\Users\benjay\Desktop\FRST.txt
2015-12-31 13:19 - 2015-12-31 13:19 - 02370560 _____ (Farbar) C:\Users\benjay\Desktop\FRST64.exe
2015-12-31 13:19 - 2015-12-31 13:19 - 00000000 ____D C:\FRST
2015-12-31 13:05 - 2015-12-31 13:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-17 19:50 - 2015-12-17 19:50 - 00000000 ____D C:\Users\benjay\Desktop\freenet Mail
2015-12-14 02:57 - 2015-12-17 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-13 19:22 - 2015-12-13 19:22 - 00494158 _____ C:\Users\benjay\Desktop\Ticket Freiburg.pdf
2015-12-09 10:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 10:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 10:26 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 10:26 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 10:26 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 10:26 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 10:26 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 10:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 10:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 10:26 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 10:26 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 10:26 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 10:26 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 10:26 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 10:26 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 10:26 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 10:26 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 10:26 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 10:26 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 10:26 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 10:26 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 10:26 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 10:26 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 10:26 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 10:26 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 10:26 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 10:26 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 10:26 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 10:26 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 10:26 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 10:26 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 10:26 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 10:26 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 10:26 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 10:26 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 10:26 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 10:26 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 10:26 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 10:26 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 10:26 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 10:26 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 10:26 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 10:26 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 10:26 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 10:26 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 10:26 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 10:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 10:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 10:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 10:26 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 10:26 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 10:25 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 10:25 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 11:35 - 2015-12-08 11:35 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Users\benjay\AppData\Local\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-12-08 11:23 - 2015-12-08 12:01 - 00000000 ____D C:\Users\benjay\Desktop\Weinheim

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-12-31 13:19 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-31 13:02 - 2015-06-21 13:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-31 12:57 - 2015-06-27 10:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-31 12:49 - 2012-11-12 12:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-31 12:19 - 2015-03-31 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-31 12:09 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-31 12:09 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-31 12:05 - 2009-07-14 06:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-31 12:05 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-31 12:00 - 2015-06-21 13:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-31 12:00 - 2015-01-26 22:31 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-31 12:00 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-30 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-29 22:49 - 2012-11-12 12:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-29 22:49 - 2012-06-22 06:28 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-29 22:49 - 2011-11-03 00:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-19 01:19 - 2011-11-03 07:17 - 00000436 _____ C:\Users\benjay\Desktop\fut.pls
2015-12-17 19:25 - 2015-03-06 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-17 19:25 - 2014-10-09 13:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-16 23:06 - 2015-06-21 13:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-11 21:25 - 2009-07-14 05:45 - 04846936 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 10:57 - 2011-11-11 02:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 10:56 - 2013-01-03 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 10:54 - 2013-07-23 02:00 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 10:51 - 2012-12-16 23:17 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 04:39 - 2011-11-03 00:42 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 12:34 - 2015-11-30 15:33 - 00000000 ____D C:\Users\benjay\Desktop\Fotos Ordnen
2015-12-07 18:06 - 2015-11-14 12:37 - 00010136 _____ C:\Users\benjay\Desktop\Bewerbungsstand.xlsx
2015-12-05 02:57 - 2015-06-21 13:28 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-05 02:57 - 2015-06-21 13:28 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-04 21:45 - 2014-03-12 13:59 - 00000000 ____D C:\Users\benjay\AppData\Local\Battle.net
2015-12-04 21:45 - 2014-03-12 13:56 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-12-01 21:58 - 2013-05-02 09:39 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-01 21:58 - 2013-03-28 01:51 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 21:58 - 2013-03-28 01:51 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

==================== Files in the root of some directories =======

2013-06-12 21:51 - 2013-06-12 21:51 - 0004608 _____ () C:\Users\benjay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-19 21:20 - 2015-09-19 21:20 - 0007605 _____ () C:\Users\benjay\AppData\Local\Resmon.ResmonCfg
2011-12-20 00:21 - 2011-12-20 00:22 - 0000044 ___SH () C:\ProgramData\.zreglib

Some files in TEMP:
====================
C:\Users\benjay\AppData\Local\Temp\avgnt.exe
C:\Users\benjay\AppData\Local\Temp\Quarantine.exe
C:\Users\benjay\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-30 00:28

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

--- --- ---

Malwarebytes

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Scan Date: 31-Dec-15
Scan Time: 12:57
Logfile: Malware.txt
Administrator: Yes

Version: 2.2.0.1024
Malware Database: v2015.12.31.03
Rootkit Database: v2015.12.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: benjay

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356850
Time Elapsed: 6 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Avira

Code:

ATTFilter

Free Antivirus
Erstellungsdatum der Reportdatei: Tuesday, December 29, 2015  21:01


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 7 Professional
Windowsversion : (Service Pack 1)  [6.1.7601]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : BENJAY-PC

Versionsinformationen:
build.dat      : 15.0.15.129    93076 Bytes   12/3/2015 15:25:00
AVSCAN.EXE     : 15.0.15.122  1203832 Bytes   12/1/2015 20:58:24
AVSCANRC.DLL   : 15.0.15.106    67688 Bytes   12/1/2015 20:58:24
LUKE.DLL       : 15.0.15.106    69248 Bytes   12/1/2015 20:58:32
AVSCPLR.DLL    : 15.0.15.122   106352 Bytes   12/1/2015 20:58:24
REPAIR.DLL     : 15.0.15.106   493608 Bytes   12/1/2015 20:58:24
repair.rdf     : 1.0.13.18    1412088 Bytes  12/29/2015 20:00:28
AVREG.DLL      : 15.0.15.106   346312 Bytes   12/1/2015 20:58:23
avlode.dll     : 15.0.15.106   701680 Bytes   12/1/2015 20:58:23
avlode.rdf     : 14.0.5.18      88653 Bytes  12/11/2015 20:36:26
XBV00003.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00004.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00005.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00006.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00007.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00008.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00009.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00010.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00011.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00012.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00013.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00014.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00015.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00016.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00017.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00018.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00019.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00020.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00021.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00022.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00023.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00024.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00025.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00026.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00027.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00028.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00029.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00030.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00031.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00032.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00033.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00034.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00035.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00036.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00037.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00038.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:00
XBV00039.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:01
XBV00040.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:01
XBV00041.VDF   : 8.12.37.66      2048 Bytes  12/17/2015 18:24:01
XBV00149.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00150.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00151.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00152.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00153.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00154.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00155.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00156.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00157.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00158.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00159.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00160.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00161.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00162.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00163.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00164.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:24
XBV00165.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00166.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00167.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00168.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00169.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00170.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00171.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00172.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00173.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00174.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00175.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00176.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00177.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00178.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00179.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00180.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00181.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00182.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00183.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00184.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00185.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00186.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00187.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00188.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00189.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00190.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00191.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00192.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00193.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00194.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:25
XBV00195.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00196.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00197.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00198.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00199.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00200.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00201.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00202.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00203.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00204.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00205.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00206.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00207.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00208.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00209.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00210.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00211.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00212.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00213.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00214.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00215.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00216.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00217.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00218.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00219.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00220.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00221.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00222.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00223.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00224.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00225.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:26
XBV00226.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00227.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00228.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00229.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00230.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00231.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00232.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00233.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00234.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00235.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00236.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00237.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00238.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00239.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00240.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00241.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00242.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00243.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00244.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00245.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00246.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00247.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00248.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00249.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00250.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00251.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00252.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00253.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00254.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00255.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:27
XBV00000.VDF   : 7.11.70.0   66736640 Bytes    4/4/2013 09:57:06
XBV00001.VDF   : 7.11.237.0  48041984 Bytes    6/2/2015 18:23:54
XBV00002.VDF   : 7.12.37.36  16452096 Bytes  12/17/2015 18:24:00
XBV00042.VDF   : 8.12.37.66    774656 Bytes  12/17/2015 18:24:01
XBV00043.VDF   : 8.12.37.236   160768 Bytes  12/18/2015 09:51:36
XBV00044.VDF   : 8.12.38.2      21504 Bytes  12/18/2015 11:51:31
XBV00045.VDF   : 8.12.38.24     87040 Bytes  12/18/2015 23:51:34
XBV00046.VDF   : 8.12.38.26      2048 Bytes  12/18/2015 23:51:34
XBV00047.VDF   : 8.12.38.46     10240 Bytes  12/18/2015 23:51:34
XBV00048.VDF   : 8.12.38.48      2048 Bytes  12/18/2015 23:51:34
XBV00049.VDF   : 8.12.38.52     11264 Bytes  12/18/2015 23:51:34
XBV00050.VDF   : 8.12.38.72     25600 Bytes  12/18/2015 01:51:32
XBV00051.VDF   : 8.12.38.94     45568 Bytes  12/19/2015 20:00:20
XBV00052.VDF   : 8.12.38.114    10240 Bytes  12/19/2015 20:00:20
XBV00053.VDF   : 8.12.38.134    17408 Bytes  12/19/2015 20:00:20
XBV00054.VDF   : 8.12.38.154    18944 Bytes  12/19/2015 20:00:20
XBV00055.VDF   : 8.12.38.174   110080 Bytes  12/20/2015 20:00:20
XBV00056.VDF   : 8.12.38.176     2048 Bytes  12/20/2015 20:00:20
XBV00057.VDF   : 8.12.38.178    16896 Bytes  12/20/2015 20:00:20
XBV00058.VDF   : 8.12.38.180    12800 Bytes  12/20/2015 20:00:20
XBV00059.VDF   : 8.12.38.182    71168 Bytes  12/21/2015 20:00:20
XBV00060.VDF   : 8.12.38.202     5632 Bytes  12/21/2015 20:00:20
XBV00061.VDF   : 8.12.38.220     9216 Bytes  12/21/2015 20:00:20
XBV00062.VDF   : 8.12.38.238     4096 Bytes  12/21/2015 20:00:20
XBV00063.VDF   : 8.12.39.0       3072 Bytes  12/21/2015 20:00:20
XBV00064.VDF   : 8.12.39.2       8704 Bytes  12/21/2015 20:00:20
XBV00065.VDF   : 8.12.39.4      14336 Bytes  12/21/2015 20:00:20
XBV00066.VDF   : 8.12.39.10     57344 Bytes  12/21/2015 20:00:20
XBV00067.VDF   : 8.12.39.12      2048 Bytes  12/21/2015 20:00:20
XBV00068.VDF   : 8.12.39.14      2048 Bytes  12/21/2015 20:00:20
XBV00069.VDF   : 8.12.39.16      2048 Bytes  12/21/2015 20:00:20
XBV00070.VDF   : 8.12.39.18     18432 Bytes  12/21/2015 20:00:20
XBV00071.VDF   : 8.12.39.20      2048 Bytes  12/21/2015 20:00:20
XBV00072.VDF   : 8.12.39.38     37888 Bytes  12/21/2015 20:00:21
XBV00073.VDF   : 8.12.39.56      2048 Bytes  12/22/2015 20:00:21
XBV00074.VDF   : 8.12.39.92     26112 Bytes  12/22/2015 20:00:21
XBV00075.VDF   : 8.12.39.110     8704 Bytes  12/22/2015 20:00:21
XBV00076.VDF   : 8.12.39.128     4608 Bytes  12/22/2015 20:00:21
XBV00077.VDF   : 8.12.39.130     8192 Bytes  12/22/2015 20:00:21
XBV00078.VDF   : 8.12.39.134    45056 Bytes  12/22/2015 20:00:21
XBV00079.VDF   : 8.12.39.152     2048 Bytes  12/22/2015 20:00:21
XBV00080.VDF   : 8.12.39.168     9728 Bytes  12/22/2015 20:00:21
XBV00081.VDF   : 8.12.39.186    20480 Bytes  12/22/2015 20:00:22
XBV00082.VDF   : 8.12.39.202     9728 Bytes  12/22/2015 20:00:22
XBV00083.VDF   : 8.12.39.204     6144 Bytes  12/22/2015 20:00:22
XBV00084.VDF   : 8.12.39.206     7168 Bytes  12/22/2015 20:00:22
XBV00085.VDF   : 8.12.39.208     6656 Bytes  12/22/2015 20:00:22
XBV00086.VDF   : 8.12.39.210     5120 Bytes  12/22/2015 20:00:22
XBV00087.VDF   : 8.12.39.214    34816 Bytes  12/23/2015 20:00:22
XBV00088.VDF   : 8.12.39.216    15872 Bytes  12/23/2015 20:00:22
XBV00089.VDF   : 8.12.39.232    15360 Bytes  12/23/2015 20:00:22
XBV00090.VDF   : 8.12.39.248    23040 Bytes  12/23/2015 20:00:22
XBV00091.VDF   : 8.12.40.8      10752 Bytes  12/23/2015 20:00:22
XBV00092.VDF   : 8.12.40.10      2048 Bytes  12/23/2015 20:00:22
XBV00093.VDF   : 8.12.40.12      2048 Bytes  12/23/2015 20:00:22
XBV00094.VDF   : 8.12.40.30      4608 Bytes  12/23/2015 20:00:22
XBV00095.VDF   : 8.12.40.32      2048 Bytes  12/23/2015 20:00:22
XBV00096.VDF   : 8.12.40.34     31744 Bytes  12/23/2015 20:00:22
XBV00097.VDF   : 8.12.40.36      7680 Bytes  12/23/2015 20:00:22
XBV00098.VDF   : 8.12.40.38      5120 Bytes  12/23/2015 20:00:22
XBV00099.VDF   : 8.12.40.40     16896 Bytes  12/23/2015 20:00:22
XBV00100.VDF   : 8.12.40.42      2048 Bytes  12/23/2015 20:00:22
XBV00101.VDF   : 8.12.40.44     10240 Bytes  12/23/2015 20:00:22
XBV00102.VDF   : 8.12.40.46      6656 Bytes  12/23/2015 20:00:22
XBV00103.VDF   : 8.12.40.48      7168 Bytes  12/23/2015 20:00:22
XBV00104.VDF   : 8.12.40.50      6144 Bytes  12/23/2015 20:00:22
XBV00105.VDF   : 8.12.40.54     31744 Bytes  12/24/2015 20:00:22
XBV00106.VDF   : 8.12.40.70     14848 Bytes  12/24/2015 20:00:22
XBV00107.VDF   : 8.12.40.84      8704 Bytes  12/24/2015 20:00:22
XBV00108.VDF   : 8.12.40.98      2048 Bytes  12/24/2015 20:00:23
XBV00109.VDF   : 8.12.40.112    11264 Bytes  12/24/2015 20:00:23
XBV00110.VDF   : 8.12.40.114     6656 Bytes  12/24/2015 20:00:23
XBV00111.VDF   : 8.12.40.118    28160 Bytes  12/24/2015 20:00:23
XBV00112.VDF   : 8.12.40.124   152576 Bytes  12/25/2015 20:00:23
XBV00113.VDF   : 8.12.40.126     2048 Bytes  12/25/2015 20:00:23
XBV00114.VDF   : 8.12.40.130    16896 Bytes  12/25/2015 20:00:23
XBV00115.VDF   : 8.12.40.144    18432 Bytes  12/25/2015 20:00:23
XBV00116.VDF   : 8.12.40.158    12288 Bytes  12/25/2015 20:00:23
XBV00117.VDF   : 8.12.40.172    86016 Bytes  12/26/2015 20:00:23
XBV00118.VDF   : 8.12.40.186     2048 Bytes  12/26/2015 20:00:23
XBV00119.VDF   : 8.12.40.212    21504 Bytes  12/26/2015 20:00:23
XBV00120.VDF   : 8.12.40.226    15872 Bytes  12/26/2015 20:00:23
XBV00121.VDF   : 8.12.40.238     7680 Bytes  12/26/2015 20:00:23
XBV00122.VDF   : 8.12.40.250    10240 Bytes  12/26/2015 20:00:23
XBV00123.VDF   : 8.12.41.6     120320 Bytes  12/27/2015 20:00:23
XBV00124.VDF   : 8.12.41.8       2048 Bytes  12/27/2015 20:00:23
XBV00125.VDF   : 8.12.41.10     26112 Bytes  12/27/2015 20:00:23
XBV00126.VDF   : 8.12.41.12     17920 Bytes  12/27/2015 20:00:23
XBV00127.VDF   : 8.12.41.14    103424 Bytes  12/28/2015 20:00:23
XBV00128.VDF   : 8.12.41.26     23552 Bytes  12/28/2015 20:00:23
XBV00129.VDF   : 8.12.41.38     20992 Bytes  12/28/2015 20:00:23
XBV00130.VDF   : 8.12.41.50     19456 Bytes  12/28/2015 20:00:23
XBV00131.VDF   : 8.12.41.52      4096 Bytes  12/28/2015 20:00:23
XBV00132.VDF   : 8.12.41.66     97280 Bytes  12/28/2015 20:00:24
XBV00133.VDF   : 8.12.41.68      2048 Bytes  12/28/2015 20:00:24
XBV00134.VDF   : 8.12.41.70     29696 Bytes  12/28/2015 20:00:24
XBV00135.VDF   : 8.12.41.72      8192 Bytes  12/28/2015 20:00:24
XBV00136.VDF   : 8.12.41.74     12288 Bytes  12/28/2015 20:00:24
XBV00137.VDF   : 8.12.41.76      7680 Bytes  12/28/2015 20:00:24
XBV00138.VDF   : 8.12.41.90     39424 Bytes  12/29/2015 20:00:24
XBV00139.VDF   : 8.12.41.100     8704 Bytes  12/29/2015 20:00:24
XBV00140.VDF   : 8.12.41.110    10240 Bytes  12/29/2015 20:00:24
XBV00141.VDF   : 8.12.41.120    24576 Bytes  12/29/2015 20:00:24
XBV00142.VDF   : 8.12.41.130    10752 Bytes  12/29/2015 20:00:24
XBV00143.VDF   : 8.12.41.134    16896 Bytes  12/29/2015 20:00:24
XBV00144.VDF   : 8.12.41.136    58880 Bytes  12/29/2015 20:00:24
XBV00145.VDF   : 8.12.41.146     2560 Bytes  12/29/2015 20:00:24
XBV00146.VDF   : 8.12.41.156    18432 Bytes  12/29/2015 20:00:24
XBV00147.VDF   : 8.12.41.166     5632 Bytes  12/29/2015 20:00:24
XBV00148.VDF   : 8.12.41.168     2048 Bytes  12/29/2015 20:00:24
LOCAL001.VDF   : 8.12.41.168 136568320 Bytes  12/29/2015 20:00:47
Engineversion  : 8.3.34.106
AEBB.DLL       : 8.1.3.0        59296 Bytes  11/20/2015 21:25:01
AECORE.DLL     : 8.3.9.0       249920 Bytes  11/13/2015 18:05:26
AEDROID.DLL    : 8.4.3.348    1800104 Bytes   11/7/2015 17:17:00
AEEMU.DLL      : 8.1.3.6       404328 Bytes  11/20/2015 21:25:01
AEEXP.DLL      : 8.4.2.144     289920 Bytes  12/29/2015 20:00:20
AEGEN.DLL      : 8.1.8.14      490344 Bytes  12/18/2015 13:51:35
AEHELP.DLL     : 8.3.2.8       284584 Bytes  12/29/2015 20:00:20
AEHEUR.DLL     : 8.1.4.2098  10002496 Bytes  12/17/2015 18:23:39
AEMOBILE.DLL   : 8.1.8.10      301936 Bytes  11/29/2015 20:02:02
AEOFFICE.DLL   : 8.3.1.72      426048 Bytes  12/29/2015 20:00:20
AEPACK.DLL     : 8.4.1.20      801920 Bytes   12/4/2015 20:26:43
AERDL.DLL      : 8.2.1.38      813928 Bytes   11/7/2015 17:16:59
AESBX.DLL      : 8.2.21.2     1629032 Bytes   11/7/2015 17:17:00
AESCN.DLL      : 8.3.4.0       141216 Bytes  11/13/2015 18:05:28
AESCRIPT.DLL   : 8.3.0.18      547968 Bytes  12/29/2015 20:00:20
AEVDF.DLL      : 8.3.2.4       141216 Bytes  11/20/2015 21:25:05
AVWINLL.DLL    : 15.0.15.106    28632 Bytes   12/1/2015 20:58:20
AVPREF.DLL     : 15.0.15.106    54896 Bytes   12/1/2015 20:58:23
AVREP.DLL      : 15.0.15.106   225320 Bytes   12/1/2015 20:58:23
AVARKT.DLL     : 15.0.15.106   231032 Bytes   12/1/2015 20:58:21
AVEVTLOG.DLL   : 15.0.15.106   200632 Bytes   12/1/2015 20:58:21
SQLITE3.DLL    : 15.0.15.106   460704 Bytes   12/1/2015 20:58:33
AVSMTP.DLL     : 15.0.15.106    82120 Bytes   12/1/2015 20:58:24
NETNT.DLL      : 15.0.15.106    18792 Bytes   12/1/2015 20:58:32
CommonImageRc.dll: 15.0.15.106  4309752 Bytes   12/1/2015 20:58:20
CommonTextRc.dll: 15.0.15.106    70784 Bytes   12/1/2015 20:58:20

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Schnelle Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\quicksysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Intelligente Dateiauswahl
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Abweichende Gefahrenkategorien........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Beginn des Suchlaufs: Tuesday, December 29, 2015  21:01

Der Suchlauf über die Bootsektoren wird begonnen:

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvSCPAPISvr.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'MsMpEng.exe' - '94' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '161' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvxdsync.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvvsvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '85' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '61' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhost.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '164' Modul(e) wurden durchsucht
Durchsuche Prozess 'msseces.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvBackend.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'HsMgr.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'HsMgr64.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '134' Modul(e) wurden durchsucht
Durchsuche Prozess 'nusb3mon.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'GfExperienceService.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'pdf24.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'ASUSAUDIOCENTER.EXE' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvNetworkService.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvtray.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSVC.EXE' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.ServiceHost.exe' - '132' Modul(e) wurden durchsucht
Durchsuche Prozess 'WLIDSvcM.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'NvStreamNetworkService.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'nvstreamsvc.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'winamp.exe' - '138' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'NisSrv.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '105' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'Avira.Systray.exe' - '130' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'AAM Updates Notifier.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'rundll32.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '16' Modul(e) wurden durchsucht

Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '3831' Dateien ).



Ende des Suchlaufs: Tuesday, December 29, 2015  21:02
Benötigte Zeit: 00:41 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   4734 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      0 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      0 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   4734 Dateien ohne Befall
     22 Archive wurden durchsucht
      0 Warnungen
      0 Hinweise

Ob es nützt, weiß ich nicht, hier aber der Header der Mail:
(Die Adressen habe ich aus dem Thread entfernt, sind Leute, deren Adressen "irgendwo" auf dem Mailaccount zu finden sind. Verteilerlisten etc.)

Code:

ATTFilter

Delivered-To: @gmail.com
Received: by 10.55.120.197 with SMTP id t188csp6453033qkc;
        Thu, 31 Dec 2015 01:11:43 -0800 (PST)
X-Received: by 10.28.131.70 with SMTP id f67mr20984676wmd.66.1451553103310;
        Thu, 31 Dec 2015 01:11:43 -0800 (PST)
Return-Path: <benjay@freakmail.de>
Received: from mailbox.xtra.pl (mailbox.xtra.pl. [212.14.56.8])
        by mx.google.com with ESMTP id x203si104029154wmx.3.2015.12.31.01.11.43
        for <@gmail.com>;
        Thu, 31 Dec 2015 01:11:43 -0800 (PST)
Received-SPF: neutral (google.com: 212.14.56.8 is neither permitted nor denied by best guess record for domain of benjay@freakmail.de) client-ip=212.14.56.8;
Authentication-Results: mx.google.com;
       spf=neutral (google.com: 212.14.56.8 is neither permitted nor denied by best guess record for domain of benjay@freakmail.de) smtp.mailfrom=benjay@freakmail.de
Received: by mailbox.xtra.pl (Postfix, from userid 110)
	id DF7D983C5; Thu, 31 Dec 2015 10:11:42 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on mailbox.xtra.pl
X-Spam-Level: 
X-Spam-Status: No, score=-0.3 required=5.0 tests=ALL_TRUSTED,BAYES_00,
	DATE_IN_FUTURE_12_24,HTML_MESSAGE,URIBL_BLACK autolearn=no version=3.2.5
Received: from efyv.net (unknown [46.120.59.148])
	by mailbox.xtra.pl (Postfix) with ESMTPSA id 48CFB83C4;
	Thu, 31 Dec 2015 10:11:41 +0100 (CET)
From:  <benjay@freakmail.de>
To: 
Subject: Fw: new message
Date: Thu, 31 Dec 2015 17:08:01 -0800
Message-ID: <0000e12c5431$f4e8b061$3102e717$@freakmail.de>
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0001_6E97054C.1A16CE81"
X-Mailer: Microsoft Outlook 15.0
Thread-Index: AdE6q4livu79tGH7d5P3aDW4ipT8Sg==
Content-Language: en-us

This is a multipart message in MIME format.

------=_NextPart_000_0001_6E97054C.1A16CE81
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit

Hey!

 

Open message <hxxp://flooring-tile.co.uk/took.php?yqr>

 

benjay@freakmail.de


------=_NextPart_000_0001_6E97054C.1A16CE81
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas=
-microsoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:off=
ice:word" xmlns:m=3D"hxxp://schemas.microsoft.com/office/2004/12/omml"=
 xmlns=3D"hxxp://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV=3D"C=
ontent-Type" CONTENT=3D"text/html; charset=3Dus-ascii"><meta name=3DGe=
nerator content=3D"Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0cm;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:#0563C1;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:#954F72;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri",sans-serif;
	color:windowtext;}
=2EMsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri",sans-serif;
	mso-fareast-language:EN-US;}
@page WordSection1
	{size:612.0pt 792.0pt;
	margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
	{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]--></head><body lang=3DEN link=3D"#0563=
C1" vlink=3D"#954F72"><div class=3DWordSection1><p class=3DMsoNormal><=
span lang=3DEN-US>Hey!<o:p></o:p></span></p><p class=3DMsoNormal><span=
 lang=3DEN-US><o:p>&nbsp;</o:p></span></p><p class=3DMsoNormal><span l=
ang=3DEN-US><b>Open message</b> <a href=3D"hxxp://flooring-tile.co.uk/=
took.php?yqr">hxxp://flooring-tile.co.uk/took.php</a><o:p></o:p></span=
></p><p class=3DMsoNormal><span lang=3DEN-US><o:p>&nbsp;</o:p></span><=
/p><p class=3DMsoNormal><span lang=3DEN-US>benjay@freakmail.de<o:p></o=
:p></span></p></div></body></html>

------=_NextPart_000_0001_6E97054C.1A16CE81--

deeprybka · 03.01.2016, 15:36

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

benjay · 04.01.2016, 15:55

Hallo Jürgen,
vielen Dank, dass du dich meiner Sache annimmst. Hier das Log

Code:

ATTFilter

15:53:45.0888 0x0b88  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
15:53:49.0368 0x0b88  ============================================================
15:53:49.0368 0x0b88  Current date / time: 2016/01/04 15:53:49.0368
15:53:49.0368 0x0b88  SystemInfo:
15:53:49.0368 0x0b88  
15:53:49.0368 0x0b88  OS Version: 6.1.7601 ServicePack: 1.0
15:53:49.0368 0x0b88  Product type: Workstation
15:53:49.0368 0x0b88  ComputerName: BENJAY-PC
15:53:49.0369 0x0b88  UserName: benjay
15:53:49.0369 0x0b88  Windows directory: C:\Windows
15:53:49.0369 0x0b88  System windows directory: C:\Windows
15:53:49.0369 0x0b88  Running under WOW64
15:53:49.0369 0x0b88  Processor architecture: Intel x64
15:53:49.0369 0x0b88  Number of processors: 4
15:53:49.0369 0x0b88  Page size: 0x1000
15:53:49.0369 0x0b88  Boot type: Normal boot
15:53:49.0369 0x0b88  ============================================================
15:53:50.0535 0x0b88  KLMD registered as C:\Windows\system32\drivers\93519189.sys
15:53:51.0488 0x0b88  System UUID: {CB580BE7-8DD2-5970-BC23-270049115F63}
15:53:51.0936 0x0b88  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:51.0936 0x0b88  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:51.0937 0x0b88  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:51.0941 0x0b88  ============================================================
15:53:51.0941 0x0b88  \Device\Harddisk0\DR0:
15:53:51.0941 0x0b88  MBR partitions:
15:53:51.0941 0x0b88  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:53:51.0941 0x0b88  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1:
15:53:51.0941 0x0b88  MBR partitions:
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC705800
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC738000, BlocksNum 0x1E848000
15:53:51.0941 0x0b88  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x2AF80000, BlocksNum 0x49786000
15:53:51.0941 0x0b88  \Device\Harddisk2\DR2:
15:53:51.0941 0x0b88  MBR partitions:
15:53:51.0941 0x0b88  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
15:53:51.0941 0x0b88  ============================================================
15:53:51.0943 0x0b88  C: <-> \Device\Harddisk0\DR0\Partition2
15:53:51.0952 0x0b88  E: <-> \Device\Harddisk1\DR1\Partition1
15:53:52.0372 0x0b88  F: <-> \Device\Harddisk2\DR2\Partition1
15:53:52.0381 0x0b88  G: <-> \Device\Harddisk1\DR1\Partition2
15:53:52.0399 0x0b88  H: <-> \Device\Harddisk1\DR1\Partition3
15:53:52.0419 0x0b88  I: <-> \Device\Harddisk1\DR1\Partition4
15:53:52.0419 0x0b88  ============================================================
15:53:52.0419 0x0b88  Initialize success
15:53:52.0419 0x0b88  ============================================================
15:53:54.0287 0x00ac  ============================================================
15:53:54.0287 0x00ac  Scan started
15:53:54.0287 0x00ac  Mode: Manual; 
15:53:54.0287 0x00ac  ============================================================
15:53:54.0287 0x00ac  KSN ping started
15:54:08.0616 0x00ac  KSN ping finished: true
15:54:10.0481 0x00ac  ================ Scan system memory ========================
15:54:10.0481 0x00ac  System memory - ok
15:54:10.0482 0x00ac  ================ Scan services =============================
15:54:10.0508 0x00ac  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:54:10.0514 0x00ac  1394ohci - ok
15:54:10.0530 0x00ac  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:54:10.0537 0x00ac  ACPI - ok
15:54:10.0540 0x00ac  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:54:10.0544 0x00ac  AcpiPmi - ok
15:54:10.0552 0x00ac  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:54:10.0562 0x00ac  Adobe LM Service - ok
15:54:10.0584 0x00ac  [ 84DB0A40692CF8A58D1E3710FA5D121F, 0C29C59CAF056C79F56957DB06A8CF480D5BD7BDF6A4F0E9A72653806CF154D0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:54:10.0642 0x00ac  AdobeFlashPlayerUpdateSvc - ok
15:54:10.0654 0x00ac  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:54:10.0670 0x00ac  adp94xx - ok
15:54:10.0679 0x00ac  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:54:10.0693 0x00ac  adpahci - ok
15:54:10.0698 0x00ac  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:54:10.0707 0x00ac  adpu320 - ok
15:54:10.0712 0x00ac  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:54:10.0714 0x00ac  AeLookupSvc - ok
15:54:10.0725 0x00ac  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
15:54:10.0748 0x00ac  AFD - ok
15:54:10.0752 0x00ac  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:54:10.0754 0x00ac  agp440 - ok
15:54:10.0758 0x00ac  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:54:10.0760 0x00ac  ALG - ok
15:54:10.0763 0x00ac  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:54:10.0767 0x00ac  aliide - ok
15:54:10.0774 0x00ac  [ E20DDDFBD0DBE7D8EAD4D7A51D654367, 62164C58655318E7453C6136BE845091D6244A69BD762F1D588605670BA66B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:54:10.0783 0x00ac  AMD External Events Utility - ok
15:54:10.0786 0x00ac  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:54:10.0790 0x00ac  amdide - ok
15:54:10.0794 0x00ac  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:54:10.0801 0x00ac  AmdK8 - ok
15:54:11.0019 0x00ac  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
15:54:11.0263 0x00ac  amdkmdag - ok
15:54:11.0280 0x00ac  [ 6C25C497E05EFD0CB6033A0444FC9B51, 318318F06545869D5E17C6CC9E48109790C2F3A5E65779CB1569A10610136B34 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
15:54:11.0295 0x00ac  amdkmdap - ok
15:54:11.0298 0x00ac  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:54:11.0305 0x00ac  AmdPPM - ok
15:54:11.0310 0x00ac  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:54:11.0316 0x00ac  amdsata - ok
15:54:11.0322 0x00ac  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:54:11.0331 0x00ac  amdsbs - ok
15:54:11.0333 0x00ac  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:54:11.0337 0x00ac  amdxata - ok
15:54:11.0361 0x00ac  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
15:54:11.0382 0x00ac  AntiVirMailService - ok
15:54:11.0396 0x00ac  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:54:11.0403 0x00ac  AntiVirSchedulerService - ok
15:54:11.0416 0x00ac  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:54:11.0422 0x00ac  AntiVirService - ok
15:54:11.0449 0x00ac  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
15:54:11.0478 0x00ac  AntiVirWebService - ok
15:54:11.0484 0x00ac  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
15:54:11.0487 0x00ac  AppID - ok
15:54:11.0489 0x00ac  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:54:11.0491 0x00ac  AppIDSvc - ok
15:54:11.0494 0x00ac  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
15:54:11.0497 0x00ac  Appinfo - ok
15:54:11.0504 0x00ac  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:54:11.0509 0x00ac  AppMgmt - ok
15:54:11.0513 0x00ac  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:54:11.0521 0x00ac  arc - ok
15:54:11.0524 0x00ac  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:54:11.0532 0x00ac  arcsas - ok
15:54:11.0542 0x00ac  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:54:11.0553 0x00ac  aspnet_state - ok
15:54:11.0556 0x00ac  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:54:11.0557 0x00ac  AsyncMac - ok
15:54:11.0559 0x00ac  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:54:11.0561 0x00ac  atapi - ok
15:54:11.0598 0x00ac  [ EA0AF9B866DF07E8FE6C2342585788B0, BE8E799C1ED36B9DC6BEAB40E8B460464C01014DEC021760FB19626C77550792 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
15:54:11.0643 0x00ac  athur - ok
15:54:11.0862 0x00ac  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
15:54:12.0021 0x00ac  atikmdag - ok
15:54:12.0039 0x00ac  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
15:54:12.0056 0x00ac  atksgt - ok
15:54:12.0071 0x00ac  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:54:12.0084 0x00ac  AudioEndpointBuilder - ok
15:54:12.0098 0x00ac  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:54:12.0108 0x00ac  AudioSrv - ok
15:54:12.0116 0x00ac  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:54:12.0123 0x00ac  avgntflt - ok
15:54:12.0128 0x00ac  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:54:12.0136 0x00ac  avipbb - ok
15:54:12.0146 0x00ac  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
15:54:12.0149 0x00ac  Avira.ServiceHost - ok
15:54:12.0152 0x00ac  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:54:12.0157 0x00ac  avkmgr - ok
15:54:12.0161 0x00ac  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
15:54:12.0167 0x00ac  avnetflt - ok
15:54:12.0172 0x00ac  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:54:12.0174 0x00ac  AxInstSV - ok
15:54:12.0186 0x00ac  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:54:12.0202 0x00ac  b06bdrv - ok
15:54:12.0211 0x00ac  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:54:12.0222 0x00ac  b57nd60a - ok
15:54:12.0228 0x00ac  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:54:12.0231 0x00ac  BDESVC - ok
15:54:12.0233 0x00ac  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:54:12.0234 0x00ac  Beep - ok
15:54:12.0251 0x00ac  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:54:12.0263 0x00ac  BFE - ok
15:54:12.0282 0x00ac  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:54:12.0298 0x00ac  BITS - ok
15:54:12.0303 0x00ac  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:54:12.0308 0x00ac  blbdrive - ok
15:54:12.0312 0x00ac  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:54:12.0313 0x00ac  bowser - ok
15:54:12.0317 0x00ac  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:54:12.0321 0x00ac  BrFiltLo - ok
15:54:12.0323 0x00ac  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:54:12.0326 0x00ac  BrFiltUp - ok
15:54:12.0331 0x00ac  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:54:12.0333 0x00ac  BridgeMP - ok
15:54:12.0338 0x00ac  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:54:12.0342 0x00ac  Browser - ok
15:54:12.0349 0x00ac  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:54:12.0361 0x00ac  Brserid - ok
15:54:12.0364 0x00ac  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:54:12.0371 0x00ac  BrSerWdm - ok
15:54:12.0372 0x00ac  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:54:12.0376 0x00ac  BrUsbMdm - ok
15:54:12.0378 0x00ac  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:54:12.0383 0x00ac  BrUsbSer - ok
15:54:12.0386 0x00ac  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:54:12.0392 0x00ac  BTHMODEM - ok
15:54:12.0397 0x00ac  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:54:12.0399 0x00ac  bthserv - ok
15:54:12.0401 0x00ac  catchme - ok
15:54:12.0406 0x00ac  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:54:12.0408 0x00ac  cdfs - ok
15:54:12.0413 0x00ac  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:54:12.0417 0x00ac  cdrom - ok
15:54:12.0422 0x00ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:54:12.0424 0x00ac  CertPropSvc - ok
15:54:12.0428 0x00ac  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:54:12.0434 0x00ac  circlass - ok
15:54:12.0443 0x00ac  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
15:54:12.0451 0x00ac  CLFS - ok
15:54:12.0456 0x00ac  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:54:12.0459 0x00ac  clr_optimization_v2.0.50727_32 - ok
15:54:12.0464 0x00ac  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:54:12.0468 0x00ac  clr_optimization_v2.0.50727_64 - ok
15:54:12.0476 0x00ac  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:54:12.0497 0x00ac  clr_optimization_v4.0.30319_32 - ok
15:54:12.0502 0x00ac  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:54:12.0521 0x00ac  clr_optimization_v4.0.30319_64 - ok
15:54:12.0523 0x00ac  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:54:12.0528 0x00ac  CmBatt - ok
15:54:12.0531 0x00ac  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:54:12.0534 0x00ac  cmdide - ok
15:54:12.0587 0x00ac  [ 2A01CA9628F36208A7D188F34B295192, 336532A03600759C8D243A0E8AAE334EB741EFE89165C1BE08339AE1EC5838B1 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
15:54:12.0664 0x00ac  cmudaxp - ok
15:54:12.0678 0x00ac  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
15:54:12.0687 0x00ac  CNG - ok
15:54:12.0691 0x00ac  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:54:12.0696 0x00ac  Compbatt - ok
15:54:12.0699 0x00ac  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:54:12.0701 0x00ac  CompositeBus - ok
15:54:12.0702 0x00ac  COMSysApp - ok
15:54:12.0706 0x00ac  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:54:12.0711 0x00ac  crcdisk - ok
15:54:12.0717 0x00ac  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:54:12.0722 0x00ac  CryptSvc - ok
15:54:12.0733 0x00ac  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:54:12.0744 0x00ac  CSC - ok
15:54:12.0759 0x00ac  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:54:12.0772 0x00ac  CscService - ok
15:54:12.0784 0x00ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:54:12.0796 0x00ac  DcomLaunch - ok
15:54:12.0804 0x00ac  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:54:12.0811 0x00ac  defragsvc - ok
15:54:12.0817 0x00ac  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:54:12.0819 0x00ac  DfsC - ok
15:54:12.0828 0x00ac  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:54:12.0834 0x00ac  Dhcp - ok
15:54:12.0838 0x00ac  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:54:12.0839 0x00ac  discache - ok
15:54:12.0844 0x00ac  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:54:12.0846 0x00ac  Disk - ok
15:54:12.0852 0x00ac  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:54:12.0857 0x00ac  Dnscache - ok
15:54:12.0864 0x00ac  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:54:12.0871 0x00ac  dot3svc - ok
15:54:12.0876 0x00ac  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:54:12.0879 0x00ac  DPS - ok
15:54:12.0882 0x00ac  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:54:12.0883 0x00ac  drmkaud - ok
15:54:12.0892 0x00ac  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
15:54:12.0896 0x00ac  dtsoftbus01 - ok
15:54:12.0916 0x00ac  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:54:12.0929 0x00ac  DXGKrnl - ok
15:54:12.0934 0x00ac  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:54:12.0938 0x00ac  EapHost - ok
15:54:12.0999 0x00ac  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:54:13.0068 0x00ac  ebdrv - ok
15:54:13.0073 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
15:54:13.0082 0x00ac  EFS - ok
15:54:13.0098 0x00ac  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:54:13.0108 0x00ac  ehRecvr - ok
15:54:13.0113 0x00ac  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:54:13.0116 0x00ac  ehSched - ok
15:54:13.0128 0x00ac  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:54:13.0144 0x00ac  elxstor - ok
15:54:13.0147 0x00ac  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:54:13.0148 0x00ac  ErrDev - ok
15:54:13.0161 0x00ac  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:54:13.0168 0x00ac  EventSystem - ok
15:54:13.0172 0x00ac  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
15:54:13.0186 0x00ac  EvolveVirtualAdapter - ok
15:54:13.0192 0x00ac  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:54:13.0197 0x00ac  exfat - ok
15:54:13.0203 0x00ac  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:54:13.0208 0x00ac  fastfat - ok
15:54:13.0224 0x00ac  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:54:13.0238 0x00ac  Fax - ok
15:54:13.0241 0x00ac  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:54:13.0245 0x00ac  fdc - ok
15:54:13.0249 0x00ac  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:54:13.0250 0x00ac  fdPHost - ok
15:54:13.0253 0x00ac  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:54:13.0255 0x00ac  FDResPub - ok
15:54:13.0258 0x00ac  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:54:13.0260 0x00ac  FileInfo - ok
15:54:13.0263 0x00ac  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:54:13.0264 0x00ac  Filetrace - ok
15:54:13.0267 0x00ac  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:54:13.0272 0x00ac  flpydisk - ok
15:54:13.0279 0x00ac  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:54:13.0285 0x00ac  FltMgr - ok
15:54:13.0308 0x00ac  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
15:54:13.0345 0x00ac  FontCache - ok
15:54:13.0350 0x00ac  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:54:13.0354 0x00ac  FontCache3.0.0.0 - ok
15:54:13.0357 0x00ac  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:54:13.0359 0x00ac  FsDepends - ok
15:54:13.0362 0x00ac  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:54:13.0363 0x00ac  Fs_Rec - ok
15:54:13.0369 0x00ac  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:54:13.0374 0x00ac  fvevol - ok
15:54:13.0378 0x00ac  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:54:13.0385 0x00ac  gagp30kx - ok
15:54:13.0410 0x00ac  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:54:13.0428 0x00ac  GfExperienceService - ok
15:54:13.0445 0x00ac  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:54:13.0462 0x00ac  gpsvc - ok
15:54:13.0469 0x00ac  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:54:13.0478 0x00ac  gupdate - ok
15:54:13.0484 0x00ac  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:54:13.0487 0x00ac  gupdatem - ok
15:54:13.0489 0x00ac  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:54:13.0495 0x00ac  hcw85cir - ok
15:54:13.0504 0x00ac  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:54:13.0512 0x00ac  HdAudAddService - ok
15:54:13.0517 0x00ac  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:54:13.0519 0x00ac  HDAudBus - ok
15:54:13.0523 0x00ac  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:54:13.0528 0x00ac  HidBatt - ok
15:54:13.0532 0x00ac  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:54:13.0538 0x00ac  HidBth - ok
15:54:13.0542 0x00ac  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:54:13.0547 0x00ac  HidIr - ok
15:54:13.0550 0x00ac  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
15:54:13.0552 0x00ac  hidserv - ok
15:54:13.0555 0x00ac  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:54:13.0557 0x00ac  HidUsb - ok
15:54:13.0562 0x00ac  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:54:13.0564 0x00ac  hkmsvc - ok
15:54:13.0573 0x00ac  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:54:13.0578 0x00ac  HomeGroupListener - ok
15:54:13.0584 0x00ac  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:54:13.0590 0x00ac  HomeGroupProvider - ok
15:54:13.0594 0x00ac  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:54:13.0600 0x00ac  HpSAMD - ok
15:54:13.0617 0x00ac  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:54:13.0630 0x00ac  HTTP - ok
15:54:13.0633 0x00ac  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:54:13.0634 0x00ac  hwpolicy - ok
15:54:13.0639 0x00ac  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:54:13.0642 0x00ac  i8042prt - ok
15:54:13.0652 0x00ac  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:54:13.0665 0x00ac  iaStorV - ok
15:54:13.0684 0x00ac  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:54:13.0700 0x00ac  idsvc - ok
15:54:13.0704 0x00ac  IEEtwCollectorService - ok
15:54:13.0708 0x00ac  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:54:13.0713 0x00ac  iirsp - ok
15:54:13.0730 0x00ac  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:54:13.0747 0x00ac  IKEEXT - ok
15:54:13.0752 0x00ac  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:54:13.0755 0x00ac  intelide - ok
15:54:13.0759 0x00ac  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:54:13.0760 0x00ac  intelppm - ok
15:54:13.0765 0x00ac  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:54:13.0768 0x00ac  IPBusEnum - ok
15:54:13.0772 0x00ac  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:54:13.0774 0x00ac  IpFilterDriver - ok
15:54:13.0788 0x00ac  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:54:13.0799 0x00ac  iphlpsvc - ok
15:54:13.0803 0x00ac  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:54:13.0805 0x1470  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
15:54:13.0812 0x00ac  IPMIDRV - ok
15:54:13.0817 0x00ac  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:54:13.0819 0x00ac  IPNAT - ok
15:54:13.0822 0x00ac  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:54:13.0823 0x00ac  IRENUM - ok
15:54:13.0827 0x00ac  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:54:13.0828 0x00ac  isapnp - ok
15:54:13.0834 0x00ac  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:54:13.0840 0x00ac  iScsiPrt - ok
15:54:13.0844 0x00ac  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:54:13.0845 0x00ac  kbdclass - ok
15:54:13.0848 0x00ac  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:54:13.0849 0x00ac  kbdhid - ok
15:54:13.0853 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
15:54:13.0853 0x00ac  KeyIso - ok
15:54:13.0858 0x00ac  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:54:13.0859 0x00ac  KSecDD - ok
15:54:13.0865 0x00ac  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:54:13.0869 0x00ac  KSecPkg - ok
15:54:13.0872 0x00ac  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:54:13.0873 0x00ac  ksthunk - ok
15:54:13.0882 0x00ac  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:54:13.0890 0x00ac  KtmRm - ok
15:54:13.0898 0x00ac  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:54:13.0903 0x00ac  LanmanServer - ok
15:54:13.0908 0x00ac  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:54:13.0912 0x00ac  LanmanWorkstation - ok
15:54:13.0918 0x00ac  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
15:54:13.0922 0x00ac  lirsgt - ok
15:54:13.0925 0x00ac  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:54:13.0927 0x00ac  lltdio - ok
15:54:13.0934 0x00ac  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:54:13.0942 0x00ac  lltdsvc - ok
15:54:13.0944 0x00ac  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:54:13.0947 0x00ac  lmhosts - ok
15:54:13.0952 0x00ac  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:54:13.0958 0x00ac  LSI_FC - ok
15:54:13.0962 0x00ac  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:54:13.0968 0x00ac  LSI_SAS - ok
15:54:13.0972 0x00ac  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:54:13.0978 0x00ac  LSI_SAS2 - ok
15:54:13.0983 0x00ac  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:54:13.0989 0x00ac  LSI_SCSI - ok
15:54:13.0994 0x00ac  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:54:13.0996 0x00ac  luafv - ok
15:54:13.0999 0x00ac  [ 4A503882318BB2F59218D401614E6AF6, 678FDE29EAE20353E780F53CFB9E79EA8B43E1E8BAC77890C178918DC5CCBA0E ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
15:54:14.0004 0x00ac  lvpepf64 - ok
15:54:14.0012 0x00ac  [ 125AE13C293889001B8456CF3EB04A40, EB4B7135691935A9AC515099ED8C2767BC02308068AB9BEB2869B6E841268848 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
15:54:14.0026 0x00ac  LVRS64 - ok
15:54:14.0028 0x00ac  Maplom - ok
15:54:14.0030 0x00ac  MaplomL - ok
15:54:14.0034 0x00ac  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:54:14.0038 0x00ac  MBAMProtector - ok
15:54:14.0063 0x00ac  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
15:54:14.0087 0x00ac  MBAMService - ok
15:54:14.0092 0x00ac  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:54:14.0098 0x00ac  MBAMWebAccessControl - ok
15:54:14.0102 0x00ac  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:54:14.0105 0x00ac  Mcx2Svc - ok
15:54:14.0108 0x00ac  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:54:14.0113 0x00ac  megasas - ok
15:54:14.0121 0x00ac  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:54:14.0132 0x00ac  MegaSR - ok
15:54:14.0137 0x00ac  [ 86614752D2FAE34CCD9E7B2AABA5FBEC, AD5ADDACE7679B6BCCBFA3F3AFA7312B9A4CB2A0E79E199D609D2A8BB20C1723 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:54:14.0142 0x00ac  MEIx64 - ok
15:54:14.0146 0x00ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:54:14.0148 0x00ac  MMCSS - ok
15:54:14.0151 0x00ac  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:54:14.0153 0x00ac  Modem - ok
15:54:14.0156 0x00ac  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:54:14.0157 0x00ac  monitor - ok
15:54:14.0161 0x00ac  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:54:14.0162 0x00ac  mouclass - ok
15:54:14.0165 0x00ac  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:54:14.0166 0x00ac  mouhid - ok
15:54:14.0170 0x00ac  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:54:14.0172 0x00ac  mountmgr - ok
15:54:14.0178 0x00ac  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:54:14.0188 0x00ac  MozillaMaintenance - ok
15:54:14.0197 0x00ac  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:54:14.0210 0x00ac  MpFilter - ok
15:54:14.0216 0x00ac  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:54:14.0220 0x00ac  mpio - ok
15:54:14.0223 0x00ac  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:54:14.0226 0x00ac  mpsdrv - ok
15:54:14.0243 0x00ac  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:54:14.0260 0x00ac  MpsSvc - ok
15:54:14.0265 0x00ac  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:54:14.0270 0x00ac  MRxDAV - ok
15:54:14.0275 0x00ac  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:54:14.0285 0x00ac  mrxsmb - ok
15:54:14.0292 0x00ac  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:54:14.0307 0x00ac  mrxsmb10 - ok
15:54:14.0311 0x00ac  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:54:14.0320 0x00ac  mrxsmb20 - ok
15:54:14.0323 0x00ac  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:54:14.0328 0x00ac  msahci - ok
15:54:14.0333 0x00ac  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:54:14.0337 0x00ac  msdsm - ok
15:54:14.0342 0x00ac  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:54:14.0346 0x00ac  MSDTC - ok
15:54:14.0351 0x00ac  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:54:14.0352 0x00ac  Msfs - ok
15:54:14.0355 0x00ac  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:54:14.0356 0x00ac  mshidkmdf - ok
15:54:14.0358 0x00ac  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:54:14.0358 0x00ac  msisadrv - ok
15:54:14.0365 0x00ac  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:54:14.0370 0x00ac  MSiSCSI - ok
15:54:14.0371 0x00ac  msiserver - ok
15:54:14.0373 0x00ac  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:54:14.0375 0x00ac  MSKSSRV - ok
15:54:14.0381 0x00ac  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:54:14.0381 0x00ac  MsMpSvc - ok
15:54:14.0383 0x00ac  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:54:14.0385 0x00ac  MSPCLOCK - ok
15:54:14.0387 0x00ac  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:54:14.0388 0x00ac  MSPQM - ok
15:54:14.0397 0x00ac  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:54:14.0405 0x00ac  MsRPC - ok
15:54:14.0408 0x00ac  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:54:14.0410 0x00ac  mssmbios - ok
15:54:14.0412 0x00ac  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:54:14.0413 0x00ac  MSTEE - ok
15:54:14.0416 0x00ac  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:54:14.0420 0x00ac  MTConfig - ok
15:54:14.0423 0x00ac  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:54:14.0425 0x00ac  Mup - ok
15:54:14.0436 0x00ac  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:54:14.0445 0x00ac  napagent - ok
15:54:14.0453 0x00ac  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:54:14.0458 0x00ac  NativeWifiP - ok
15:54:14.0478 0x00ac  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:54:14.0496 0x00ac  NDIS - ok
15:54:14.0500 0x00ac  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:54:14.0501 0x00ac  NdisCap - ok
15:54:14.0503 0x00ac  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:54:14.0505 0x00ac  NdisTapi - ok
15:54:14.0508 0x00ac  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:54:14.0510 0x00ac  Ndisuio - ok
15:54:14.0515 0x00ac  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:54:14.0520 0x00ac  NdisWan - ok
15:54:14.0522 0x00ac  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:54:14.0525 0x00ac  NDProxy - ok
15:54:14.0527 0x00ac  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:54:14.0530 0x00ac  NetBIOS - ok
15:54:14.0536 0x00ac  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:54:14.0542 0x00ac  NetBT - ok
15:54:14.0546 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
15:54:14.0547 0x00ac  Netlogon - ok
15:54:14.0556 0x00ac  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:54:14.0563 0x00ac  Netman - ok
15:54:14.0570 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0580 0x00ac  NetMsmqActivator - ok
15:54:14.0583 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0586 0x00ac  NetPipeActivator - ok
15:54:14.0597 0x00ac  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:54:14.0606 0x00ac  netprofm - ok
15:54:14.0611 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0612 0x00ac  NetTcpActivator - ok
15:54:14.0617 0x00ac  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:54:14.0620 0x00ac  NetTcpPortSharing - ok
15:54:14.0623 0x00ac  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
15:54:14.0628 0x00ac  nfrd960 - ok
15:54:14.0635 0x00ac  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:54:14.0641 0x00ac  NisDrv - ok
15:54:14.0642 0x0420  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
15:54:14.0651 0x00ac  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:54:14.0656 0x00ac  NisSrv - ok
15:54:14.0665 0x00ac  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:54:14.0672 0x00ac  NlaSvc - ok
15:54:14.0675 0x00ac  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:54:14.0676 0x00ac  Npfs - ok
15:54:14.0680 0x00ac  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:54:14.0681 0x00ac  nsi - ok
15:54:14.0683 0x00ac  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:54:14.0685 0x00ac  nsiproxy - ok
15:54:14.0726 0x00ac  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:54:14.0755 0x00ac  Ntfs - ok
15:54:14.0761 0x00ac  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
15:54:14.0775 0x00ac  NTIOLib_1_0_4 - ok
15:54:14.0777 0x00ac  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:54:14.0777 0x00ac  Null - ok
15:54:14.0782 0x00ac  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
15:54:14.0788 0x00ac  nusb3hub - ok
15:54:14.0796 0x00ac  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
15:54:14.0805 0x00ac  nusb3xhc - ok
15:54:14.0811 0x00ac  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:54:14.0827 0x00ac  NVHDA - ok
15:54:15.0012 0x00ac  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:54:15.0214 0x00ac  nvlddmkm - ok
15:54:15.0259 0x00ac  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:54:15.0288 0x00ac  NvNetworkService - ok
15:54:15.0295 0x00ac  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:54:15.0303 0x00ac  nvraid - ok
15:54:15.0309 0x00ac  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:54:15.0318 0x00ac  nvstor - ok
15:54:15.0322 0x00ac  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:54:15.0322 0x00ac  NvStreamKms - ok
15:54:15.0324 0x00ac  NvStreamSvc - ok
15:54:15.0344 0x00ac  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:54:15.0402 0x00ac  nvsvc - ok
15:54:15.0406 0x00ac  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
15:54:15.0420 0x00ac  nvvad_WaveExtensible - ok
15:54:15.0424 0x00ac  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:54:15.0431 0x00ac  nv_agp - ok
15:54:15.0445 0x00ac  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:54:15.0464 0x00ac  odserv - ok
15:54:15.0468 0x00ac  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:54:15.0471 0x00ac  ohci1394 - ok
15:54:15.0478 0x00ac  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:54:15.0488 0x00ac  ose - ok
15:54:15.0497 0x00ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:54:15.0504 0x00ac  p2pimsvc - ok
15:54:15.0514 0x00ac  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:54:15.0524 0x00ac  p2psvc - ok
15:54:15.0528 0x00ac  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
15:54:15.0536 0x00ac  Parport - ok
15:54:15.0539 0x00ac  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:54:15.0542 0x00ac  partmgr - ok
15:54:15.0548 0x00ac  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:54:15.0553 0x00ac  PcaSvc - ok
15:54:15.0559 0x00ac  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:54:15.0563 0x00ac  pci - ok
15:54:15.0566 0x00ac  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:54:15.0567 0x00ac  pciide - ok
15:54:15.0574 0x00ac  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
15:54:15.0584 0x00ac  pcmcia - ok
15:54:15.0587 0x00ac  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:54:15.0589 0x00ac  pcw - ok
15:54:15.0604 0x00ac  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:54:15.0615 0x00ac  PEAUTH - ok
15:54:15.0641 0x00ac  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
15:54:15.0667 0x00ac  PeerDistSvc - ok
15:54:15.0679 0x00ac  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:54:15.0681 0x00ac  PerfHost - ok
15:54:15.0736 0x00ac  [ AE0B94363DA0F60D42B9D05B352F61ED, 284EA0123798BDBBAA93F912AD45B3D3F1F662FDDA5C73C0AC0D76AC2F9033C0 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
15:54:15.0800 0x00ac  PID_PEPI - ok
15:54:15.0829 0x00ac  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:54:15.0855 0x00ac  pla - ok
15:54:15.0868 0x00ac  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:54:15.0876 0x00ac  PlugPlay - ok
15:54:15.0879 0x00ac  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:54:15.0881 0x00ac  PNRPAutoReg - ok
15:54:15.0890 0x00ac  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:54:15.0895 0x00ac  PNRPsvc - ok
15:54:15.0906 0x00ac  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:54:15.0918 0x00ac  PolicyAgent - ok
15:54:15.0924 0x00ac  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:54:15.0928 0x00ac  Power - ok
15:54:15.0933 0x00ac  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:54:15.0935 0x00ac  PptpMiniport - ok
15:54:15.0939 0x00ac  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
15:54:15.0946 0x00ac  Processor - ok
15:54:15.0953 0x00ac  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:54:15.0958 0x00ac  ProfSvc - ok
15:54:15.0960 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:54:15.0961 0x00ac  ProtectedStorage - ok
15:54:15.0968 0x00ac  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:54:15.0970 0x00ac  Psched - ok
15:54:16.0000 0x00ac  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
15:54:16.0035 0x00ac  ql2300 - ok
15:54:16.0040 0x00ac  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
15:54:16.0048 0x00ac  ql40xx - ok
15:54:16.0055 0x00ac  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:54:16.0061 0x00ac  QWAVE - ok
15:54:16.0065 0x00ac  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:54:16.0066 0x00ac  QWAVEdrv - ok
15:54:16.0070 0x00ac  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:54:16.0071 0x00ac  RasAcd - ok
15:54:16.0075 0x00ac  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:54:16.0078 0x00ac  RasAgileVpn - ok
15:54:16.0081 0x00ac  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:54:16.0085 0x00ac  RasAuto - ok
15:54:16.0089 0x00ac  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:54:16.0093 0x00ac  Rasl2tp - ok
15:54:16.0101 0x00ac  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:54:16.0109 0x00ac  RasMan - ok
15:54:16.0114 0x00ac  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:54:16.0116 0x00ac  RasPppoe - ok
15:54:16.0120 0x00ac  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:54:16.0123 0x00ac  RasSstp - ok
15:54:16.0130 0x00ac  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:54:16.0138 0x00ac  rdbss - ok
15:54:16.0140 0x00ac  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
15:54:16.0143 0x00ac  rdpbus - ok
15:54:16.0145 0x00ac  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:54:16.0145 0x00ac  RDPCDD - ok
15:54:16.0153 0x00ac  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
15:54:16.0156 0x00ac  RDPDR - ok
15:54:16.0160 0x00ac  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:54:16.0160 0x00ac  RDPENCDD - ok
15:54:16.0164 0x00ac  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:54:16.0165 0x00ac  RDPREFMP - ok
15:54:16.0171 0x00ac  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:54:16.0176 0x00ac  RDPWD - ok
15:54:16.0183 0x00ac  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:54:16.0188 0x00ac  rdyboost - ok
15:54:16.0193 0x00ac  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:54:16.0195 0x00ac  RemoteAccess - ok
15:54:16.0201 0x00ac  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:54:16.0206 0x00ac  RemoteRegistry - ok
15:54:16.0210 0x00ac  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:54:16.0213 0x00ac  RpcEptMapper - ok
15:54:16.0215 0x00ac  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:54:16.0216 0x00ac  RpcLocator - ok
15:54:16.0229 0x00ac  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:54:16.0236 0x00ac  RpcSs - ok
15:54:16.0241 0x00ac  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:54:16.0243 0x00ac  rspndr - ok
15:54:16.0248 0x1470  Object send P2P result: true
15:54:16.0248 0x1470  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
15:54:16.0255 0x00ac  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
15:54:16.0266 0x00ac  RTL8167 - ok
15:54:16.0279 0x00ac  [ 945AB249D12CBE044782430C6013AA1A, 912514C99A8AEEBECBFCB3632520C12F9CB8A8286BE1C70567C8E9D5416320DF ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
15:54:16.0296 0x00ac  RTL8187B - ok
15:54:16.0299 0x00ac  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
15:54:16.0303 0x00ac  s3cap - ok
15:54:16.0305 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
15:54:16.0306 0x00ac  SamSs - ok
15:54:16.0310 0x00ac  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:54:16.0318 0x00ac  sbp2port - ok
15:54:16.0324 0x00ac  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:54:16.0330 0x00ac  SCardSvr - ok
15:54:16.0333 0x00ac  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:54:16.0334 0x00ac  scfilter - ok
15:54:16.0356 0x00ac  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
15:54:16.0378 0x00ac  Schedule - ok
15:54:16.0383 0x00ac  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:54:16.0384 0x00ac  SCPolicySvc - ok
15:54:16.0390 0x00ac  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:54:16.0395 0x00ac  SDRSVC - ok
15:54:16.0399 0x00ac  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:54:16.0403 0x00ac  secdrv - ok
15:54:16.0406 0x00ac  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:54:16.0409 0x00ac  seclogon - ok
15:54:16.0411 0x00ac  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
15:54:16.0414 0x00ac  SENS - ok
15:54:16.0418 0x00ac  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:54:16.0420 0x00ac  SensrSvc - ok
15:54:16.0423 0x00ac  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:54:16.0424 0x00ac  Serenum - ok
15:54:16.0429 0x00ac  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:54:16.0431 0x00ac  Serial - ok
15:54:16.0434 0x00ac  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
15:54:16.0435 0x00ac  sermouse - ok
15:54:16.0443 0x00ac  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:54:16.0446 0x00ac  SessionEnv - ok
15:54:16.0449 0x00ac  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:54:16.0451 0x00ac  sffdisk - ok
15:54:16.0454 0x00ac  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:54:16.0455 0x00ac  sffp_mmc - ok
15:54:16.0458 0x00ac  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:54:16.0459 0x00ac  sffp_sd - ok
15:54:16.0461 0x00ac  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
15:54:16.0465 0x00ac  sfloppy - ok
15:54:16.0474 0x00ac  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:54:16.0483 0x00ac  SharedAccess - ok
15:54:16.0491 0x00ac  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:54:16.0500 0x00ac  ShellHWDetection - ok
15:54:16.0504 0x00ac  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:54:16.0509 0x00ac  SiSRaid2 - ok
15:54:16.0513 0x00ac  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
15:54:16.0520 0x00ac  SiSRaid4 - ok
15:54:16.0524 0x00ac  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:54:16.0526 0x00ac  Smb - ok
15:54:16.0531 0x00ac  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:54:16.0533 0x00ac  SNMPTRAP - ok
15:54:16.0535 0x00ac  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:54:16.0536 0x00ac  spldr - ok
15:54:16.0549 0x00ac  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
15:54:16.0558 0x00ac  Spooler - ok
15:54:16.0624 0x00ac  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:54:16.0693 0x00ac  sppsvc - ok
15:54:16.0700 0x00ac  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:54:16.0703 0x00ac  sppuinotify - ok
15:54:16.0705 0x00ac  sptd - ok
15:54:16.0718 0x00ac  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:54:16.0724 0x00ac  srv - ok
15:54:16.0735 0x00ac  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:54:16.0741 0x00ac  srv2 - ok
15:54:16.0748 0x00ac  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:54:16.0750 0x00ac  srvnet - ok
15:54:16.0759 0x00ac  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:54:16.0765 0x00ac  SSDPSRV - ok
15:54:16.0770 0x00ac  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:54:16.0773 0x00ac  SstpSvc - ok
15:54:16.0791 0x00ac  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:54:17.0039 0x0420  Object send P2P result: true
15:54:17.0073 0x00ac  Steam Client Service - ok
15:54:17.0085 0x00ac  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:54:18.0209 0x00ac  Stereo Service - ok
15:54:18.0211 0x00ac  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
15:54:18.0218 0x00ac  stexstor - ok
15:54:18.0230 0x00ac  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:54:18.0243 0x00ac  stisvc - ok
15:54:18.0248 0x00ac  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
15:54:18.0253 0x00ac  storflt - ok
15:54:18.0255 0x00ac  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
15:54:18.0258 0x00ac  StorSvc - ok
15:54:18.0260 0x00ac  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
15:54:18.0266 0x00ac  storvsc - ok
15:54:18.0269 0x00ac  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
15:54:18.0273 0x00ac  swenum - ok
15:54:18.0285 0x00ac  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:54:18.0296 0x00ac  swprv - ok
15:54:18.0330 0x00ac  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
15:54:18.0363 0x00ac  SysMain - ok
15:54:18.0368 0x00ac  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:54:18.0371 0x00ac  TabletInputService - ok
15:54:18.0380 0x00ac  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:54:18.0389 0x00ac  TapiSrv - ok
15:54:18.0393 0x00ac  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:54:18.0394 0x00ac  TBS - ok
15:54:18.0430 0x00ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:54:18.0464 0x00ac  Tcpip - ok
15:54:18.0501 0x00ac  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:54:18.0526 0x00ac  TCPIP6 - ok
15:54:18.0533 0x00ac  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:54:18.0534 0x00ac  tcpipreg - ok
15:54:18.0538 0x00ac  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:54:18.0539 0x00ac  TDPIPE - ok
15:54:18.0541 0x00ac  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:54:18.0543 0x00ac  TDTCP - ok
15:54:18.0548 0x00ac  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:54:18.0559 0x00ac  tdx - ok
15:54:18.0563 0x00ac  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
15:54:18.0564 0x00ac  TermDD - ok
15:54:18.0579 0x00ac  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:54:18.0593 0x00ac  TermService - ok
15:54:18.0596 0x00ac  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:54:18.0599 0x00ac  Themes - ok
15:54:18.0603 0x00ac  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:54:18.0605 0x00ac  THREADORDER - ok
15:54:18.0609 0x00ac  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:54:18.0613 0x00ac  TrkWks - ok
15:54:18.0620 0x00ac  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:54:18.0624 0x00ac  TrustedInstaller - ok
15:54:18.0628 0x00ac  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:54:18.0630 0x00ac  tssecsrv - ok
15:54:18.0633 0x00ac  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:54:18.0635 0x00ac  TsUsbFlt - ok
15:54:18.0640 0x00ac  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:54:18.0643 0x00ac  tunnel - ok
15:54:18.0646 0x00ac  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
15:54:18.0646 0x1470  Object send P2P result: true
15:54:18.0648 0x1470  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
15:54:18.0653 0x00ac  uagp35 - ok
15:54:18.0661 0x00ac  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:54:18.0669 0x00ac  udfs - ok
15:54:18.0674 0x00ac  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:54:18.0676 0x00ac  UI0Detect - ok
15:54:18.0679 0x00ac  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:54:18.0685 0x00ac  uliagpkx - ok
15:54:18.0689 0x00ac  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
15:54:18.0690 0x00ac  umbus - ok
15:54:18.0693 0x00ac  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
15:54:18.0696 0x00ac  UmPass - ok
15:54:18.0704 0x00ac  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
15:54:18.0709 0x00ac  UmRdpService - ok
15:54:18.0719 0x00ac  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:54:18.0726 0x00ac  upnphost - ok
15:54:18.0731 0x00ac  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:54:18.0735 0x00ac  usbaudio - ok
15:54:18.0739 0x00ac  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:54:18.0751 0x00ac  usbccgp - ok
15:54:18.0756 0x00ac  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:54:18.0765 0x00ac  usbcir - ok
15:54:18.0769 0x00ac  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:54:18.0770 0x00ac  usbehci - ok
15:54:18.0779 0x00ac  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:54:18.0786 0x00ac  usbhub - ok
15:54:18.0790 0x00ac  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:54:18.0791 0x00ac  usbohci - ok
15:54:18.0794 0x00ac  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:54:18.0799 0x00ac  usbprint - ok
15:54:18.0803 0x00ac  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:54:18.0814 0x00ac  USBSTOR - ok
15:54:18.0816 0x00ac  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:54:18.0818 0x00ac  usbuhci - ok
15:54:18.0821 0x00ac  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:54:18.0824 0x00ac  UxSms - ok
15:54:18.0826 0x00ac  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
15:54:18.0828 0x00ac  VaultSvc - ok
15:54:18.0834 0x00ac  [ 8FD4BE594B4247E534E5D7CADA47FF20, A1D4DF89FAE48B2A6E3443C49533000A3E13A3CE1C18D8DB5DAEE4DDD9C51E88 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
15:54:18.0844 0x00ac  VBoxNetAdp - ok
15:54:18.0846 0x00ac  VBoxNetFlt - ok
15:54:18.0849 0x00ac  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:54:18.0851 0x00ac  vdrvroot - ok
15:54:18.0863 0x00ac  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:54:18.0874 0x00ac  vds - ok
15:54:18.0878 0x00ac  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:54:18.0880 0x00ac  vga - ok
15:54:18.0883 0x00ac  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:54:18.0884 0x00ac  VgaSave - ok
15:54:18.0890 0x00ac  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:54:18.0894 0x00ac  vhdmp - ok
15:54:18.0896 0x00ac  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:54:18.0900 0x00ac  viaide - ok
15:54:18.0906 0x00ac  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
15:54:18.0918 0x00ac  vmbus - ok
15:54:18.0920 0x00ac  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
15:54:18.0924 0x00ac  VMBusHID - ok
15:54:18.0929 0x00ac  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:54:18.0931 0x00ac  volmgr - ok
15:54:18.0940 0x00ac  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:54:18.0948 0x00ac  volmgrx - ok
15:54:18.0955 0x00ac  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:54:18.0961 0x00ac  volsnap - ok
15:54:18.0968 0x00ac  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
15:54:18.0976 0x00ac  vsmraid - ok
15:54:19.0006 0x00ac  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:54:19.0036 0x00ac  VSS - ok
15:54:19.0040 0x00ac  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:54:19.0041 0x00ac  vwifibus - ok
15:54:19.0045 0x00ac  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:54:19.0048 0x00ac  vwififlt - ok
15:54:19.0058 0x00ac  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:54:19.0066 0x00ac  W32Time - ok
15:54:19.0070 0x00ac  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
15:54:19.0074 0x00ac  WacomPen - ok
15:54:19.0079 0x00ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:54:19.0081 0x00ac  WANARP - ok
15:54:19.0085 0x00ac  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:54:19.0088 0x00ac  Wanarpv6 - ok
15:54:19.0116 0x00ac  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:54:19.0144 0x00ac  wbengine - ok
15:54:19.0151 0x00ac  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:54:19.0158 0x00ac  WbioSrvc - ok
15:54:19.0166 0x00ac  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:54:19.0175 0x00ac  wcncsvc - ok
15:54:19.0179 0x00ac  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:54:19.0181 0x00ac  WcsPlugInService - ok
15:54:19.0184 0x00ac  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
15:54:19.0189 0x00ac  Wd - ok
15:54:19.0205 0x00ac  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:54:19.0220 0x00ac  Wdf01000 - ok
15:54:19.0224 0x00ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:54:19.0228 0x00ac  WdiServiceHost - ok
15:54:19.0231 0x00ac  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:54:19.0234 0x00ac  WdiSystemHost - ok
15:54:19.0241 0x00ac  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
15:54:19.0248 0x00ac  WebClient - ok
15:54:19.0255 0x00ac  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:54:19.0261 0x00ac  Wecsvc - ok
15:54:19.0265 0x00ac  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:54:19.0268 0x00ac  wercplsupport - ok
15:54:19.0273 0x00ac  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:54:19.0275 0x00ac  WerSvc - ok
15:54:19.0279 0x00ac  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:54:19.0280 0x00ac  WfpLwf - ok
15:54:19.0283 0x00ac  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:54:19.0284 0x00ac  WIMMount - ok
15:54:19.0286 0x00ac  WinDefend - ok
15:54:19.0290 0x00ac  WinHttpAutoProxySvc - ok
15:54:19.0300 0x00ac  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:54:19.0305 0x00ac  Winmgmt - ok
15:54:19.0344 0x00ac  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:54:19.0380 0x00ac  WinRM - ok
15:54:19.0389 0x00ac  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:54:19.0403 0x00ac  WinUsb - ok
15:54:19.0421 0x00ac  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:54:19.0439 0x00ac  Wlansvc - ok
15:54:19.0484 0x00ac  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:54:19.0526 0x00ac  wlidsvc - ok
15:54:19.0531 0x00ac  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:54:19.0533 0x00ac  WmiAcpi - ok
15:54:19.0540 0x00ac  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:54:19.0545 0x00ac  wmiApSrv - ok
15:54:19.0548 0x00ac  WMPNetworkSvc - ok
15:54:19.0550 0x00ac  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:54:19.0553 0x00ac  WPCSvc - ok
15:54:19.0558 0x00ac  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:54:19.0560 0x00ac  WPDBusEnum - ok
15:54:19.0564 0x00ac  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:54:19.0565 0x00ac  ws2ifsl - ok
15:54:19.0569 0x00ac  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
15:54:19.0573 0x00ac  wscsvc - ok
15:54:19.0575 0x00ac  WSearch - ok
15:54:19.0623 0x00ac  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:54:19.0670 0x00ac  wuauserv - ok
15:54:19.0675 0x00ac  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:54:19.0678 0x00ac  WudfPf - ok
15:54:19.0685 0x00ac  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:54:19.0690 0x00ac  WUDFRd - ok
15:54:19.0695 0x00ac  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:54:19.0698 0x00ac  wudfsvc - ok
15:54:19.0705 0x00ac  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:54:19.0711 0x00ac  WwanSvc - ok
15:54:19.0716 0x00ac  ================ Scan global ===============================
15:54:19.0719 0x00ac  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
15:54:19.0726 0x00ac  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
15:54:19.0748 0x00ac  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
15:54:19.0754 0x00ac  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:54:19.0763 0x00ac  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
15:54:19.0769 0x00ac  [ Global ] - ok
15:54:19.0769 0x00ac  ================ Scan MBR ==================================
15:54:19.0770 0x00ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:54:19.0976 0x00ac  \Device\Harddisk0\DR0 - ok
15:54:19.0978 0x00ac  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:54:20.0070 0x00ac  \Device\Harddisk1\DR1 - ok
15:54:20.0071 0x00ac  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
15:54:20.0075 0x00ac  \Device\Harddisk2\DR2 - ok
15:54:20.0075 0x00ac  ================ Scan VBR ==================================
15:54:20.0076 0x00ac  [ F6837954E147B634BF2AD664FABF4BF6 ] \Device\Harddisk0\DR0\Partition1
15:54:20.0079 0x00ac  \Device\Harddisk0\DR0\Partition1 - ok
15:54:20.0080 0x00ac  [ DCE858D6C9F7CCF09DA9BDF4C36D0E67 ] \Device\Harddisk0\DR0\Partition2
15:54:20.0083 0x00ac  \Device\Harddisk0\DR0\Partition2 - ok
15:54:20.0084 0x00ac  [ E13FBCCC5B05C0E2070179038181A67E ] \Device\Harddisk1\DR1\Partition1
15:54:20.0130 0x00ac  \Device\Harddisk1\DR1\Partition1 - ok
15:54:20.0131 0x00ac  [ 8609533CF3BD113BA1BE72FB9BF6BA11 ] \Device\Harddisk1\DR1\Partition2
15:54:20.0174 0x00ac  \Device\Harddisk1\DR1\Partition2 - ok
15:54:20.0175 0x00ac  [ 383E4B4A5D3DF421AE29D47974C36C85 ] \Device\Harddisk1\DR1\Partition3
15:54:20.0176 0x00ac  \Device\Harddisk1\DR1\Partition3 - ok
15:54:20.0178 0x00ac  [ E04879AC8DB84D84DA8065AEFE045809 ] \Device\Harddisk1\DR1\Partition4
15:54:20.0179 0x00ac  \Device\Harddisk1\DR1\Partition4 - ok
15:54:20.0180 0x00ac  [ A6DBB8959C2F94376654F12B80365952 ] \Device\Harddisk2\DR2\Partition1
15:54:20.0181 0x00ac  \Device\Harddisk2\DR2\Partition1 - ok
15:54:20.0181 0x00ac  ================ Scan generic autorun ======================
15:54:20.0208 0x00ac  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
15:54:20.0235 0x00ac  MSC - ok
15:54:20.0286 0x00ac  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:54:20.0330 0x00ac  NvBackend - ok
15:54:20.0334 0x00ac  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:54:20.0336 0x00ac  ShadowPlay - ok
15:54:20.0346 0x00ac  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
15:54:20.0348 0x00ac  Cmaudio8788 - ok
15:54:20.0354 0x00ac  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
15:54:20.0361 0x00ac  Cmaudio8788GX - ok
15:54:20.0369 0x00ac  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
15:54:20.0373 0x00ac  Cmaudio8788GX64 - ok
15:54:20.0391 0x00ac  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
15:54:20.0403 0x00ac  avgnt - ok
15:54:20.0408 0x00ac  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
15:54:20.0409 0x00ac  NUSB3MON - ok
15:54:20.0416 0x00ac  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:54:20.0426 0x00ac  SunJavaUpdateSched - ok
15:54:20.0430 0x00ac  [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:54:20.0436 0x00ac  Avira SystrayStartTrigger - ok
15:54:20.0436 0x00ac  Waiting for KSN requests completion. In queue: 221
15:54:21.0042 0x1470  Object send P2P result: true
15:54:21.0042 0x1470  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
15:54:21.0437 0x00ac  Waiting for KSN requests completion. In queue: 220
15:54:22.0437 0x00ac  Waiting for KSN requests completion. In queue: 220
15:54:22.0780 0x1254  Object required for P2P: [ 3405A4A63018892F31E61C01E9A0313E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
15:54:23.0437 0x00ac  Waiting for KSN requests completion. In queue: 4
15:54:23.0454 0x1470  Object send P2P result: true
15:54:24.0437 0x00ac  Waiting for KSN requests completion. In queue: 1
15:54:25.0202 0x1254  Object send P2P result: true
15:54:25.0452 0x00ac  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
15:54:25.0452 0x00ac  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
15:54:25.0462 0x00ac  Win FW state via NFP2: enabled ( trusted )
15:54:27.0821 0x00ac  ============================================================
15:54:27.0821 0x00ac  Scan finished
15:54:27.0821 0x00ac  ============================================================
15:54:27.0826 0x156c  Detected object count: 0
15:54:27.0826 0x156c  Actual detected object count: 0

deeprybka · 04.01.2016, 22:45

Ach wenn sich am Resultat nicht viel ändern wird, bitte Scan so durchführen wie in der Anleitung beschrieben ist.

benjay · 04.01.2016, 23:51

Sorry! Wer lesen kann, ist klar im Vorteil

Code:

ATTFilter

23:46:03.0633 0x135c  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
23:46:06.0776 0x135c  ============================================================
23:46:06.0776 0x135c  Current date / time: 2016/01/04 23:46:06.0776
23:46:06.0776 0x135c  SystemInfo:
23:46:06.0776 0x135c  
23:46:06.0776 0x135c  OS Version: 6.1.7601 ServicePack: 1.0
23:46:06.0776 0x135c  Product type: Workstation
23:46:06.0776 0x135c  ComputerName: BENJAY-PC
23:46:06.0777 0x135c  UserName: benjay
23:46:06.0777 0x135c  Windows directory: C:\Windows
23:46:06.0777 0x135c  System windows directory: C:\Windows
23:46:06.0777 0x135c  Running under WOW64
23:46:06.0777 0x135c  Processor architecture: Intel x64
23:46:06.0777 0x135c  Number of processors: 4
23:46:06.0777 0x135c  Page size: 0x1000
23:46:06.0777 0x135c  Boot type: Normal boot
23:46:06.0777 0x135c  ============================================================
23:46:07.0474 0x135c  KLMD registered as C:\Windows\system32\drivers\92764187.sys
23:46:08.0004 0x135c  System UUID: {CB580BE7-8DD2-5970-BC23-270049115F63}
23:46:08.0415 0x135c  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:08.0427 0x135c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:08.0448 0x135c  Drive \Device\Harddisk2\DR2 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:46:08.0451 0x135c  ============================================================
23:46:08.0451 0x135c  \Device\Harddisk0\DR0:
23:46:08.0451 0x135c  MBR partitions:
23:46:08.0451 0x135c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:46:08.0451 0x135c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
23:46:08.0451 0x135c  \Device\Harddisk1\DR1:
23:46:08.0451 0x135c  MBR partitions:
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC705800
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0xC738000, BlocksNum 0x1E848000
23:46:08.0451 0x135c  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x2AF80000, BlocksNum 0x49786000
23:46:08.0451 0x135c  \Device\Harddisk2\DR2:
23:46:08.0451 0x135c  MBR partitions:
23:46:08.0451 0x135c  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A380D41
23:46:08.0452 0x135c  ============================================================
23:46:08.0454 0x135c  C: <-> \Device\Harddisk0\DR0\Partition2
23:46:08.0458 0x135c  E: <-> \Device\Harddisk1\DR1\Partition1
23:46:08.0470 0x135c  F: <-> \Device\Harddisk2\DR2\Partition1
23:46:08.0486 0x135c  G: <-> \Device\Harddisk1\DR1\Partition2
23:46:08.0514 0x135c  H: <-> \Device\Harddisk1\DR1\Partition3
23:46:08.0543 0x135c  I: <-> \Device\Harddisk1\DR1\Partition4
23:46:08.0543 0x135c  ============================================================
23:46:08.0543 0x135c  Initialize success
23:46:08.0543 0x135c  ============================================================
23:46:22.0461 0x1784  ============================================================
23:46:22.0461 0x1784  Scan started
23:46:22.0461 0x1784  Mode: Manual; SigCheck; TDLFS; 
23:46:22.0461 0x1784  ============================================================
23:46:22.0461 0x1784  KSN ping started
23:46:36.0089 0x1784  KSN ping finished: true
23:46:36.0379 0x1784  ================ Scan system memory ========================
23:46:36.0379 0x1784  System memory - ok
23:46:36.0379 0x1784  ================ Scan services =============================
23:46:36.0406 0x1784  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:46:36.0447 0x1784  1394ohci - ok
23:46:36.0458 0x1784  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:46:36.0473 0x1784  ACPI - ok
23:46:36.0477 0x1784  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:46:36.0500 0x1784  AcpiPmi - ok
23:46:36.0507 0x1784  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:46:36.0512 0x1784  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
23:46:38.0808 0x1784  Detect skipped due to KSN trusted
23:46:38.0808 0x1784  Adobe LM Service - ok
23:46:38.0831 0x1784  [ 84DB0A40692CF8A58D1E3710FA5D121F, 0C29C59CAF056C79F56957DB06A8CF480D5BD7BDF6A4F0E9A72653806CF154D0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:46:38.0843 0x1784  AdobeFlashPlayerUpdateSvc - ok
23:46:38.0856 0x1784  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:46:38.0874 0x1784  adp94xx - ok
23:46:38.0883 0x1784  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:46:38.0899 0x1784  adpahci - ok
23:46:38.0905 0x1784  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:46:38.0917 0x1784  adpu320 - ok
23:46:38.0922 0x1784  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:46:38.0967 0x1784  AeLookupSvc - ok
23:46:38.0979 0x1784  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
23:46:39.0002 0x1784  AFD - ok
23:46:39.0006 0x1784  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:46:39.0015 0x1784  agp440 - ok
23:46:39.0019 0x1784  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:46:39.0033 0x1784  ALG - ok
23:46:39.0036 0x1784  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:46:39.0044 0x1784  aliide - ok
23:46:39.0051 0x1784  [ E20DDDFBD0DBE7D8EAD4D7A51D654367, 62164C58655318E7453C6136BE845091D6244A69BD762F1D588605670BA66B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:46:39.0080 0x1784  AMD External Events Utility - ok
23:46:39.0083 0x1784  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:46:39.0090 0x1784  amdide - ok
23:46:39.0095 0x1784  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:46:39.0107 0x1784  AmdK8 - ok
23:46:39.0323 0x1784  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:46:39.0587 0x1784  amdkmdag - ok
23:46:39.0605 0x1784  [ 6C25C497E05EFD0CB6033A0444FC9B51, 318318F06545869D5E17C6CC9E48109790C2F3A5E65779CB1569A10610136B34 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:46:39.0624 0x1784  amdkmdap - ok
23:46:39.0628 0x1784  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:46:39.0638 0x1784  AmdPPM - ok
23:46:39.0642 0x1784  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:46:39.0652 0x1784  amdsata - ok
23:46:39.0658 0x1784  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:46:39.0670 0x1784  amdsbs - ok
23:46:39.0673 0x1784  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:46:39.0681 0x1784  amdxata - ok
23:46:39.0703 0x1784  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
23:46:39.0729 0x1784  AntiVirMailService - ok
23:46:39.0742 0x1784  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:46:39.0757 0x1784  AntiVirSchedulerService - ok
23:46:39.0769 0x1784  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:46:39.0784 0x1784  AntiVirService - ok
23:46:39.0812 0x1784  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
23:46:39.0844 0x1784  AntiVirWebService - ok
23:46:39.0849 0x1784  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
23:46:39.0862 0x1784  AppID - ok
23:46:39.0865 0x1784  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:46:39.0875 0x1784  AppIDSvc - ok
23:46:39.0879 0x1784  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
23:46:39.0891 0x1784  Appinfo - ok
23:46:39.0899 0x1784  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:46:39.0913 0x1784  AppMgmt - ok
23:46:39.0917 0x1784  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:46:39.0926 0x1784  arc - ok
23:46:39.0930 0x1784  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:46:39.0939 0x1784  arcsas - ok
23:46:39.0949 0x1784  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:46:39.0959 0x1784  aspnet_state - ok
23:46:39.0962 0x1784  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:46:39.0986 0x1784  AsyncMac - ok
23:46:39.0989 0x1784  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:46:39.0996 0x1784  atapi - ok
23:46:40.0035 0x1784  [ EA0AF9B866DF07E8FE6C2342585788B0, BE8E799C1ED36B9DC6BEAB40E8B460464C01014DEC021760FB19626C77550792 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
23:46:40.0085 0x1784  athur - ok
23:46:40.0304 0x1784  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
23:46:40.0519 0x1784  atikmdag - ok
23:46:40.0538 0x1784  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
23:46:40.0564 0x1784  atksgt - ok
23:46:40.0579 0x1784  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:46:40.0604 0x1784  AudioEndpointBuilder - ok
23:46:40.0619 0x1784  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:46:40.0638 0x1784  AudioSrv - ok
23:46:40.0645 0x1784  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:46:40.0655 0x1784  avgntflt - ok
23:46:40.0660 0x1784  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:46:40.0669 0x1784  avipbb - ok
23:46:40.0679 0x1784  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:46:40.0691 0x1784  Avira.ServiceHost - ok
23:46:40.0694 0x1784  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:46:40.0701 0x1784  avkmgr - ok
23:46:40.0705 0x1784  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
23:46:40.0714 0x1784  avnetflt - ok
23:46:40.0718 0x1784  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:46:40.0739 0x1784  AxInstSV - ok
23:46:40.0751 0x1784  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:46:40.0770 0x1784  b06bdrv - ok
23:46:40.0779 0x1784  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:46:40.0793 0x1784  b57nd60a - ok
23:46:40.0799 0x1784  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:46:40.0811 0x1784  BDESVC - ok
23:46:40.0813 0x1784  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:46:40.0836 0x1784  Beep - ok
23:46:40.0852 0x1784  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:46:40.0876 0x1784  BFE - ok
23:46:40.0895 0x1784  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:46:40.0967 0x1784  BITS - ok
23:46:40.0971 0x1784  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:46:40.0981 0x1784  blbdrive - ok
23:46:40.0986 0x1784  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:46:40.0997 0x1784  bowser - ok
23:46:40.0999 0x1784  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:46:41.0021 0x1784  BrFiltLo - ok
23:46:41.0023 0x1784  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:46:41.0034 0x1784  BrFiltUp - ok
23:46:41.0039 0x1784  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:46:41.0064 0x1784  BridgeMP - ok
23:46:41.0069 0x1784  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:46:41.0082 0x1784  Browser - ok
23:46:41.0090 0x1784  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:46:41.0108 0x1784  Brserid - ok
23:46:41.0112 0x1784  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:46:41.0124 0x1784  BrSerWdm - ok
23:46:41.0126 0x1784  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:46:41.0137 0x1784  BrUsbMdm - ok
23:46:41.0140 0x1784  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:46:41.0149 0x1784  BrUsbSer - ok
23:46:41.0153 0x1784  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:46:41.0165 0x1784  BTHMODEM - ok
23:46:41.0170 0x1784  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:46:41.0196 0x1784  bthserv - ok
23:46:41.0197 0x1784  catchme - ok
23:46:41.0202 0x1784  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:46:41.0227 0x1784  cdfs - ok
23:46:41.0233 0x1784  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:46:41.0246 0x1784  cdrom - ok
23:46:41.0251 0x1784  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:46:41.0276 0x1784  CertPropSvc - ok
23:46:41.0279 0x1784  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:46:41.0292 0x1784  circlass - ok
23:46:41.0301 0x1784  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:46:41.0317 0x1784  CLFS - ok
23:46:41.0323 0x1784  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:46:41.0332 0x1784  clr_optimization_v2.0.50727_32 - ok
23:46:41.0337 0x1784  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:46:41.0347 0x1784  clr_optimization_v2.0.50727_64 - ok
23:46:41.0355 0x1784  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:46:41.0366 0x1784  clr_optimization_v4.0.30319_32 - ok
23:46:41.0370 0x1784  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:46:41.0381 0x1784  clr_optimization_v4.0.30319_64 - ok
23:46:41.0384 0x1784  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:46:41.0394 0x1784  CmBatt - ok
23:46:41.0396 0x1784  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:46:41.0404 0x1784  cmdide - ok
23:46:41.0456 0x1784  [ 2A01CA9628F36208A7D188F34B295192, 336532A03600759C8D243A0E8AAE334EB741EFE89165C1BE08339AE1EC5838B1 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
23:46:41.0542 0x1784  cmudaxp - ok
23:46:41.0555 0x1784  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:46:41.0577 0x1784  CNG - ok
23:46:41.0580 0x1784  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:46:41.0588 0x1784  Compbatt - ok
23:46:41.0591 0x1784  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:46:41.0603 0x1784  CompositeBus - ok
23:46:41.0605 0x1784  COMSysApp - ok
23:46:41.0608 0x1784  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:46:41.0616 0x1784  crcdisk - ok
23:46:41.0623 0x1784  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:46:41.0657 0x1784  CryptSvc - ok
23:46:41.0669 0x1784  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:46:41.0689 0x1784  CSC - ok
23:46:41.0705 0x1784  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:46:41.0728 0x1784  CscService - ok
23:46:41.0741 0x1784  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:46:41.0775 0x1784  DcomLaunch - ok
23:46:41.0783 0x1784  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:46:41.0812 0x1784  defragsvc - ok
23:46:41.0817 0x1784  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:46:41.0842 0x1784  DfsC - ok
23:46:41.0850 0x1784  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:46:41.0879 0x1784  Dhcp - ok
23:46:41.0883 0x1784  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:46:41.0906 0x1784  discache - ok
23:46:41.0911 0x1784  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:46:41.0920 0x1784  Disk - ok
23:46:41.0926 0x1784  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:46:41.0941 0x1784  Dnscache - ok
23:46:41.0948 0x1784  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:46:41.0978 0x1784  dot3svc - ok
23:46:41.0984 0x1784  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:46:42.0012 0x1784  DPS - ok
23:46:42.0014 0x1784  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:46:42.0025 0x1784  drmkaud - ok
23:46:42.0034 0x1784  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:46:42.0045 0x1784  dtsoftbus01 - ok
23:46:42.0066 0x1784  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:46:42.0094 0x1784  DXGKrnl - ok
23:46:42.0099 0x1784  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:46:42.0125 0x1784  EapHost - ok
23:46:42.0186 0x1784  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:46:42.0269 0x1784  ebdrv - ok
23:46:42.0274 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
23:46:42.0286 0x1784  EFS - ok
23:46:42.0302 0x1784  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:46:42.0330 0x1784  ehRecvr - ok
23:46:42.0335 0x1784  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:46:42.0349 0x1784  ehSched - ok
23:46:42.0361 0x1784  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:46:42.0380 0x1784  elxstor - ok
23:46:42.0383 0x1784  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:46:42.0392 0x1784  ErrDev - ok
23:46:42.0403 0x1784  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:46:42.0434 0x1784  EventSystem - ok
23:46:42.0437 0x1784  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
23:46:42.0454 0x1784  EvolveVirtualAdapter - ok
23:46:42.0459 0x1784  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:46:42.0487 0x1784  exfat - ok
23:46:42.0494 0x1784  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:46:42.0522 0x1784  fastfat - ok
23:46:42.0538 0x1784  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:46:42.0563 0x1784  Fax - ok
23:46:42.0566 0x1784  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:46:42.0576 0x1784  fdc - ok
23:46:42.0579 0x1784  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:46:42.0602 0x1784  fdPHost - ok
23:46:42.0605 0x1784  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:46:42.0629 0x1784  FDResPub - ok
23:46:42.0633 0x1784  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:46:42.0642 0x1784  FileInfo - ok
23:46:42.0645 0x1784  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:46:42.0668 0x1784  Filetrace - ok
23:46:42.0671 0x1784  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:46:42.0680 0x1784  flpydisk - ok
23:46:42.0688 0x1784  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:46:42.0702 0x1784  FltMgr - ok
23:46:42.0726 0x1784  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
23:46:42.0762 0x1784  FontCache - ok
23:46:42.0766 0x1784  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:46:42.0774 0x1784  FontCache3.0.0.0 - ok
23:46:42.0778 0x1784  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:46:42.0786 0x1784  FsDepends - ok
23:46:42.0789 0x1784  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:46:42.0797 0x1784  Fs_Rec - ok
23:46:42.0803 0x1784  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:46:42.0818 0x1784  fvevol - ok
23:46:42.0821 0x1784  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:46:42.0830 0x1784  gagp30kx - ok
23:46:42.0855 0x1784  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
23:46:42.0885 0x1784  GfExperienceService - ok
23:46:42.0903 0x1784  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:46:42.0942 0x1784  gpsvc - ok
23:46:42.0950 0x1784  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:46:42.0958 0x1784  gupdate - ok
23:46:42.0963 0x1784  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:46:42.0971 0x1784  gupdatem - ok
23:46:42.0975 0x1784  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:46:42.0985 0x1784  hcw85cir - ok
23:46:42.0994 0x1784  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:46:43.0012 0x1784  HdAudAddService - ok
23:46:43.0017 0x1784  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:46:43.0030 0x1784  HDAudBus - ok
23:46:43.0033 0x1784  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:46:43.0042 0x1784  HidBatt - ok
23:46:43.0046 0x1784  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:46:43.0059 0x1784  HidBth - ok
23:46:43.0062 0x1784  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:46:43.0073 0x1784  HidIr - ok
23:46:43.0077 0x1784  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
23:46:43.0100 0x1784  hidserv - ok
23:46:43.0104 0x1784  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:46:43.0113 0x1784  HidUsb - ok
23:46:43.0117 0x1784  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:46:43.0142 0x1784  hkmsvc - ok
23:46:43.0149 0x1784  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:46:43.0163 0x1784  HomeGroupListener - ok
23:46:43.0169 0x1784  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:46:43.0183 0x1784  HomeGroupProvider - ok
23:46:43.0187 0x1784  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:46:43.0196 0x1784  HpSAMD - ok
23:46:43.0212 0x1784  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:46:43.0237 0x1784  HTTP - ok
23:46:43.0240 0x1784  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:46:43.0248 0x1784  hwpolicy - ok
23:46:43.0252 0x1784  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:46:43.0263 0x1784  i8042prt - ok
23:46:43.0273 0x1784  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:46:43.0289 0x1784  iaStorV - ok
23:46:43.0308 0x1784  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:46:43.0334 0x1784  idsvc - ok
23:46:43.0337 0x1784  IEEtwCollectorService - ok
23:46:43.0341 0x1784  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:46:43.0349 0x1784  iirsp - ok
23:46:43.0367 0x1784  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:46:43.0394 0x1784  IKEEXT - ok
23:46:43.0398 0x1784  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:46:43.0406 0x1784  intelide - ok
23:46:43.0409 0x1784  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:46:43.0418 0x1784  intelppm - ok
23:46:43.0423 0x1784  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:46:43.0447 0x1784  IPBusEnum - ok
23:46:43.0451 0x1784  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:46:43.0476 0x1784  IpFilterDriver - ok
23:46:43.0489 0x1784  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:46:43.0524 0x1784  iphlpsvc - ok
23:46:43.0529 0x1784  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:46:43.0539 0x1784  IPMIDRV - ok
23:46:43.0544 0x1784  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:46:43.0570 0x1784  IPNAT - ok
23:46:43.0572 0x1784  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:46:43.0598 0x1784  IRENUM - ok
23:46:43.0604 0x1784  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:46:43.0612 0x1784  isapnp - ok
23:46:43.0620 0x1784  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:46:43.0633 0x1784  iScsiPrt - ok
23:46:43.0637 0x1784  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:46:43.0646 0x1784  kbdclass - ok
23:46:43.0649 0x1784  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:46:43.0659 0x1784  kbdhid - ok
23:46:43.0662 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
23:46:43.0671 0x1784  KeyIso - ok
23:46:43.0675 0x1784  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:46:43.0684 0x1784  KSecDD - ok
23:46:43.0689 0x1784  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:46:43.0700 0x1784  KSecPkg - ok
23:46:43.0704 0x1784  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:46:43.0728 0x1784  ksthunk - ok
23:46:43.0737 0x1784  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:46:43.0770 0x1784  KtmRm - ok
23:46:43.0779 0x1784  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:46:43.0809 0x1784  LanmanServer - ok
23:46:43.0814 0x1784  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:46:43.0842 0x1784  LanmanWorkstation - ok
23:46:43.0847 0x1784  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
23:46:43.0855 0x1784  lirsgt - ok
23:46:43.0859 0x1784  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:46:43.0882 0x1784  lltdio - ok
23:46:43.0891 0x1784  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:46:43.0920 0x1784  lltdsvc - ok
23:46:43.0923 0x1784  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:46:43.0947 0x1784  lmhosts - ok
23:46:43.0952 0x1784  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:46:43.0962 0x1784  LSI_FC - ok
23:46:43.0966 0x1784  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:46:43.0976 0x1784  LSI_SAS - ok
23:46:43.0980 0x1784  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:46:43.0988 0x1784  LSI_SAS2 - ok
23:46:43.0992 0x1784  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:46:44.0002 0x1784  LSI_SCSI - ok
23:46:44.0006 0x1784  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:46:44.0032 0x1784  luafv - ok
23:46:44.0035 0x1784  [ 4A503882318BB2F59218D401614E6AF6, 678FDE29EAE20353E780F53CFB9E79EA8B43E1E8BAC77890C178918DC5CCBA0E ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
23:46:44.0041 0x1784  lvpepf64 - ok
23:46:44.0050 0x1784  [ 125AE13C293889001B8456CF3EB04A40, EB4B7135691935A9AC515099ED8C2767BC02308068AB9BEB2869B6E841268848 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
23:46:44.0063 0x1784  LVRS64 - ok
23:46:44.0066 0x1784  Maplom - ok
23:46:44.0068 0x1784  MaplomL - ok
23:46:44.0072 0x1784  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:46:44.0079 0x1784  MBAMProtector - ok
23:46:44.0104 0x1784  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
23:46:44.0134 0x1784  MBAMService - ok
23:46:44.0139 0x1784  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:46:44.0147 0x1784  MBAMWebAccessControl - ok
23:46:44.0151 0x1784  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:46:44.0162 0x1784  Mcx2Svc - ok
23:46:44.0165 0x1784  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:46:44.0173 0x1784  megasas - ok
23:46:44.0180 0x1784  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:46:44.0194 0x1784  MegaSR - ok
23:46:44.0199 0x1784  [ 86614752D2FAE34CCD9E7B2AABA5FBEC, AD5ADDACE7679B6BCCBFA3F3AFA7312B9A4CB2A0E79E199D609D2A8BB20C1723 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:46:44.0207 0x1784  MEIx64 - ok
23:46:44.0211 0x1784  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:46:44.0235 0x1784  MMCSS - ok
23:46:44.0239 0x1784  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:46:44.0262 0x1784  Modem - ok
23:46:44.0265 0x1784  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:46:44.0276 0x1784  monitor - ok
23:46:44.0279 0x1784  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:46:44.0287 0x1784  mouclass - ok
23:46:44.0291 0x1784  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:46:44.0301 0x1784  mouhid - ok
23:46:44.0305 0x1784  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:46:44.0314 0x1784  mountmgr - ok
23:46:44.0320 0x1784  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:46:44.0330 0x1784  MozillaMaintenance - ok
23:46:44.0338 0x1784  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:46:44.0354 0x1784  MpFilter - ok
23:46:44.0359 0x1784  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:46:44.0370 0x1784  mpio - ok
23:46:44.0374 0x1784  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:46:44.0399 0x1784  mpsdrv - ok
23:46:44.0416 0x1784  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:46:44.0456 0x1784  MpsSvc - ok
23:46:44.0462 0x1784  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:46:44.0475 0x1784  MRxDAV - ok
23:46:44.0480 0x1784  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:46:44.0506 0x1784  mrxsmb - ok
23:46:44.0514 0x1784  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:46:44.0540 0x1784  mrxsmb10 - ok
23:46:44.0545 0x1784  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:46:44.0565 0x1784  mrxsmb20 - ok
23:46:44.0569 0x1784  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:46:44.0577 0x1784  msahci - ok
23:46:44.0582 0x1784  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:46:44.0595 0x1784  msdsm - ok
23:46:44.0600 0x1784  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:46:44.0614 0x1784  MSDTC - ok
23:46:44.0619 0x1784  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:46:44.0642 0x1784  Msfs - ok
23:46:44.0645 0x1784  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:46:44.0667 0x1784  mshidkmdf - ok
23:46:44.0670 0x1784  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:46:44.0678 0x1784  msisadrv - ok
23:46:44.0686 0x1784  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:46:44.0715 0x1784  MSiSCSI - ok
23:46:44.0717 0x1784  msiserver - ok
23:46:44.0719 0x1784  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:46:44.0743 0x1784  MSKSSRV - ok
23:46:44.0749 0x1784  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:46:44.0758 0x1784  MsMpSvc - ok
23:46:44.0760 0x1784  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:46:44.0784 0x1784  MSPCLOCK - ok
23:46:44.0787 0x1784  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:46:44.0810 0x1784  MSPQM - ok
23:46:44.0819 0x1784  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:46:44.0834 0x1784  MsRPC - ok
23:46:44.0839 0x1784  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:46:44.0846 0x1784  mssmbios - ok
23:46:44.0849 0x1784  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:46:44.0872 0x1784  MSTEE - ok
23:46:44.0875 0x1784  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:46:44.0884 0x1784  MTConfig - ok
23:46:44.0888 0x1784  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:46:44.0897 0x1784  Mup - ok
23:46:44.0908 0x1784  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:46:44.0940 0x1784  napagent - ok
23:46:44.0949 0x1784  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:46:44.0968 0x1784  NativeWifiP - ok
23:46:44.0988 0x1784  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:46:45.0015 0x1784  NDIS - ok
23:46:45.0019 0x1784  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:46:45.0044 0x1784  NdisCap - ok
23:46:45.0047 0x1784  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:46:45.0071 0x1784  NdisTapi - ok
23:46:45.0074 0x1784  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:46:45.0098 0x1784  Ndisuio - ok
23:46:45.0103 0x1784  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:46:45.0129 0x1784  NdisWan - ok
23:46:45.0132 0x1784  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:46:45.0156 0x1784  NDProxy - ok
23:46:45.0159 0x1784  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:46:45.0183 0x1784  NetBIOS - ok
23:46:45.0191 0x1784  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:46:45.0219 0x1784  NetBT - ok
23:46:45.0222 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
23:46:45.0231 0x1784  Netlogon - ok
23:46:45.0241 0x1784  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:46:45.0272 0x1784  Netman - ok
23:46:45.0278 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0289 0x1784  NetMsmqActivator - ok
23:46:45.0294 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0304 0x1784  NetPipeActivator - ok
23:46:45.0316 0x1784  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:46:45.0349 0x1784  netprofm - ok
23:46:45.0354 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0365 0x1784  NetTcpActivator - ok
23:46:45.0370 0x1784  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:46:45.0380 0x1784  NetTcpPortSharing - ok
23:46:45.0384 0x1784  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:46:45.0392 0x1784  nfrd960 - ok
23:46:45.0398 0x1784  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:46:45.0409 0x1784  NisDrv - ok
23:46:45.0419 0x1784  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
23:46:45.0434 0x1784  NisSrv - ok
23:46:45.0443 0x1784  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:46:45.0459 0x1784  NlaSvc - ok
23:46:45.0462 0x1784  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:46:45.0487 0x1784  Npfs - ok
23:46:45.0490 0x1784  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:46:45.0514 0x1784  nsi - ok
23:46:45.0516 0x1784  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:46:45.0540 0x1784  nsiproxy - ok
23:46:45.0574 0x1784  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:46:45.0617 0x1784  Ntfs - ok
23:46:45.0628 0x1784  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
23:46:45.0645 0x1784  NTIOLib_1_0_4 - ok
23:46:45.0648 0x1784  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:46:45.0671 0x1784  Null - ok
23:46:45.0676 0x1784  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
23:46:45.0686 0x1784  nusb3hub - ok
23:46:45.0693 0x1784  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
23:46:45.0705 0x1784  nusb3xhc - ok
23:46:45.0712 0x1784  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:46:45.0734 0x1784  NVHDA - ok
23:46:45.0925 0x1784  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:46:46.0239 0x1784  nvlddmkm - ok
23:46:46.0284 0x1784  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:46:46.0330 0x1784  NvNetworkService - ok
23:46:46.0337 0x1784  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:46:46.0348 0x1784  nvraid - ok
23:46:46.0353 0x1784  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:46:46.0365 0x1784  nvstor - ok
23:46:46.0369 0x1784  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
23:46:46.0375 0x1784  NvStreamKms - ok
23:46:46.0377 0x1784  NvStreamSvc - ok
23:46:46.0397 0x1784  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:46:46.0423 0x1784  nvsvc - ok
23:46:46.0427 0x1784  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:46:46.0444 0x1784  nvvad_WaveExtensible - ok
23:46:46.0449 0x1784  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:46:46.0459 0x1784  nv_agp - ok
23:46:46.0471 0x1784  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:46:46.0487 0x1784  odserv - ok
23:46:46.0491 0x1784  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:46:46.0501 0x1784  ohci1394 - ok
23:46:46.0508 0x1784  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:46:46.0518 0x1784  ose - ok
23:46:46.0527 0x1784  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:46:46.0543 0x1784  p2pimsvc - ok
23:46:46.0555 0x1784  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:46:46.0573 0x1784  p2psvc - ok
23:46:46.0577 0x1784  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:46:46.0589 0x1784  Parport - ok
23:46:46.0593 0x1784  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:46:46.0602 0x1784  partmgr - ok
23:46:46.0608 0x1784  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:46:46.0621 0x1784  PcaSvc - ok
23:46:46.0627 0x1784  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:46:46.0638 0x1784  pci - ok
23:46:46.0641 0x1784  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:46:46.0649 0x1784  pciide - ok
23:46:46.0655 0x1784  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:46:46.0667 0x1784  pcmcia - ok
23:46:46.0671 0x1784  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:46:46.0679 0x1784  pcw - ok
23:46:46.0693 0x1784  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:46:46.0716 0x1784  PEAUTH - ok
23:46:46.0744 0x1784  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:46:46.0783 0x1784  PeerDistSvc - ok
23:46:46.0795 0x1784  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:46:46.0805 0x1784  PerfHost - ok
23:46:46.0861 0x1784  [ AE0B94363DA0F60D42B9D05B352F61ED, 284EA0123798BDBBAA93F912AD45B3D3F1F662FDDA5C73C0AC0D76AC2F9033C0 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
23:46:46.0926 0x1784  PID_PEPI - ok
23:46:46.0956 0x1784  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:46:47.0009 0x1784  pla - ok
23:46:47.0021 0x1784  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:46:47.0038 0x1784  PlugPlay - ok
23:46:47.0041 0x1784  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:46:47.0051 0x1784  PNRPAutoReg - ok
23:46:47.0059 0x1784  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:46:47.0073 0x1784  PNRPsvc - ok
23:46:47.0085 0x1784  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:46:47.0119 0x1784  PolicyAgent - ok
23:46:47.0127 0x1784  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:46:47.0153 0x1784  Power - ok
23:46:47.0158 0x1784  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:46:47.0182 0x1784  PptpMiniport - ok
23:46:47.0186 0x1784  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:46:47.0196 0x1784  Processor - ok
23:46:47.0203 0x1784  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:46:47.0218 0x1784  ProfSvc - ok
23:46:47.0221 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:46:47.0229 0x1784  ProtectedStorage - ok
23:46:47.0235 0x1784  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:46:47.0260 0x1784  Psched - ok
23:46:47.0289 0x1784  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:46:47.0329 0x1784  ql2300 - ok
23:46:47.0334 0x1784  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:46:47.0344 0x1784  ql40xx - ok
23:46:47.0352 0x1784  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:46:47.0369 0x1784  QWAVE - ok
23:46:47.0372 0x1784  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:46:47.0384 0x1784  QWAVEdrv - ok
23:46:47.0387 0x1784  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:46:47.0411 0x1784  RasAcd - ok
23:46:47.0415 0x1784  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:46:47.0439 0x1784  RasAgileVpn - ok
23:46:47.0444 0x1784  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:46:47.0469 0x1784  RasAuto - ok
23:46:47.0474 0x1784  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:46:47.0499 0x1784  Rasl2tp - ok
23:46:47.0509 0x1784  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:46:47.0539 0x1784  RasMan - ok
23:46:47.0544 0x1784  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:46:47.0569 0x1784  RasPppoe - ok
23:46:47.0573 0x1784  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:46:47.0599 0x1784  RasSstp - ok
23:46:47.0608 0x1784  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:46:47.0636 0x1784  rdbss - ok
23:46:47.0639 0x1784  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:46:47.0650 0x1784  rdpbus - ok
23:46:47.0652 0x1784  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:46:47.0674 0x1784  RDPCDD - ok
23:46:47.0681 0x1784  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:46:47.0694 0x1784  RDPDR - ok
23:46:47.0697 0x1784  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:46:47.0720 0x1784  RDPENCDD - ok
23:46:47.0724 0x1784  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:46:47.0747 0x1784  RDPREFMP - ok
23:46:47.0754 0x1784  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:46:47.0769 0x1784  RDPWD - ok
23:46:47.0776 0x1784  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:46:47.0788 0x1784  rdyboost - ok
23:46:47.0792 0x1784  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:46:47.0819 0x1784  RemoteAccess - ok
23:46:47.0825 0x1784  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:46:47.0852 0x1784  RemoteRegistry - ok
23:46:47.0856 0x1784  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:46:47.0882 0x1784  RpcEptMapper - ok
23:46:47.0885 0x1784  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:46:47.0896 0x1784  RpcLocator - ok
23:46:47.0908 0x1784  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:46:47.0939 0x1784  RpcSs - ok
23:46:47.0944 0x1784  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:46:47.0969 0x1784  rspndr - ok
23:46:47.0982 0x1784  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:46:48.0001 0x1784  RTL8167 - ok
23:46:48.0014 0x1784  [ 945AB249D12CBE044782430C6013AA1A, 912514C99A8AEEBECBFCB3632520C12F9CB8A8286BE1C70567C8E9D5416320DF ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
23:46:48.0033 0x1784  RTL8187B - ok
23:46:48.0036 0x1784  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:46:48.0047 0x1784  s3cap - ok
23:46:48.0050 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
23:46:48.0059 0x1784  SamSs - ok
23:46:48.0063 0x1784  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:46:48.0073 0x1784  sbp2port - ok
23:46:48.0080 0x1784  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:46:48.0109 0x1784  SCardSvr - ok
23:46:48.0112 0x1784  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:46:48.0136 0x1784  scfilter - ok
23:46:48.0158 0x1784  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:46:48.0194 0x1784  Schedule - ok
23:46:48.0199 0x1784  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:46:48.0222 0x1784  SCPolicySvc - ok
23:46:48.0228 0x1784  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:46:48.0240 0x1784  SDRSVC - ok
23:46:48.0244 0x1784  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:46:48.0255 0x1784  secdrv - ok
23:46:48.0258 0x1784  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:46:48.0281 0x1784  seclogon - ok
23:46:48.0285 0x1784  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
23:46:48.0310 0x1784  SENS - ok
23:46:48.0314 0x1784  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:46:48.0324 0x1784  SensrSvc - ok
23:46:48.0327 0x1784  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:46:48.0337 0x1784  Serenum - ok
23:46:48.0341 0x1784  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:46:48.0353 0x1784  Serial - ok
23:46:48.0356 0x1784  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:46:48.0366 0x1784  sermouse - ok
23:46:48.0373 0x1784  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:46:48.0399 0x1784  SessionEnv - ok
23:46:48.0402 0x1784  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:46:48.0413 0x1784  sffdisk - ok
23:46:48.0416 0x1784  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:46:48.0426 0x1784  sffp_mmc - ok
23:46:48.0429 0x1784  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:46:48.0440 0x1784  sffp_sd - ok
23:46:48.0442 0x1784  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:46:48.0452 0x1784  sfloppy - ok
23:46:48.0461 0x1784  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:46:48.0492 0x1784  SharedAccess - ok
23:46:48.0502 0x1784  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:46:48.0534 0x1784  ShellHWDetection - ok
23:46:48.0538 0x1784  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:46:48.0546 0x1784  SiSRaid2 - ok
23:46:48.0550 0x1784  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:46:48.0559 0x1784  SiSRaid4 - ok
23:46:48.0564 0x1784  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:46:48.0588 0x1784  Smb - ok
23:46:48.0593 0x1784  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:46:48.0605 0x1784  SNMPTRAP - ok
23:46:48.0607 0x1784  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:46:48.0616 0x1784  spldr - ok
23:46:48.0629 0x1784  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
23:46:48.0664 0x1784  Spooler - ok
23:46:48.0733 0x1784  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:46:48.0831 0x1784  sppsvc - ok
23:46:48.0837 0x1784  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:46:48.0862 0x1784  sppuinotify - ok
23:46:48.0864 0x1784  sptd - ok
23:46:48.0876 0x1784  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:46:48.0895 0x1784  srv - ok
23:46:48.0905 0x1784  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:46:48.0923 0x1784  srv2 - ok
23:46:48.0929 0x1784  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:46:48.0941 0x1784  srvnet - ok
23:46:48.0948 0x1784  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:46:48.0975 0x1784  SSDPSRV - ok
23:46:48.0979 0x1784  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:46:49.0005 0x1784  SstpSvc - ok
23:46:49.0023 0x1784  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:46:49.0044 0x1784  Steam Client Service - ok
23:46:49.0056 0x1784  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:46:49.0069 0x1784  Stereo Service - ok
23:46:49.0072 0x1784  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:46:49.0080 0x1784  stexstor - ok
23:46:49.0094 0x1784  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:46:49.0119 0x1784  stisvc - ok
23:46:49.0123 0x1784  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:46:49.0132 0x1784  storflt - ok
23:46:49.0135 0x1784  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
23:46:49.0145 0x1784  StorSvc - ok
23:46:49.0148 0x1784  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:46:49.0156 0x1784  storvsc - ok
23:46:49.0159 0x1784  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:46:49.0166 0x1784  swenum - ok
23:46:49.0178 0x1784  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:46:49.0213 0x1784  swprv - ok
23:46:49.0248 0x1784  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:46:49.0297 0x1784  SysMain - ok
23:46:49.0302 0x1784  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:46:49.0317 0x1784  TabletInputService - ok
23:46:49.0325 0x1784  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:46:49.0354 0x1784  TapiSrv - ok
23:46:49.0359 0x1784  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:46:49.0383 0x1784  TBS - ok
23:46:49.0420 0x1784  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:46:49.0468 0x1784  Tcpip - ok
23:46:49.0506 0x1784  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:46:49.0545 0x1784  TCPIP6 - ok
23:46:49.0552 0x1784  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:46:49.0575 0x1784  tcpipreg - ok
23:46:49.0579 0x1784  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:46:49.0594 0x1784  TDPIPE - ok
23:46:49.0597 0x1784  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:46:49.0607 0x1784  TDTCP - ok
23:46:49.0612 0x1784  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:46:49.0634 0x1784  tdx - ok
23:46:49.0638 0x1784  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:46:49.0647 0x1784  TermDD - ok
23:46:49.0664 0x1784  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:46:49.0692 0x1784  TermService - ok
23:46:49.0698 0x1784  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:46:49.0711 0x1784  Themes - ok
23:46:49.0714 0x1784  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:46:49.0739 0x1784  THREADORDER - ok
23:46:49.0746 0x1784  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:46:49.0773 0x1784  TrkWks - ok
23:46:49.0780 0x1784  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:46:49.0805 0x1784  TrustedInstaller - ok
23:46:49.0813 0x1784  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:46:49.0823 0x1784  tssecsrv - ok
23:46:49.0827 0x1784  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:46:49.0838 0x1784  TsUsbFlt - ok
23:46:49.0845 0x1784  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:46:49.0871 0x1784  tunnel - ok
23:46:49.0875 0x1784  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:46:49.0884 0x1784  uagp35 - ok
23:46:49.0894 0x1784  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:46:49.0924 0x1784  udfs - ok
23:46:49.0932 0x1784  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:46:49.0943 0x1784  UI0Detect - ok
23:46:49.0947 0x1784  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:46:49.0955 0x1784  uliagpkx - ok
23:46:49.0959 0x1784  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
23:46:49.0968 0x1784  umbus - ok
23:46:49.0974 0x1784  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:46:49.0987 0x1784  UmPass - ok
23:46:49.0995 0x1784  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:46:50.0012 0x1784  UmRdpService - ok
23:46:50.0022 0x1784  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:46:50.0053 0x1784  upnphost - ok
23:46:50.0059 0x1784  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:46:50.0070 0x1784  usbaudio - ok
23:46:50.0075 0x1784  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:46:50.0093 0x1784  usbccgp - ok
23:46:50.0098 0x1784  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:46:50.0110 0x1784  usbcir - ok
23:46:50.0113 0x1784  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:46:50.0123 0x1784  usbehci - ok
23:46:50.0132 0x1784  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:46:50.0148 0x1784  usbhub - ok
23:46:50.0152 0x1784  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:46:50.0161 0x1784  usbohci - ok
23:46:50.0164 0x1784  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:46:50.0174 0x1784  usbprint - ok
23:46:50.0179 0x1784  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:46:50.0198 0x1784  USBSTOR - ok
23:46:50.0201 0x1784  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:46:50.0210 0x1784  usbuhci - ok
23:46:50.0214 0x1784  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:46:50.0238 0x1784  UxSms - ok
23:46:50.0241 0x1784  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
23:46:50.0249 0x1784  VaultSvc - ok
23:46:50.0256 0x1784  [ 8FD4BE594B4247E534E5D7CADA47FF20, A1D4DF89FAE48B2A6E3443C49533000A3E13A3CE1C18D8DB5DAEE4DDD9C51E88 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
23:46:50.0267 0x1784  VBoxNetAdp - ok
23:46:50.0270 0x1784  VBoxNetFlt - ok
23:46:50.0274 0x1784  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:46:50.0283 0x1784  vdrvroot - ok
23:46:50.0295 0x1784  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:46:50.0327 0x1784  vds - ok
23:46:50.0331 0x1784  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:46:50.0342 0x1784  vga - ok
23:46:50.0345 0x1784  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave

benjay · 04.01.2016, 23:52

...und Teil zwei

Code:

ATTFilter

C:\Windows\System32\drivers\vga.sys
23:46:50.0370 0x1784  VgaSave - ok
23:46:50.0377 0x1784  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:46:50.0389 0x1784  vhdmp - ok
23:46:50.0392 0x1784  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:46:50.0400 0x1784  viaide - ok
23:46:50.0407 0x1784  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:46:50.0419 0x1784  vmbus - ok
23:46:50.0422 0x1784  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:46:50.0431 0x1784  VMBusHID - ok
23:46:50.0434 0x1784  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:46:50.0443 0x1784  volmgr - ok
23:46:50.0453 0x1784  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:46:50.0468 0x1784  volmgrx - ok
23:46:50.0476 0x1784  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:46:50.0490 0x1784  volsnap - ok
23:46:50.0497 0x1784  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:46:50.0508 0x1784  vsmraid - ok
23:46:50.0540 0x1784  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:46:50.0600 0x1784  VSS - ok
23:46:50.0604 0x1784  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:46:50.0616 0x1784  vwifibus - ok
23:46:50.0620 0x1784  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:46:50.0633 0x1784  vwififlt - ok
23:46:50.0643 0x1784  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:46:50.0660 0x0ba0  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
23:46:50.0679 0x1784  W32Time - ok
23:46:50.0683 0x1784  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:46:50.0692 0x1784  WacomPen - ok
23:46:50.0697 0x1784  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:46:50.0721 0x1784  WANARP - ok
23:46:50.0725 0x1784  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:46:50.0747 0x1784  Wanarpv6 - ok
23:46:50.0777 0x1784  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:46:50.0815 0x1784  wbengine - ok
23:46:50.0823 0x1784  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:46:50.0840 0x1784  WbioSrvc - ok
23:46:50.0850 0x1784  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:46:50.0871 0x1784  wcncsvc - ok
23:46:50.0875 0x1784  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:46:50.0886 0x1784  WcsPlugInService - ok
23:46:50.0889 0x1784  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:46:50.0897 0x1784  Wd - ok
23:46:50.0915 0x1784  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:46:50.0940 0x1784  Wdf01000 - ok
23:46:50.0945 0x1784  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:46:50.0975 0x1784  WdiServiceHost - ok
23:46:50.0979 0x1784  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:46:50.0993 0x1784  WdiSystemHost - ok
23:46:51.0000 0x1784  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
23:46:51.0017 0x1784  WebClient - ok
23:46:51.0025 0x1784  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:46:51.0054 0x1784  Wecsvc - ok
23:46:51.0058 0x1784  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:46:51.0083 0x1784  wercplsupport - ok
23:46:51.0088 0x1784  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:46:51.0114 0x1784  WerSvc - ok
23:46:51.0118 0x1784  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:46:51.0140 0x1784  WfpLwf - ok
23:46:51.0143 0x1784  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:46:51.0151 0x1784  WIMMount - ok
23:46:51.0154 0x1784  WinDefend - ok
23:46:51.0158 0x1784  WinHttpAutoProxySvc - ok
23:46:51.0168 0x1784  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:46:51.0198 0x1784  Winmgmt - ok
23:46:51.0238 0x1784  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:46:51.0305 0x1784  WinRM - ok
23:46:51.0314 0x1784  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:46:51.0334 0x1784  WinUsb - ok
23:46:51.0354 0x1784  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:46:51.0385 0x1784  Wlansvc - ok
23:46:51.0432 0x1784  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:46:51.0487 0x1784  wlidsvc - ok
23:46:51.0492 0x1784  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:46:51.0501 0x1784  WmiAcpi - ok
23:46:51.0508 0x1784  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:46:51.0522 0x1784  wmiApSrv - ok
23:46:51.0525 0x1784  WMPNetworkSvc - ok
23:46:51.0528 0x1784  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:46:51.0538 0x1784  WPCSvc - ok
23:46:51.0543 0x1784  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:46:51.0559 0x1784  WPDBusEnum - ok
23:46:51.0562 0x1784  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:46:51.0586 0x1784  ws2ifsl - ok
23:46:51.0591 0x1784  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
23:46:51.0605 0x1784  wscsvc - ok
23:46:51.0607 0x1784  WSearch - ok
23:46:51.0657 0x1784  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:46:51.0725 0x1784  wuauserv - ok
23:46:51.0731 0x1784  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:46:51.0743 0x1784  WudfPf - ok
23:46:51.0750 0x1784  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:46:51.0763 0x1784  WUDFRd - ok
23:46:51.0768 0x1784  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:46:51.0778 0x1784  wudfsvc - ok
23:46:51.0785 0x1784  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:46:51.0803 0x1784  WwanSvc - ok
23:46:51.0808 0x1784  ================ Scan global ===============================
23:46:51.0811 0x1784  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:46:51.0818 0x1784  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
23:46:51.0828 0x1784  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
23:46:51.0834 0x1784  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:46:51.0843 0x1784  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:46:51.0849 0x1784  [ Global ] - ok
23:46:51.0849 0x1784  ================ Scan MBR ==================================
23:46:51.0851 0x1784  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:46:52.0070 0x1784  \Device\Harddisk0\DR0 - ok
23:46:52.0072 0x1784  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:46:52.0210 0x1784  \Device\Harddisk1\DR1 - ok
23:46:52.0212 0x1784  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
23:46:52.0260 0x1784  \Device\Harddisk2\DR2 - ok
23:46:52.0260 0x1784  ================ Scan VBR ==================================
23:46:52.0262 0x1784  [ F6837954E147B634BF2AD664FABF4BF6 ] \Device\Harddisk0\DR0\Partition1
23:46:52.0264 0x1784  \Device\Harddisk0\DR0\Partition1 - ok
23:46:52.0266 0x1784  [ DCE858D6C9F7CCF09DA9BDF4C36D0E67 ] \Device\Harddisk0\DR0\Partition2
23:46:52.0267 0x1784  \Device\Harddisk0\DR0\Partition2 - ok
23:46:52.0269 0x1784  [ E13FBCCC5B05C0E2070179038181A67E ] \Device\Harddisk1\DR1\Partition1
23:46:52.0328 0x1784  \Device\Harddisk1\DR1\Partition1 - ok
23:46:52.0330 0x1784  [ 8609533CF3BD113BA1BE72FB9BF6BA11 ] \Device\Harddisk1\DR1\Partition2
23:46:52.0371 0x1784  \Device\Harddisk1\DR1\Partition2 - ok
23:46:52.0373 0x1784  [ 383E4B4A5D3DF421AE29D47974C36C85 ] \Device\Harddisk1\DR1\Partition3
23:46:52.0374 0x1784  \Device\Harddisk1\DR1\Partition3 - ok
23:46:52.0376 0x1784  [ E04879AC8DB84D84DA8065AEFE045809 ] \Device\Harddisk1\DR1\Partition4
23:46:52.0377 0x1784  \Device\Harddisk1\DR1\Partition4 - ok
23:46:52.0378 0x1784  [ A6DBB8959C2F94376654F12B80365952 ] \Device\Harddisk2\DR2\Partition1
23:46:52.0379 0x1784  \Device\Harddisk2\DR2\Partition1 - ok
23:46:52.0380 0x1784  ================ Scan generic autorun ======================
23:46:52.0407 0x1784  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
23:46:52.0445 0x1784  MSC - ok
23:46:52.0499 0x1784  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:46:52.0559 0x1784  NvBackend - ok
23:46:52.0564 0x1784  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
23:46:52.0574 0x1784  ShadowPlay - ok
23:46:52.0585 0x1784  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
23:46:52.0596 0x1784  Cmaudio8788 - ok
23:46:52.0602 0x1784  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
23:46:52.0610 0x1784  Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
23:46:53.0396 0x0ba0  Object send P2P result: true
23:46:53.0396 0x0ba0  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
23:46:54.0908 0x1784  Detect skipped due to KSN trusted
23:46:54.0908 0x1784  Cmaudio8788GX - ok
23:46:54.0916 0x1784  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
23:46:54.0924 0x1784  Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
23:46:55.0801 0x0ba0  Object send P2P result: true
23:46:55.0801 0x0ba0  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
23:46:57.0223 0x1784  Detect skipped due to KSN trusted
23:46:57.0223 0x1784  Cmaudio8788GX64 - ok
23:46:57.0243 0x1784  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
23:46:57.0264 0x1784  avgnt - ok
23:46:57.0270 0x1784  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
23:46:57.0278 0x1784  NUSB3MON - ok
23:46:57.0285 0x1784  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:46:57.0298 0x1784  SunJavaUpdateSched - ok
23:46:57.0302 0x1784  [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:46:57.0348 0x1784  Avira SystrayStartTrigger - ok
23:46:57.0348 0x1784  Waiting for KSN requests completion. In queue: 418
23:46:58.0199 0x0ba0  Object send P2P result: true
23:46:58.0199 0x0ba0  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
23:46:58.0348 0x1784  Waiting for KSN requests completion. In queue: 417
23:46:59.0348 0x1784  Waiting for KSN requests completion. In queue: 293
23:46:59.0645 0x1568  Object required for P2P: [ 3405A4A63018892F31E61C01E9A0313E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:47:00.0348 0x1784  Waiting for KSN requests completion. In queue: 290
23:47:00.0615 0x0ba0  Object send P2P result: true
23:47:00.0616 0x0ba0  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
23:47:01.0348 0x1784  Waiting for KSN requests completion. In queue: 274
23:47:02.0049 0x1568  Object send P2P result: true
23:47:02.0348 0x1784  Waiting for KSN requests completion. In queue: 273
23:47:03.0019 0x0ba0  Object send P2P result: true
23:47:03.0358 0x1784  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
23:47:03.0358 0x1784  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
23:47:03.0361 0x1784  Win FW state via NFP2: enabled ( trusted )
23:47:05.0720 0x1784  ============================================================
23:47:05.0720 0x1784  Scan finished
23:47:05.0720 0x1784  ============================================================
23:47:05.0725 0x03ec  Detected object count: 0
23:47:05.0725 0x03ec  Actual detected object count: 0
23:49:03.0113 0x17f4  ============================================================
23:49:03.0113 0x17f4  Scan started
23:49:03.0113 0x17f4  Mode: Manual; SigCheck; TDLFS; 
23:49:03.0113 0x17f4  ============================================================
23:49:03.0113 0x17f4  KSN ping started
23:49:16.0401 0x17f4  KSN ping finished: true
23:49:16.0879 0x17f4  ================ Scan system memory ========================
23:49:16.0879 0x17f4  System memory - ok
23:49:16.0880 0x17f4  ================ Scan services =============================
23:49:16.0914 0x17f4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:49:16.0932 0x17f4  1394ohci - ok
23:49:16.0943 0x17f4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:49:16.0956 0x17f4  ACPI - ok
23:49:16.0959 0x17f4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:49:16.0969 0x17f4  AcpiPmi - ok
23:49:16.0981 0x17f4  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:49:16.0985 0x17f4  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
23:49:16.0985 0x17f4  Detect skipped due to KSN trusted
23:49:16.0985 0x17f4  Adobe LM Service - ok
23:49:17.0005 0x17f4  [ 84DB0A40692CF8A58D1E3710FA5D121F, 0C29C59CAF056C79F56957DB06A8CF480D5BD7BDF6A4F0E9A72653806CF154D0 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:49:17.0016 0x17f4  AdobeFlashPlayerUpdateSvc - ok
23:49:17.0031 0x17f4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:49:17.0046 0x17f4  adp94xx - ok
23:49:17.0060 0x17f4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:49:17.0073 0x17f4  adpahci - ok
23:49:17.0081 0x17f4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:49:17.0091 0x17f4  adpu320 - ok
23:49:17.0096 0x17f4  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:49:17.0120 0x17f4  AeLookupSvc - ok
23:49:17.0136 0x17f4  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
23:49:17.0153 0x17f4  AFD - ok
23:49:17.0157 0x17f4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
23:49:17.0166 0x17f4  agp440 - ok
23:49:17.0169 0x17f4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
23:49:17.0179 0x17f4  ALG - ok
23:49:17.0182 0x17f4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:49:17.0189 0x17f4  aliide - ok
23:49:17.0199 0x17f4  [ E20DDDFBD0DBE7D8EAD4D7A51D654367, 62164C58655318E7453C6136BE845091D6244A69BD762F1D588605670BA66B12 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:49:17.0213 0x17f4  AMD External Events Utility - ok
23:49:17.0216 0x17f4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
23:49:17.0223 0x17f4  amdide - ok
23:49:17.0228 0x17f4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:49:17.0237 0x17f4  AmdK8 - ok
23:49:17.0484 0x17f4  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:49:17.0696 0x17f4  amdkmdag - ok
23:49:17.0717 0x17f4  [ 6C25C497E05EFD0CB6033A0444FC9B51, 318318F06545869D5E17C6CC9E48109790C2F3A5E65779CB1569A10610136B34 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:49:17.0733 0x17f4  amdkmdap - ok
23:49:17.0738 0x17f4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:49:17.0747 0x17f4  AmdPPM - ok
23:49:17.0751 0x17f4  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:49:17.0760 0x17f4  amdsata - ok
23:49:17.0767 0x17f4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:49:17.0777 0x17f4  amdsbs - ok
23:49:17.0781 0x17f4  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:49:17.0791 0x17f4  amdxata - ok
23:49:17.0813 0x17f4  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
23:49:17.0837 0x17f4  AntiVirMailService - ok
23:49:17.0838 0x17f4  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
23:49:20.0246 0x17f4  Object send P2P result: true
23:49:20.0259 0x17f4  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:49:20.0275 0x17f4  AntiVirSchedulerService - ok
23:49:20.0275 0x17f4  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
23:49:22.0685 0x17f4  Object send P2P result: true
23:49:22.0698 0x17f4  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:49:22.0714 0x17f4  AntiVirService - ok
23:49:22.0714 0x17f4  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
23:49:25.0118 0x17f4  Object send P2P result: true
23:49:25.0146 0x17f4  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
23:49:25.0178 0x17f4  AntiVirWebService - ok
23:49:25.0179 0x17f4  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
23:49:27.0588 0x17f4  Object send P2P result: true
23:49:27.0592 0x17f4  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
23:49:27.0601 0x17f4  AppID - ok
23:49:27.0604 0x17f4  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:49:27.0613 0x17f4  AppIDSvc - ok
23:49:27.0617 0x17f4  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
23:49:27.0626 0x17f4  Appinfo - ok
23:49:27.0633 0x17f4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:49:27.0644 0x17f4  AppMgmt - ok
23:49:27.0648 0x17f4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:49:27.0657 0x17f4  arc - ok
23:49:27.0662 0x17f4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:49:27.0671 0x17f4  arcsas - ok
23:49:27.0681 0x17f4  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:49:27.0691 0x17f4  aspnet_state - ok
23:49:27.0694 0x17f4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:49:27.0717 0x17f4  AsyncMac - ok
23:49:27.0720 0x17f4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
23:49:27.0727 0x17f4  atapi - ok
23:49:27.0765 0x17f4  [ EA0AF9B866DF07E8FE6C2342585788B0, BE8E799C1ED36B9DC6BEAB40E8B460464C01014DEC021760FB19626C77550792 ] athur           C:\Windows\system32\DRIVERS\athurx.sys
23:49:27.0805 0x17f4  athur - ok
23:49:28.0025 0x17f4  [ 4284FB1240537A33E6EC417EFD87D40F, DAD37EBDCD57C8559FD9395AED7FA85BCA1EDB0337CD2A4F7613E869D859B3F2 ] atikmdag        C:\Windows\system32\drivers\atikmdag.sys
23:49:28.0237 0x17f4  atikmdag - ok
23:49:28.0255 0x17f4  [ 64F07381335E37C142F6D176705FFCA6, 8F7F633B891FE653D3298578897711A04E7B2B08E51CEE131C50102EFD45AC0E ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
23:49:28.0268 0x17f4  atksgt - ok
23:49:28.0284 0x17f4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:49:28.0305 0x17f4  AudioEndpointBuilder - ok
23:49:28.0319 0x17f4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:49:28.0339 0x17f4  AudioSrv - ok
23:49:28.0346 0x17f4  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
23:49:28.0356 0x17f4  avgntflt - ok
23:49:28.0361 0x17f4  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
23:49:28.0371 0x17f4  avipbb - ok
23:49:28.0379 0x17f4  [ 2027E82463B6F6BB4D2A5BAF09202BA8, 7E61DEAC45F710F62C388177B43D99F3C39B89CEFCEFCC581DF12201C8CDB23C ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
23:49:28.0391 0x17f4  Avira.ServiceHost - ok
23:49:28.0391 0x17f4  Object required for P2P: [ 2027E82463B6F6BB4D2A5BAF09202BA8 ] Avira.ServiceHost
23:49:30.0797 0x17f4  Object send P2P result: true
23:49:30.0800 0x17f4  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
23:49:30.0808 0x17f4  avkmgr - ok
23:49:30.0812 0x17f4  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
23:49:30.0821 0x17f4  avnetflt - ok
23:49:30.0825 0x17f4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:49:30.0839 0x17f4  AxInstSV - ok
23:49:30.0850 0x17f4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:49:30.0866 0x17f4  b06bdrv - ok
23:49:30.0875 0x17f4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:49:30.0888 0x17f4  b57nd60a - ok
23:49:30.0893 0x17f4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:49:30.0903 0x17f4  BDESVC - ok
23:49:30.0905 0x17f4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:49:30.0928 0x17f4  Beep - ok
23:49:30.0944 0x17f4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
23:49:30.0965 0x17f4  BFE - ok
23:49:30.0984 0x17f4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
23:49:31.0021 0x17f4  BITS - ok
23:49:31.0025 0x17f4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:49:31.0034 0x17f4  blbdrive - ok
23:49:31.0038 0x17f4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:49:31.0048 0x17f4  bowser - ok
23:49:31.0051 0x17f4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:49:31.0061 0x17f4  BrFiltLo - ok
23:49:31.0064 0x17f4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:49:31.0074 0x17f4  BrFiltUp - ok
23:49:31.0079 0x17f4  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
23:49:31.0103 0x17f4  BridgeMP - ok
23:49:31.0109 0x17f4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
23:49:31.0120 0x17f4  Browser - ok
23:49:31.0128 0x17f4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:49:31.0142 0x17f4  Brserid - ok
23:49:31.0146 0x17f4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:49:31.0157 0x17f4  BrSerWdm - ok
23:49:31.0159 0x17f4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:49:31.0169 0x17f4  BrUsbMdm - ok
23:49:31.0172 0x17f4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:49:31.0180 0x17f4  BrUsbSer - ok
23:49:31.0184 0x17f4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:49:31.0195 0x17f4  BTHMODEM - ok
23:49:31.0200 0x17f4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
23:49:31.0224 0x17f4  bthserv - ok
23:49:31.0225 0x17f4  catchme - ok
23:49:31.0229 0x17f4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:49:31.0253 0x17f4  cdfs - ok
23:49:31.0259 0x17f4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:49:31.0269 0x17f4  cdrom - ok
23:49:31.0273 0x17f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
23:49:31.0297 0x17f4  CertPropSvc - ok
23:49:31.0300 0x17f4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:49:31.0311 0x17f4  circlass - ok
23:49:31.0320 0x17f4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
23:49:31.0334 0x17f4  CLFS - ok
23:49:31.0340 0x17f4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:49:31.0348 0x17f4  clr_optimization_v2.0.50727_32 - ok
23:49:31.0353 0x17f4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:49:31.0362 0x17f4  clr_optimization_v2.0.50727_64 - ok
23:49:31.0369 0x17f4  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:49:31.0379 0x17f4  clr_optimization_v4.0.30319_32 - ok
23:49:31.0383 0x17f4  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:49:31.0393 0x17f4  clr_optimization_v4.0.30319_64 - ok
23:49:31.0396 0x17f4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:49:31.0405 0x17f4  CmBatt - ok
23:49:31.0407 0x17f4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:49:31.0415 0x17f4  cmdide - ok
23:49:31.0466 0x17f4  [ 2A01CA9628F36208A7D188F34B295192, 336532A03600759C8D243A0E8AAE334EB741EFE89165C1BE08339AE1EC5838B1 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
23:49:31.0519 0x17f4  cmudaxp - ok
23:49:31.0533 0x17f4  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
23:49:31.0552 0x17f4  CNG - ok
23:49:31.0555 0x17f4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:49:31.0563 0x17f4  Compbatt - ok
23:49:31.0566 0x17f4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:49:31.0577 0x17f4  CompositeBus - ok
23:49:31.0579 0x17f4  COMSysApp - ok
23:49:31.0582 0x17f4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:49:31.0590 0x17f4  crcdisk - ok
23:49:31.0597 0x17f4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:49:31.0610 0x17f4  CryptSvc - ok
23:49:31.0622 0x17f4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
23:49:31.0639 0x17f4  CSC - ok
23:49:31.0655 0x17f4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
23:49:31.0675 0x17f4  CscService - ok
23:49:31.0688 0x17f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:49:31.0720 0x17f4  DcomLaunch - ok
23:49:31.0728 0x17f4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:49:31.0757 0x17f4  defragsvc - ok
23:49:31.0761 0x17f4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:49:31.0785 0x17f4  DfsC - ok
23:49:31.0794 0x17f4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:49:31.0823 0x17f4  Dhcp - ok
23:49:31.0826 0x17f4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
23:49:31.0849 0x17f4  discache - ok
23:49:31.0853 0x17f4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:49:31.0861 0x17f4  Disk - ok
23:49:31.0867 0x17f4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:49:31.0879 0x17f4  Dnscache - ok
23:49:31.0886 0x17f4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:49:31.0913 0x17f4  dot3svc - ok
23:49:31.0919 0x17f4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
23:49:31.0944 0x17f4  DPS - ok
23:49:31.0947 0x17f4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:49:31.0955 0x17f4  drmkaud - ok
23:49:31.0963 0x17f4  [ 400582B09E0BB557D0EC28A945150EEB, 605AC0DF14F9F64B72604968CC4C02725E8D5C879D6DB1B2B5D9598B902FC9D0 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:49:31.0973 0x17f4  dtsoftbus01 - ok
23:49:31.0994 0x17f4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:49:32.0018 0x17f4  DXGKrnl - ok
23:49:32.0024 0x17f4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
23:49:32.0049 0x17f4  EapHost - ok
23:49:32.0110 0x17f4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:49:32.0174 0x17f4  ebdrv - ok
23:49:32.0179 0x17f4  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
23:49:32.0188 0x17f4  EFS - ok
23:49:32.0204 0x17f4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:49:32.0225 0x17f4  ehRecvr - ok
23:49:32.0230 0x17f4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
23:49:32.0240 0x17f4  ehSched - ok
23:49:32.0253 0x17f4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:49:32.0269 0x17f4  elxstor - ok
23:49:32.0272 0x17f4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:49:32.0280 0x17f4  ErrDev - ok
23:49:32.0292 0x17f4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
23:49:32.0323 0x17f4  EventSystem - ok
23:49:32.0327 0x17f4  [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys
23:49:32.0334 0x17f4  EvolveVirtualAdapter - ok
23:49:32.0340 0x17f4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
23:49:32.0367 0x17f4  exfat - ok
23:49:32.0373 0x17f4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:49:32.0399 0x17f4  fastfat - ok
23:49:32.0415 0x17f4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
23:49:32.0435 0x17f4  Fax - ok
23:49:32.0438 0x17f4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:49:32.0446 0x17f4  fdc - ok
23:49:32.0449 0x17f4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
23:49:32.0472 0x17f4  fdPHost - ok
23:49:32.0475 0x17f4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:49:32.0499 0x17f4  FDResPub - ok
23:49:32.0503 0x17f4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:49:32.0511 0x17f4  FileInfo - ok
23:49:32.0514 0x17f4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:49:32.0538 0x17f4  Filetrace - ok
23:49:32.0541 0x17f4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:49:32.0549 0x17f4  flpydisk - ok
23:49:32.0557 0x17f4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:49:32.0569 0x17f4  FltMgr - ok
23:49:32.0593 0x17f4  [ BCB16AE33AA58E0042F3EF34CFB6396A, E8ADA10DE60A94E4BABE9FCA6D0AA83B11520C092D49057E17F6C6059D35A323 ] FontCache       C:\Windows\system32\FntCache.dll
23:49:32.0622 0x17f4  FontCache - ok
23:49:32.0627 0x17f4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:49:32.0634 0x17f4  FontCache3.0.0.0 - ok
23:49:32.0637 0x17f4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:49:32.0645 0x17f4  FsDepends - ok
23:49:32.0648 0x17f4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:49:32.0655 0x17f4  Fs_Rec - ok
23:49:32.0662 0x17f4  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:49:32.0675 0x17f4  fvevol - ok
23:49:32.0679 0x17f4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:49:32.0687 0x17f4  gagp30kx - ok
23:49:32.0712 0x17f4  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
23:49:32.0738 0x17f4  GfExperienceService - ok
23:49:32.0756 0x17f4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:49:32.0792 0x17f4  gpsvc - ok
23:49:32.0798 0x17f4  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:49:32.0807 0x17f4  gupdate - ok
23:49:32.0812 0x17f4  [ 0C03FB91E17987EED93F60007B08DAA0, BF4549F45FA1B291339E5053738B95BA50F021225F294F7B1ED9DACBD09BA426 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:49:32.0820 0x17f4  gupdatem - ok
23:49:32.0823 0x17f4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:49:32.0832 0x17f4  hcw85cir - ok
23:49:32.0841 0x17f4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:49:32.0857 0x17f4  HdAudAddService - ok
23:49:32.0862 0x17f4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:49:32.0874 0x17f4  HDAudBus - ok
23:49:32.0877 0x17f4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:49:32.0886 0x17f4  HidBatt - ok
23:49:32.0890 0x17f4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth

benjay · 04.01.2016, 23:53

...und drei

Code:

ATTFilter

C:\Windows\system32\DRIVERS\hidbth.sys
23:49:32.0901 0x17f4  HidBth - ok
23:49:32.0904 0x17f4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:49:32.0915 0x17f4  HidIr - ok
23:49:32.0918 0x17f4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
23:49:32.0942 0x17f4  hidserv - ok
23:49:32.0945 0x17f4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:49:32.0953 0x17f4  HidUsb - ok
23:49:32.0957 0x17f4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:49:32.0982 0x17f4  hkmsvc - ok
23:49:32.0989 0x17f4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:49:33.0001 0x17f4  HomeGroupListener - ok
23:49:33.0008 0x17f4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:49:33.0019 0x17f4  HomeGroupProvider - ok
23:49:33.0023 0x17f4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:49:33.0032 0x17f4  HpSAMD - ok
23:49:33.0048 0x17f4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:49:33.0069 0x17f4  HTTP - ok
23:49:33.0072 0x17f4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:49:33.0080 0x17f4  hwpolicy - ok
23:49:33.0084 0x17f4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:49:33.0094 0x17f4  i8042prt - ok
23:49:33.0104 0x17f4  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:49:33.0118 0x17f4  iaStorV - ok
23:49:33.0138 0x17f4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:49:33.0160 0x17f4  idsvc - ok
23:49:33.0163 0x17f4  IEEtwCollectorService - ok
23:49:33.0166 0x17f4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:49:33.0174 0x17f4  iirsp - ok
23:49:33.0192 0x17f4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
23:49:33.0215 0x17f4  IKEEXT - ok
23:49:33.0219 0x17f4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:49:33.0227 0x17f4  intelide - ok
23:49:33.0231 0x17f4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:49:33.0241 0x17f4  intelppm - ok
23:49:33.0245 0x17f4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:49:33.0270 0x17f4  IPBusEnum - ok
23:49:33.0274 0x17f4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:49:33.0297 0x17f4  IpFilterDriver - ok
23:49:33.0310 0x17f4  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:49:33.0342 0x17f4  iphlpsvc - ok
23:49:33.0347 0x17f4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:49:33.0357 0x17f4  IPMIDRV - ok
23:49:33.0362 0x17f4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:49:33.0387 0x17f4  IPNAT - ok
23:49:33.0390 0x17f4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:49:33.0401 0x17f4  IRENUM - ok
23:49:33.0404 0x17f4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:49:33.0412 0x17f4  isapnp - ok
23:49:33.0420 0x17f4  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:49:33.0432 0x17f4  iScsiPrt - ok
23:49:33.0436 0x17f4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:49:33.0443 0x17f4  kbdclass - ok
23:49:33.0446 0x17f4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:49:33.0455 0x17f4  kbdhid - ok
23:49:33.0458 0x17f4  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
23:49:33.0467 0x17f4  KeyIso - ok
23:49:33.0471 0x17f4  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:49:33.0480 0x17f4  KSecDD - ok
23:49:33.0485 0x17f4  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:49:33.0495 0x17f4  KSecPkg - ok
23:49:33.0498 0x17f4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:49:33.0521 0x17f4  ksthunk - ok
23:49:33.0530 0x17f4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:49:33.0560 0x17f4  KtmRm - ok
23:49:33.0567 0x17f4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
23:49:33.0594 0x17f4  LanmanServer - ok
23:49:33.0599 0x17f4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:49:33.0624 0x17f4  LanmanWorkstation - ok
23:49:33.0629 0x17f4  [ 83BA097ACAAD0B00505634A62D90F93A, 6F1FE2F413A4A939D2D921F537EBB9330E2A65A7C38BD380CF9405792FD03052 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
23:49:33.0636 0x17f4  lirsgt - ok
23:49:33.0640 0x17f4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:49:33.0663 0x17f4  lltdio - ok
23:49:33.0671 0x17f4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:49:33.0699 0x17f4  lltdsvc - ok
23:49:33.0702 0x17f4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:49:33.0726 0x17f4  lmhosts - ok
23:49:33.0731 0x17f4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:49:33.0740 0x17f4  LSI_FC - ok
23:49:33.0744 0x17f4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:49:33.0754 0x17f4  LSI_SAS - ok
23:49:33.0757 0x17f4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:49:33.0765 0x17f4  LSI_SAS2 - ok
23:49:33.0769 0x17f4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:49:33.0779 0x17f4  LSI_SCSI - ok
23:49:33.0783 0x17f4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
23:49:33.0808 0x17f4  luafv - ok
23:49:33.0811 0x17f4  [ 4A503882318BB2F59218D401614E6AF6, 678FDE29EAE20353E780F53CFB9E79EA8B43E1E8BAC77890C178918DC5CCBA0E ] lvpepf64        C:\Windows\system32\DRIVERS\lv302a64.sys
23:49:33.0817 0x17f4  lvpepf64 - ok
23:49:33.0826 0x17f4  [ 125AE13C293889001B8456CF3EB04A40, EB4B7135691935A9AC515099ED8C2767BC02308068AB9BEB2869B6E841268848 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
23:49:33.0837 0x17f4  LVRS64 - ok
23:49:33.0839 0x17f4  Maplom - ok
23:49:33.0841 0x17f4  MaplomL - ok
23:49:33.0844 0x17f4  [ CFBC6C6D8A492697CABD1D353EE64933, DDAA844908324740C891EB8F08E2A8BB00457063B31C4A762745C1C2415FC12D ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
23:49:33.0851 0x17f4  MBAMProtector - ok
23:49:33.0875 0x17f4  [ 40C126CB15FAB7D6C66490DCA9C1AED2, B32CEE2D2409232C245427D5E9647FDF59AF1D8AB5E8A98EE2D1F1314599FD14 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
23:49:33.0900 0x17f4  MBAMService - ok
23:49:33.0905 0x17f4  [ D61070CFAD43038DC56AEAD9BFE9CE2A, BD77AEF60E7FD2015CB14A464799304359547146C14A47F8D25274ACFA2E42D5 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
23:49:33.0912 0x17f4  MBAMWebAccessControl - ok
23:49:33.0916 0x17f4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:49:33.0927 0x17f4  Mcx2Svc - ok
23:49:33.0930 0x17f4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:49:33.0937 0x17f4  megasas - ok
23:49:33.0945 0x17f4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:49:33.0957 0x17f4  MegaSR - ok
23:49:33.0961 0x17f4  [ 86614752D2FAE34CCD9E7B2AABA5FBEC, AD5ADDACE7679B6BCCBFA3F3AFA7312B9A4CB2A0E79E199D609D2A8BB20C1723 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:49:33.0968 0x17f4  MEIx64 - ok
23:49:33.0972 0x17f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
23:49:33.0996 0x17f4  MMCSS - ok
23:49:33.0999 0x17f4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
23:49:34.0023 0x17f4  Modem - ok
23:49:34.0026 0x17f4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:49:34.0037 0x17f4  monitor - ok
23:49:34.0040 0x17f4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:49:34.0048 0x17f4  mouclass - ok
23:49:34.0051 0x17f4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:49:34.0060 0x17f4  mouhid - ok
23:49:34.0064 0x17f4  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:49:34.0073 0x17f4  mountmgr - ok
23:49:34.0078 0x17f4  [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:49:34.0087 0x17f4  MozillaMaintenance - ok
23:49:34.0095 0x17f4  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:49:34.0108 0x17f4  MpFilter - ok
23:49:34.0114 0x17f4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:49:34.0124 0x17f4  mpio - ok
23:49:34.0128 0x17f4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:49:34.0152 0x17f4  mpsdrv - ok
23:49:34.0170 0x17f4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:49:34.0206 0x17f4  MpsSvc - ok
23:49:34.0212 0x17f4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:49:34.0223 0x17f4  MRxDAV - ok
23:49:34.0229 0x17f4  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:49:34.0239 0x17f4  mrxsmb - ok
23:49:34.0248 0x17f4  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:49:34.0260 0x17f4  mrxsmb10 - ok
23:49:34.0265 0x17f4  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:49:34.0276 0x17f4  mrxsmb20 - ok
23:49:34.0279 0x17f4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:49:34.0287 0x17f4  msahci - ok
23:49:34.0292 0x17f4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:49:34.0301 0x17f4  msdsm - ok
23:49:34.0306 0x17f4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
23:49:34.0318 0x17f4  MSDTC - ok
23:49:34.0322 0x17f4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:49:34.0346 0x17f4  Msfs - ok
23:49:34.0348 0x17f4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:49:34.0372 0x17f4  mshidkmdf - ok
23:49:34.0374 0x17f4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:49:34.0382 0x17f4  msisadrv - ok
23:49:34.0388 0x17f4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:49:34.0413 0x17f4  MSiSCSI - ok
23:49:34.0415 0x17f4  msiserver - ok
23:49:34.0418 0x17f4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:49:34.0440 0x17f4  MSKSSRV - ok
23:49:34.0444 0x17f4  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:49:34.0452 0x17f4  MsMpSvc - ok
23:49:34.0455 0x17f4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:49:34.0477 0x17f4  MSPCLOCK - ok
23:49:34.0479 0x17f4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:49:34.0502 0x17f4  MSPQM - ok
23:49:34.0511 0x17f4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:49:34.0525 0x17f4  MsRPC - ok
23:49:34.0530 0x17f4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:49:34.0537 0x17f4  mssmbios - ok
23:49:34.0540 0x17f4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:49:34.0563 0x17f4  MSTEE - ok
23:49:34.0566 0x17f4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:49:34.0575 0x17f4  MTConfig - ok
23:49:34.0578 0x17f4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
23:49:34.0587 0x17f4  Mup - ok
23:49:34.0599 0x17f4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
23:49:34.0630 0x17f4  napagent - ok
23:49:34.0639 0x17f4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:49:34.0655 0x17f4  NativeWifiP - ok
23:49:34.0675 0x17f4  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:49:34.0699 0x17f4  NDIS - ok
23:49:34.0703 0x17f4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:49:34.0726 0x17f4  NdisCap - ok
23:49:34.0729 0x17f4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:49:34.0753 0x17f4  NdisTapi - ok
23:49:34.0756 0x17f4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:49:34.0779 0x17f4  Ndisuio - ok
23:49:34.0785 0x17f4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:49:34.0810 0x17f4  NdisWan - ok
23:49:34.0813 0x17f4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:49:34.0836 0x17f4  NDProxy - ok
23:49:34.0840 0x17f4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:49:34.0863 0x17f4  NetBIOS - ok
23:49:34.0871 0x17f4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:49:34.0898 0x17f4  NetBT - ok
23:49:34.0901 0x17f4  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
23:49:34.0910 0x17f4  Netlogon - ok
23:49:34.0919 0x17f4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
23:49:34.0949 0x17f4  Netman - ok
23:49:34.0955 0x17f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:49:34.0965 0x17f4  NetMsmqActivator - ok
23:49:34.0970 0x17f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:49:34.0981 0x17f4  NetPipeActivator - ok
23:49:34.0992 0x17f4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
23:49:35.0024 0x17f4  netprofm - ok
23:49:35.0029 0x17f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:49:35.0040 0x17f4  NetTcpActivator - ok
23:49:35.0045 0x17f4  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:49:35.0056 0x17f4  NetTcpPortSharing - ok
23:49:35.0059 0x17f4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:49:35.0067 0x17f4  nfrd960 - ok
23:49:35.0072 0x17f4  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:49:35.0083 0x17f4  NisDrv - ok
23:49:35.0092 0x17f4  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
23:49:35.0106 0x17f4  NisSrv - ok
23:49:35.0115 0x17f4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:49:35.0129 0x17f4  NlaSvc - ok
23:49:35.0133 0x17f4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:49:35.0156 0x17f4  Npfs - ok
23:49:35.0159 0x17f4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
23:49:35.0183 0x17f4  nsi - ok
23:49:35.0186 0x17f4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:49:35.0209 0x17f4  nsiproxy - ok
23:49:35.0242 0x17f4  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:49:35.0278 0x17f4  Ntfs - ok
23:49:35.0283 0x17f4  [ 1B32C54B95121AB1683C7B83B2DB4B96, 99F4994A0E5BD1BF6E3F637D3225C69FF4CD620557E23637533E7F18D7D6CBA1 ] NTIOLib_1_0_4   C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys
23:49:35.0290 0x17f4  NTIOLib_1_0_4 - ok
23:49:35.0292 0x17f4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
23:49:35.0316 0x17f4  Null - ok
23:49:35.0320 0x17f4  [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
23:49:35.0328 0x17f4  nusb3hub - ok
23:49:35.0335 0x17f4  [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
23:49:35.0345 0x17f4  nusb3xhc - ok
23:49:35.0351 0x17f4  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
23:49:35.0361 0x17f4  NVHDA - ok
23:49:35.0544 0x17f4  [ ECC732D5185408FCC323E56D30170848, 7A7A6C410B65DBB1D59653598D7E5414054588BB88505BE68BFFF0378FD555F3 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:49:35.0722 0x17f4  nvlddmkm - ok
23:49:35.0767 0x17f4  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
23:49:35.0805 0x17f4  NvNetworkService - ok
23:49:35.0812 0x17f4  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:49:35.0822 0x17f4  nvraid - ok
23:49:35.0828 0x17f4  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:49:35.0838 0x17f4  nvstor - ok
23:49:35.0841 0x17f4  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
23:49:35.0847 0x17f4  NvStreamKms - ok
23:49:35.0849 0x17f4  NvStreamSvc - ok
23:49:35.0869 0x17f4  [ 2AF7D8BCD8912FC16AA15268CDCF2454, 3A2E5ADFC6213A6EA83F78026518EC7EE0DD4BBA7C210CB7A41007BB57DC0636 ] nvsvc           C:\Windows\system32\nvvsvc.exe
23:49:35.0892 0x17f4  nvsvc - ok
23:49:35.0896 0x17f4  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
23:49:35.0903 0x17f4  nvvad_WaveExtensible - ok
23:49:35.0907 0x17f4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:49:35.0917 0x17f4  nv_agp - ok
23:49:35.0930 0x17f4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:49:35.0943 0x17f4  odserv - ok
23:49:35.0948 0x17f4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:49:35.0957 0x17f4  ohci1394 - ok
23:49:35.0964 0x17f4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:49:35.0973 0x17f4  ose - ok
23:49:35.0981 0x17f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:49:35.0996 0x17f4  p2pimsvc - ok
23:49:36.0007 0x17f4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
23:49:36.0023 0x17f4  p2psvc - ok
23:49:36.0028 0x17f4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:49:36.0038 0x17f4  Parport - ok
23:49:36.0041 0x17f4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:49:36.0050 0x17f4  partmgr - ok
23:49:36.0056 0x17f4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:49:36.0068 0x17f4  PcaSvc - ok
23:49:36.0074 0x17f4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
23:49:36.0084 0x17f4  pci - ok
23:49:36.0087 0x17f4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
23:49:36.0094 0x17f4  pciide - ok
23:49:36.0101 0x17f4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:49:36.0112 0x17f4  pcmcia - ok
23:49:36.0115 0x17f4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:49:36.0123 0x17f4  pcw - ok
23:49:36.0138 0x17f4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:49:36.0157 0x17f4  PEAUTH - ok
23:49:36.0185 0x17f4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:49:36.0217 0x17f4  PeerDistSvc - ok
23:49:36.0230 0x17f4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:49:36.0239 0x17f4  PerfHost - ok
23:49:36.0295 0x17f4  [ AE0B94363DA0F60D42B9D05B352F61ED, 284EA0123798BDBBAA93F912AD45B3D3F1F662FDDA5C73C0AC0D76AC2F9033C0 ] PID_PEPI        C:\Windows\system32\DRIVERS\LV302V64.SYS
23:49:36.0348 0x17f4  PID_PEPI - ok
23:49:36.0378 0x17f4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
23:49:36.0425 0x17f4  pla - ok
23:49:36.0437 0x17f4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:49:36.0452 0x17f4  PlugPlay - ok
23:49:36.0456 0x17f4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:49:36.0465 0x17f4  PNRPAutoReg - ok
23:49:36.0474 0x17f4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:49:36.0488 0x17f4  PNRPsvc - ok
23:49:36.0500 0x17f4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:49:36.0530 0x17f4  PolicyAgent - ok
23:49:36.0538 0x17f4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
23:49:36.0564 0x17f4  Power - ok
23:49:36.0569 0x17f4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:49:36.0594 0x17f4  PptpMiniport - ok
23:49:36.0598 0x17f4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:49:36.0608 0x17f4  Processor - ok
23:49:36.0615 0x17f4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:49:36.0627 0x17f4  ProfSvc - ok
23:49:36.0631 0x17f4  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:49:36.0640 0x17f4  ProtectedStorage - ok
23:49:36.0645 0x17f4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:49:36.0669 0x17f4  Psched - ok
23:49:36.0700 0x17f4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:49:36.0734 0x17f4  ql2300 - ok
23:49:36.0739 0x17f4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:49:36.0749 0x17f4  ql40xx - ok
23:49:36.0756 0x17f4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
23:49:36.0772 0x17f4  QWAVE - ok
23:49:36.0775 0x17f4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:49:36.0787 0x17f4  QWAVEdrv - ok
23:49:36.0790 0x17f4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:49:36.0813 0x17f4  RasAcd - ok
23:49:36.0816 0x17f4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:49:36.0840 0x17f4  RasAgileVpn - ok
23:49:36.0844 0x17f4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
23:49:36.0869 0x17f4  RasAuto - ok
23:49:36.0874 0x17f4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:49:36.0899 0x17f4  Rasl2tp - ok
23:49:36.0908 0x17f4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
23:49:36.0936 0x17f4  RasMan - ok
23:49:36.0941 0x17f4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:49:36.0964 0x17f4  RasPppoe - ok
23:49:36.0968 0x17f4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:49:36.0993 0x17f4  RasSstp - ok
23:49:37.0002 0x17f4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:49:37.0030 0x17f4  rdbss - ok
23:49:37.0033 0x17f4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:49:37.0043 0x17f4  rdpbus - ok
23:49:37.0045 0x17f4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:49:37.0068 0x17f4  RDPCDD - ok
23:49:37.0075 0x17f4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:49:37.0086 0x17f4  RDPDR - ok
23:49:37.0088 0x17f4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:49:37.0111 0x17f4  RDPENCDD - ok
23:49:37.0114 0x17f4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:49:37.0137 0x17f4  RDPREFMP - ok
23:49:37.0144 0x17f4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:49:37.0155 0x17f4  RDPWD - ok
23:49:37.0162 0x17f4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:49:37.0172 0x17f4  rdyboost - ok
23:49:37.0177 0x17f4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:49:37.0201 0x17f4  RemoteAccess - ok
23:49:37.0207 0x17f4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:49:37.0234 0x17f4  RemoteRegistry - ok
23:49:37.0237 0x17f4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:49:37.0262 0x17f4  RpcEptMapper - ok
23:49:37.0265 0x17f4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
23:49:37.0275 0x17f4  RpcLocator - ok
23:49:37.0286 0x17f4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
23:49:37.0318 0x17f4  RpcSs - ok
23:49:37.0323 0x17f4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:49:37.0347 0x17f4  rspndr - ok
23:49:37.0360 0x17f4  [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:49:37.0375 0x17f4  RTL8167 - ok
23:49:37.0387 0x17f4  [ 945AB249D12CBE044782430C6013AA1A, 912514C99A8AEEBECBFCB3632520C12F9CB8A8286BE1C70567C8E9D5416320DF ] RTL8187B        C:\Windows\system32\DRIVERS\RTL8187B.sys
23:49:37.0402 0x17f4  RTL8187B - ok
23:49:37.0405 0x17f4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:49:37.0413 0x17f4  s3cap - ok
23:49:37.0416 0x17f4  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
23:49:37.0424 0x17f4  SamSs - ok
23:49:37.0429 0x17f4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:49:37.0438 0x17f4  sbp2port - ok
23:49:37.0444 0x17f4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:49:37.0471 0x17f4  SCardSvr - ok
23:49:37.0475 0x17f4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:49:37.0497 0x17f4  scfilter - ok
23:49:37.0520 0x17f4  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
23:49:37.0548 0x17f4  Schedule - ok
23:49:37.0553 0x17f4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:49:37.0576 0x17f4  SCPolicySvc - ok
23:49:37.0582 0x17f4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:49:37.0594 0x17f4  SDRSVC - ok
23:49:37.0598 0x17f4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:49:37.0606 0x17f4  secdrv - ok
23:49:37.0609 0x17f4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
23:49:37.0633 0x17f4  seclogon - ok
23:49:37.0637 0x17f4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
23:49:37.0661 0x17f4  SENS - ok
23:49:37.0664 0x17f4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:49:37.0674 0x17f4  SensrSvc - ok
23:49:37.0677 0x17f4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:49:37.0686 0x17f4  Serenum - ok
23:49:37.0690 0x17f4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:49:37.0700 0x17f4  Serial - ok
23:49:37.0703 0x17f4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:49:37.0712 0x17f4  sermouse - ok
23:49:37.0720 0x17f4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
23:49:37.0745 0x17f4  SessionEnv - ok
23:49:37.0748 0x17f4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:49:37.0759 0x17f4  sffdisk - ok
23:49:37.0762 0x17f4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:49:37.0772 0x17f4  sffp_mmc - ok
23:49:37.0775 0x17f4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:49:37.0785 0x17f4  sffp_sd - ok
23:49:37.0792 0x17f4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:49:37.0801 0x17f4  sfloppy - ok
23:49:37.0813 0x17f4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:49:37.0842 0x17f4  SharedAccess - ok
23:49:37.0853 0x17f4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:49:37.0882 0x17f4  ShellHWDetection - ok
23:49:37.0886 0x17f4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:49:37.0894 0x17f4  SiSRaid2 - ok
23:49:37.0900 0x17f4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:49:37.0909 0x17f4  SiSRaid4 - ok
23:49:37.0913 0x17f4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:49:37.0937 0x17f4  Smb - ok
23:49:37.0945 0x17f4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:49:37.0954 0x17f4  SNMPTRAP - ok
23:49:37.0957 0x17f4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:49:37.0965 0x17f4  spldr - ok
23:49:37.0982 0x17f4  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
23:49:38.0014 0x17f4  Spooler - ok
23:49:38.0091 0x17f4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
23:49:38.0173 0x17f4  sppsvc - ok
23:49:38.0181 0x17f4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:49:38.0206 0x17f4  sppuinotify - ok
23:49:38.0207 0x17f4  sptd - ok
23:49:38.0219 0x17f4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:49:38.0236 0x17f4  srv - ok
23:49:38.0247 0x17f4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:49:38.0262 0x17f4  srv2 - ok
23:49:38.0269 0x17f4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:49:38.0280 0x17f4  srvnet - ok
23:49:38.0287 0x17f4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:49:38.0313 0x17f4  SSDPSRV - ok
23:49:38.0317 0x17f4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:49:38.0342 0x17f4  SstpSvc - ok
23:49:38.0360 0x17f4  [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
23:49:38.0381 0x17f4  Steam Client Service - ok
23:49:38.0392 0x17f4  [ 6213F20854FB987119503F9F91C70B9F, E1683753D192B154DBFE1FD03625A2A56F8576CE2A7619B41159B1C718C73B88 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
23:49:38.0406 0x17f4  Stereo Service - ok
23:49:38.0409 0x17f4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:49:38.0417 0x17f4  stexstor - ok
23:49:38.0430 0x17f4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
23:49:38.0452 0x17f4  stisvc - ok
23:49:38.0456 0x17f4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:49:38.0465 0x17f4  storflt - ok
23:49:38.0467 0x17f4  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
23:49:38.0477 0x17f4  StorSvc - ok
23:49:38.0480 0x17f4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:49:38.0488 0x17f4  storvsc - ok
23:49:38.0490 0x17f4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:49:38.0497 0x17f4  swenum - ok
23:49:38.0510 0x17f4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
23:49:38.0542 0x17f4  swprv - ok
23:49:38.0577 0x17f4  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
23:49:38.0616 0x17f4  SysMain - ok
23:49:38.0622 0x17f4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:49:38.0636 0x17f4  TabletInputService - ok
23:49:38.0645 0x17f4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:49:38.0673 0x17f4  TapiSrv - ok
23:49:38.0677 0x17f4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
23:49:38.0702 0x17f4  TBS - ok
23:49:38.0739 0x17f4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:49:38.0779 0x17f4  Tcpip - ok
23:49:38.0823 0x17f4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:49:38.0861 0x17f4  TCPIP6 - ok
23:49:38.0868 0x17f4  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:49:38.0891 0x17f4  tcpipreg - ok
23:49:38.0896 0x17f4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:49:38.0904 0x17f4  TDPIPE - ok
23:49:38.0907 0x17f4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:49:38.0916 0x17f4  TDTCP - ok
23:49:38.0920 0x17f4  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:49:38.0930 0x17f4  tdx - ok
23:49:38.0934 0x17f4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:49:38.0942 0x17f4  TermDD - ok
23:49:38.0958 0x17f4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
23:49:38.0978 0x17f4  TermService - ok
23:49:38.0982 0x17f4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
23:49:38.0995 0x17f4  Themes - ok
23:49:38.0999 0x17f4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
23:49:39.0023 0x17f4  THREADORDER - ok
23:49:39.0028 0x17f4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
23:49:39.0053 0x17f4  TrkWks - ok
23:49:39.0060 0x17f4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:49:39.0085 0x17f4  TrustedInstaller - ok
23:49:39.0090 0x17f4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:49:39.0098 0x17f4  tssecsrv - ok
23:49:39.0102 0x17f4  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:49:39.0111 0x17f4  TsUsbFlt - ok
23:49:39.0115 0x17f4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:49:39.0141 0x17f4  tunnel - ok
23:49:39.0145 0x17f4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:49:39.0153 0x17f4  uagp35 - ok
23:49:39.0162 0x17f4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:49:39.0190 0x17f4  udfs - ok
23:49:39.0195 0x17f4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:49:39.0205 0x17f4  UI0Detect - ok
23:49:39.0208 0x17f4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:49:39.0217 0x17f4  uliagpkx - ok
23:49:39.0220 0x17f4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
23:49:39.0229 0x17f4  umbus - ok
23:49:39.0232 0x17f4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:49:39.0240 0x17f4  UmPass - ok
23:49:39.0247 0x17f4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
23:49:39.0259 0x17f4  UmRdpService - ok
23:49:39.0269 0x17f4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
23:49:39.0298 0x17f4  upnphost - ok
23:49:39.0303 0x17f4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:49:39.0312 0x17f4  usbaudio - ok
23:49:39.0317 0x17f4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:49:39.0326 0x17f4  usbccgp - ok
23:49:39.0331 0x17f4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:49:39.0341 0x17f4  usbcir - ok
23:49:39.0345 0x17f4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:49:39.0354 0x17f4  usbehci - ok
23:49:39.0363 0x17f4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:49:39.0377 0x17f4  usbhub - ok
23:49:39.0381 0x17f4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:49:39.0390 0x17f4  usbohci - ok
23:49:39.0393 0x17f4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:49:39.0403 0x17f4  usbprint - ok
23:49:39.0408 0x17f4  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:49:39.0418 0x17f4  USBSTOR - ok
23:49:39.0422 0x17f4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:49:39.0430 0x17f4  usbuhci - ok
23:49:39.0434 0x17f4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
23:49:39.0459 0x17f4  UxSms - ok
23:49:39.0462 0x17f4  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
23:49:39.0471 0x17f4  VaultSvc - ok
23:49:39.0477 0x17f4  [ 8FD4BE594B4247E534E5D7CADA47FF20, A1D4DF89FAE48B2A6E3443C49533000A3E13A3CE1C18D8DB5DAEE4DDD9C51E88 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
23:49:39.0486 0x17f4  VBoxNetAdp - ok
23:49:39.0489 0x17f4  VBoxNetFlt - ok
23:49:39.0492 0x17f4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:49:39.0499 0x17f4  vdrvroot - ok
23:49:39.0512 0x17f4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
23:49:39.0544 0x17f4  vds - ok
23:49:39.0548 0x17f4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:49:39.0559 0x17f4  vga - ok
23:49:39.0562 0x17f4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:49:39.0586 0x17f4  VgaSave - ok
23:49:39.0593 0x17f4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:49:39.0604 0x17f4  vhdmp - ok
23:49:39.0607 0x17f4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:49:39.0614 0x17f4  viaide - ok
23:49:39.0621 0x17f4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:49:39.0631 0x17f4  vmbus - ok
23:49:39.0634 0x17f4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:49:39.0642 0x17f4  VMBusHID - ok
23:49:39.0646 0x17f4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:49:39.0654 0x17f4  volmgr - ok
23:49:39.0664 0x17f4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:49:39.0677 0x17f4  volmgrx - ok
23:49:39.0686 0x17f4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:49:39.0698 0x17f4  volsnap - ok
23:49:39.0704 0x17f4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:49:39.0715 0x17f4  vsmraid - ok
23:49:39.0746 0x17f4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
23:49:39.0797 0x17f4  VSS - ok
23:49:39.0802 0x17f4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:49:39.0812 0x17f4  vwifibus - ok
23:49:39.0816 0x17f4  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:49:39.0828 0x17f4  vwififlt - ok
23:49:39.0838 0x17f4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
23:49:39.0867 0x17f4  W32Time - ok
23:49:39.0872 0x17f4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:49:39.0881 0x17f4  WacomPen - ok
23:49:39.0885 0x17f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:49:39.0908 0x17f4  WANARP - ok
23:49:39.0912 0x17f4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:49:39.0936 0x17f4  Wanarpv6 - ok
23:49:39.0967 0x17f4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
23:49:40.0002 0x17f4  wbengine - ok
23:49:40.0010 0x17f4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:49:40.0025 0x17f4  WbioSrvc - ok
23:49:40.0035 0x17f4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:49:40.0054 0x17f4  wcncsvc - ok
23:49:40.0058 0x17f4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:49:40.0068 0x17f4  WcsPlugInService - ok
23:49:40.0071 0x17f4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:49:40.0078 0x17f4  Wd - ok
23:49:40.0096 0x17f4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:49:40.0117 0x17f4  Wdf01000 - ok
23:49:40.0122 0x17f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:49:40.0136 0x17f4  WdiServiceHost - ok
23:49:40.0140 0x17f4  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:49:40.0153 0x17f4  WdiSystemHost - ok
23:49:40.0161 0x17f4  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
23:49:40.0174 0x17f4  WebClient - ok
23:49:40.0182 0x17f4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:49:40.0210 0x17f4  Wecsvc - ok
23:49:40.0214 0x17f4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:49:40.0240 0x17f4  wercplsupport - ok
23:49:40.0244 0x17f4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:49:40.0270 0x17f4  WerSvc - ok
23:49:40.0273 0x17f4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:49:40.0296 0x17f4  WfpLwf - ok
23:49:40.0299 0x17f4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:49:40.0307 0x17f4  WIMMount - ok
23:49:40.0309 0x17f4  WinDefend - ok
23:49:40.0312 0x17f4  WinHttpAutoProxySvc - ok
23:49:40.0322 0x17f4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:49:40.0349 0x17f4  Winmgmt - ok
23:49:40.0388 0x17f4  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
23:49:40.0448 0x17f4  WinRM - ok
23:49:40.0455 0x17f4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:49:40.0466 0x17f4  WinUsb - ok
23:49:40.0484 0x17f4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:49:40.0512 0x17f4  Wlansvc - ok
23:49:40.0560 0x17f4  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:49:40.0606 0x17f4  wlidsvc - ok
23:49:40.0611 0x17f4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:49:40.0619 0x17f4  WmiAcpi - ok
23:49:40.0627 0x17f4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:49:40.0639 0x17f4  wmiApSrv - ok
23:49:40.0642 0x17f4  WMPNetworkSvc - ok
23:49:40.0645 0x17f4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:49:40.0654 0x17f4  WPCSvc - ok
23:49:40.0659 0x17f4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:49:40.0671 0x17f4  WPDBusEnum - ok
23:49:40.0674 0x17f4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:49:40.0698 0x17f4  ws2ifsl - ok
23:49:40.0702 0x17f4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
23:49:40.0716 0x17f4  wscsvc - ok
23:49:40.0718 0x17f4  WSearch - ok
23:49:40.0768 0x17f4  [ 6075791ED85E47A2A2916B1F34582944, 25B5FAD161711875B38BDD014A26FA527C8EE4854D485989D19A72D5EBBA4054 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:49:40.0821 0x17f4  wuauserv - ok
23:49:40.0827 0x17f4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:49:40.0838 0x17f4  WudfPf - ok
23:49:40.0844 0x17f4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:49:40.0856 0x17f4  WUDFRd - ok
23:49:40.0861 0x17f4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:49:40.0871 0x17f4  wudfsvc - ok
23:49:40.0879 0x17f4  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:49:40.0895 0x17f4  WwanSvc - ok
23:49:40.0900 0x17f4  ================ Scan global ===============================
23:49:40.0903 0x17f4  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
23:49:40.0910 0x17f4  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
23:49:40.0920 0x17f4  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
23:49:40.0926 0x17f4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
23:49:40.0936 0x17f4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
23:49:40.0941 0x17f4  [ Global ] - ok
23:49:40.0942 0x17f4  ================ Scan MBR ==================================
23:49:40.0943 0x17f4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:49:41.0160 0x17f4  \Device\Harddisk0\DR0 - ok
23:49:41.0162 0x17f4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:49:41.0244 0x17f4  \Device\Harddisk1\DR1 - ok
23:49:41.0262 0x17f4  [ 988D3C46CBD13EC7F482B833C55264C8 ] \Device\Harddisk2\DR2
23:49:41.0318 0x17f4  \Device\Harddisk2\DR2 - ok
23:49:41.0318 0x17f4  ================ Scan VBR ==================================
23:49:41.0320 0x17f4  [ F6837954E147B634BF2AD664FABF4BF6 ] \Device\Harddisk0\DR0\Partition1
23:49:41.0321 0x17f4  \Device\Harddisk0\DR0\Partition1 - ok
23:49:41.0323 0x17f4  [ DCE858D6C9F7CCF09DA9BDF4C36D0E67 ] \Device\Harddisk0\DR0\Partition2
23:49:41.0325 0x17f4  \Device\Harddisk0\DR0\Partition2 - ok
23:49:41.0326 0x17f4  [ E13FBCCC5B05C0E2070179038181A67E ] \Device\Harddisk1\DR1\Partition1
23:49:41.0327 0x17f4  \Device\Harddisk1\DR1\Partition1 - ok
23:49:41.0328 0x17f4  [ 8609533CF3BD113BA1BE72FB9BF6BA11 ] \Device\Harddisk1\DR1\Partition2
23:49:41.0330 0x17f4  \Device\Harddisk1\DR1\Partition2 - ok
23:49:41.0331 0x17f4  [ 383E4B4A5D3DF421AE29D47974C36C85 ] \Device\Harddisk1\DR1\Partition3
23:49:41.0332 0x17f4  \Device\Harddisk1\DR1\Partition3 - ok
23:49:41.0333 0x17f4  [ E04879AC8DB84D84DA8065AEFE045809 ] \Device\Harddisk1\DR1\Partition4
23:49:41.0334 0x17f4  \Device\Harddisk1\DR1\Partition4 - ok
23:49:41.0335 0x17f4  [ A6DBB8959C2F94376654F12B80365952 ] \Device\Harddisk2\DR2\Partition1
23:49:41.0336 0x17f4  \Device\Harddisk2\DR2\Partition1 - ok
23:49:41.0337 0x17f4  ================ Scan generic autorun ======================
23:49:41.0364 0x17f4  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
23:49:41.0396 0x17f4  MSC - ok
23:49:41.0447 0x17f4  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
23:49:41.0498 0x17f4  NvBackend - ok
23:49:41.0502 0x17f4  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
23:49:41.0513 0x17f4  ShadowPlay - ok
23:49:41.0523 0x17f4  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
23:49:41.0533 0x17f4  Cmaudio8788 - ok
23:49:41.0540 0x17f4  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\Windows\syswow64\HsMgr.exe
23:49:41.0546 0x17f4  Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
23:49:41.0547 0x17f4  Detect skipped due to KSN trusted
23:49:41.0547 0x17f4  Cmaudio8788GX - ok
23:49:41.0554 0x17f4  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\Windows\system\HsMgr64.exe
23:49:41.0562 0x17f4  Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
23:49:41.0562 0x17f4  Detect skipped due to KSN trusted
23:49:41.0562 0x17f4  Cmaudio8788GX64 - ok
23:49:41.0582 0x17f4  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
23:49:41.0603 0x17f4  avgnt - ok
23:49:41.0608 0x17f4  [ 9D51EA92A612B37E76E5E4621650C50A, 00BD61C8527A80C0F684882379A0AC2E5A54E8BBECC797087B960CDC8454C373 ] C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
23:49:41.0616 0x17f4  NUSB3MON - ok
23:49:41.0623 0x17f4  [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
23:49:41.0633 0x17f4  SunJavaUpdateSched - ok
23:49:41.0637 0x17f4  [ 3405A4A63018892F31E61C01E9A0313E, 49B2102C3593270DAD15548D1FB2C7E36A65419AA7AE057AB1F0B6A80365B1F6 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:49:41.0645 0x17f4  Avira SystrayStartTrigger - ok
23:49:41.0645 0x17f4  Object required for P2P: [ 3405A4A63018892F31E61C01E9A0313E ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
23:49:44.0048 0x17f4  Object send P2P result: true
23:49:44.0052 0x17f4  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
23:49:44.0053 0x17f4  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
23:49:44.0055 0x17f4  Win FW state via NFP2: enabled ( trusted )
23:49:46.0388 0x17f4  ============================================================
23:49:46.0388 0x17f4  Scan finished
23:49:46.0388 0x17f4  ============================================================
23:49:46.0392 0x1078  Detected object count: 0
23:49:46.0392 0x1078  Actual detected object count: 0

deeprybka · 05.01.2016, 12:27

Schritt 1
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

benjay · 05.01.2016, 22:55

Code:

ATTFilter

# AdwCleaner v5.028 - Logfile created 05/01/2016 at 12:34:31
# Updated 04/01/2016 by Xplode
# Database : 2016-01-04.2 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : benjay - BENJAY-PC
# Running from : C:\Users\benjay\Desktop\adwcleaner_5.028.exe
# Option : Cleaning
# Support : hxxp://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Users\benjay\Documents\Updater

***** [ Files ] *****

[-] File Deleted : C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key Deleted : HKCU\Software\Reg\Clean
[-] Key Deleted : HKLM\SOFTWARE\Reg\Clean

***** [ Web browsers ] *****

[-] [C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : fkjlohfdjcjhmfcabomglnciodlnplhk

*************************

:: "Tracing" keys removed
:: Proxy settings cleared
:: Winsock settings cleared
:: IE policies deleted
:: Chrome policies deleted

########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1667 bytes] ##########

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cedbf1111a78c246841065c99ff6bd4c
# end=init
# utc_time=2016-01-05 11:37:45
# local_time=2016-01-05 12:37:45 (+0100, W. Europe Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27498
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=cedbf1111a78c246841065c99ff6bd4c
# end=updated
# utc_time=2016-01-05 11:40:51
# local_time=2016-01-05 12:40:51 (+0100, W. Europe Standard Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=cedbf1111a78c246841065c99ff6bd4c
# engine=27498
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-01-05 06:16:25
# local_time=2016-01-05 07:16:25 (+0100, W. Europe Standard Time)
# country="United States"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 20448530 146195395 0 0
# scanned=291746
# found=12
# cleaned=0
# scan_time=23733
sh=475F248095D35E333ADF2F38B02424DEBEE83F04 ft=1 fh=62a3e0d8b40d4617 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\benjay\AppData\Roaming\Systweak\ssd\SSDPTstub.exe.vir"
sh=3823C862C561D0CAEE9529E3D219F279E3F94FD6 ft=1 fh=b645ea40dd7eb557 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=97A2A720819CF6CCCCC734DF06DAA33277A21B54 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2014-12-14 202721\Backup Files 2014-12-14 202721\Backup files 4.zip"
sh=3BAE9B75FD93422CED691D191594914514FBDDC1 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-01-11 190005\Backup Files 2015-01-11 190005\Backup files 4.zip"
sh=428920A5519D463936C1921275754A3AB737E432 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-01-25 190006\Backup Files 2015-01-25 190006\Backup files 4.zip"
sh=29ED6170E3637602FC61E4DF3DD75B209C364508 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-02-15 233100\Backup Files 2015-02-15 233100\Backup files 4.zip"
sh=9AAB4437334998B7141624F631E5F0E7DE9771C8 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-03-08 201332\Backup Files 2015-03-08 201332\Backup files 4.zip"
sh=C645836ECDC310BC10A771673477291E6C695E22 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-03-29 233859\Backup Files 2015-03-29 233859\Backup files 4.zip"
sh=DAF8C95670CEEEDF5D980BEF4DDC9D70A20D46E6 ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-04-13 002700\Backup Files 2015-04-13 002700\Backup files 4.zip"
sh=77AE0F2CE7021D2F1AEAA0E4D868070B4716FF7D ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-05-04 003040\Backup Files 2015-05-04 003040\Backup files 4.zip"
sh=78968F2D5FD92CB7A1BD2A4E867B625AA3BFC33E ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-05-24 190006\Backup Files 2015-05-24 190006\Backup files 4.zip"
sh=9628DEF037115BAF428C1AA9D465D76315714BAB ft=0 fh=0000000000000000 vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="I:\BENJAY-PC\Backup Set 2015-06-14 190005\Backup Files 2015-06-14 190005\Backup files 5.zip"

deeprybka · 05.01.2016, 23:37

Code:

ATTFilter

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

Ein AVP reicht, ich würde Avira deinstallieren.

PC sieht sauber aus. Wie fast immer liegt keine lokale Infektion vor. Ursache meist Spoofing, Online Hack...

Schritt 1

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

benjay · 05.01.2016, 23:56

"Schade" . Aber gut, ein weiteres Argument, auf eine posteo Adresse umzusteigen...

[CODE]Additional
FRST Logfile:

FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by benjay (2016-01-05 23:54:08)
Running from C:\Users\benjay\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-11-02 23:20:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1780921663-2346165912-1911888604-500 - Administrator - Disabled)
benjay (S-1-5-21-1780921663-2346165912-1911888604-1000 - Administrator - Enabled) => C:\Users\benjay
Guest (S-1-5-21-1780921663-2346165912-1911888604-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1780921663-2346165912-1911888604-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{d0e166af-1634-4c0b-ae96-2180e61f9d38}) (Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.52.15531 - Avira Operations GmbH & Co. KG) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.5.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF24 Creator 7.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
ScummVM 1.7.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.62  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12A21D38-E243-472B-AAAA-3D54F9FBBDB2} - System32\Tasks\{4DC7E083-C052-4F68-BE68-C0013673421C} => K:\INSTALL.EXE
Task: {12CF6B43-1715-4AD4-8844-D99D053BDA4D} - System32\Tasks\AdobeAAMUpdater-1.0-benjay-PC-benjay => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {2061113B-6101-49F1-ABE2-1CEA0E410B3E} - System32\Tasks\{BC482785-3E2F-40AC-AE4F-E1E7E50637BE} => J:\install.exe
Task: {2A569622-B446-4CD3-BA2D-62278738BB0B} - System32\Tasks\{5A684C7D-9519-4705-9E1B-FB11053117DA} => C:\Program Files (x86)\Atari\Desperados 2\Desperados2.exe
Task: {352485ED-ED40-4E44-AAF0-DBE87CE6C833} - System32\Tasks\{FFA36975-C895-4B07-A20F-D60C14C1A3BE} => K:\INSTALL.EXE
Task: {39BA6308-1331-4544-8C6B-A8544F2BA9CE} - System32\Tasks\{23BC10D8-8D1F-424E-97BC-F07142F25C5D} => J:\install.exe
Task: {3AEDCEF3-24CF-466C-B436-163BB6C95447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {3B7DEA0C-ABF1-4508-A9BF-0023A8E8D300} - System32\Tasks\{AA4FE6BD-B397-4668-93EB-D03E71BEFBE7} => J:\install.exe
Task: {4080960D-B993-4F5F-807C-3EEDB0105985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {62AD0709-1C33-4F4C-AB53-0E6938FC4BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {AD9FA85A-80BE-446A-9F5B-9B0CD2319E91} - System32\Tasks\{A8C03F36-13A2-4E4D-A512-9049A27573F6} => K:\INSTALL.EXE
Task: {BA7B668C-54F5-4D08-ADC1-828418329C1B} - System32\Tasks\{E99F55D7-FAE6-4D3D-A89C-0303810AEFB9} => K:\INSTALL.EXE
Task: {C434A2B8-A478-4876-9FCA-A7E2894D5CD2} - System32\Tasks\{FDCAB79B-0C3E-4704-A7A1-B6993F219C05} => J:\install.exe
Task: {CC562DC9-AE0C-4B9F-8B34-7756FC87EF84} - System32\Tasks\{1590464B-1892-4A4D-9F97-B5EF5826FE1A} => pcalua.exe -a K:\German\setup.exe -d K:\German
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DDBAD45E-4BAB-43D8-80E5-F41B86E6AD12} - System32\Tasks\{4105F22C-5814-41DE-9DA1-A44D7F7FAE34} => K:\INSTALL.EXE
Task: {FD6CCED3-2124-480C-B09F-78613D428D81} - System32\Tasks\{3A9ED561-51AE-4442-85B8-84CD49F4E3C0} => J:\install.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-01-26 22:30 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-08 22:29 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-06-08 22:29 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2015-12-16 23:05 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:05 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-11-10 11:12 - 2015-11-10 11:41 - 00348160 _____ () C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\GFSDK_GodraysLib.x64.dll
2015-05-27 23:26 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-08 22:29 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll
2015-03-09 21:37 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2014-12-01 15:29 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-03-23 19:22 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-01 12:31 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-03-23 19:22 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-11-13 19:36 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-02-24 16:58 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-10-20 17:45 - 00000027 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EvolveClient => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{0F6DFCC7-4D47-4924-B569-5C5755C48973}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{C295E058-2FA5-4B68-B678-B16B8BB29D1F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{1A5CD637-824E-4DAA-8FF9-FFC9AD8826BA}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{809A0247-19A7-4B5A-BE62-900769916E8D}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{39F87BDE-E5BB-47EA-A5C3-2CB3E387721F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BB5F0DD7-35EF-441F-982C-56FD6A010B83}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1238E446-DAD4-45FF-A2E0-9D676E7788CE}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1FBE5297-64A6-4534-AA37-EB5B0C54038C}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9B9C20B5-40F5-4A1C-997B-2035E72156A5}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{01A0A08D-C688-406A-A0C3-59D069B7172F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D0B543E3-5689-4079-B35C-05DB03942B43}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{6C182283-B207-4B36-A722-58F64512C243}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{3B9D77E6-DC50-4777-8829-3B978F3AABAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C0608C4A-07E6-4384-9553-78C9A244D0A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{8456CCC6-30AF-4E97-88EA-7D8E57F0C563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{66B8F3C1-E30B-4B64-9AB9-EDB29BFF6078}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{E9DF8FEF-C65E-42AA-BE51-39786C617FB6}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [TCP Query User{6AF58584-35A9-4C58-B40A-DABC2154EEF6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [UDP Query User{CD55E8A7-8561-4AB2-A3BA-7FFFDC2854C6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [TCP Query User{E71EDC47-AE54-47AA-8311-204B3F25EF4E}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [UDP Query User{F9996362-C16A-4FD9-A405-BCF88D3BF7CD}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [TCP Query User{80B1205D-75D4-4EBF-B7E2-59707ACB7B0F}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{AFE46DA5-5B41-4CB8-9A47-9AAE330D54E7}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{D0FC0044-A78A-4293-8AB4-EA58B6EB8F94}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [UDP Query User{5ACE821D-1517-4FFF-92D8-AF1377A98D81}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [TCP Query User{90E609CA-1A7D-4AF3-92DD-C89A8E464238}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{95AFA473-F5E1-4FE7-8CC4-265843ADBDB5}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{83766DDC-ACAD-429D-B16C-315454178B3A}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{EF9D19CD-EABF-4582-9426-5C45B8434839}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{3BEC5EC9-9E50-40EC-940C-342EC5A29B4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{FB57C8AE-661F-46B0-B20C-5850B5A1A027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{9B135F9A-03BB-44C3-A51B-53530255836E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{4036EAF4-0CB2-49E3-9ACE-1460C956D632}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{F1A66AE7-9472-41FF-A70A-DCB8333463BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{35C95002-4008-4D01-A4B4-662A70DB443C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{5C65D816-2D0B-4BDD-BAD3-EDA0A5A6E325}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{A07F7F2F-7189-4680-9E3C-B6F8A8610233}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{9FAF5BF7-6579-46CC-AD87-7A2AB1EA98C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{DC49891D-A36F-4179-A1EF-A18444CE7FDF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{D1C8E81E-DC8A-4B5C-84F3-5FC7019D889A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{6067107C-A2FE-4D23-9B6E-89D19884809F}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [{0B9B4838-1C2E-4E12-B2FC-6AD1A2761A98}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{9448DCCF-D1A1-434C-95D2-D1C4A7DA101F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{A61D4624-AA40-4850-B410-6726ED199DFB}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{28FBB594-EF61-4A1E-A8A7-39BEB7AE8528}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{8E277956-A6AC-4602-96FE-6E59A1BF8F6A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{657707A6-368C-4A83-A8F7-31009B949C6C}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{301A99A4-2A0C-42C4-B85C-929FA3DC578A}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{21E65557-DFDD-4924-85E2-392A8D5AF82C}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [TCP Query User{59727D75-5F3B-4B99-8AB6-EFB80CE6E454}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{B7AA76D9-3D59-4799-A7E2-354D4375DB70}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [{C6BAC3BA-0D22-4049-A7FE-BB103C34A86E}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{85D1E51E-B08E-4069-AF44-3FCE52AD05CC}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{E9EA77EC-002A-4C4E-8E58-249E9A51DC1D}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [UDP Query User{3584F9BD-8B3F-4146-8DF2-2D2D42189E64}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [{0FE34B5D-2679-4043-9C2E-351E36961F0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{4D832D93-9917-4763-834D-916AD6E8A2CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{16F224C7-0D96-4C95-AE8F-3851E1D403A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{87D35EAE-E971-4486-A17F-621552028416}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1360E61F-2488-4D29-8AB8-E2D746ADCF02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{17A605CE-48BE-42D0-9DFA-78A8C86E90C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{A5993935-A1A8-4C9A-B58D-F62858C74B7D}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [UDP Query User{B1280C40-46B6-43E0-9207-1D7B761D4681}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [{8FA81560-293C-4A58-9B62-D196921D8673}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E767DB21-500B-4EF0-8E09-C8BD8D1FD97A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{B5215464-8812-4390-9713-B0095039EC2E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B9E11CB2-7A3D-480A-A687-A8CC622B7544}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{055BA207-12A0-485B-8716-DE81F204FFE1}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{2E7329A4-9B19-4505-BD94-FC97BB794378}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{709E6C82-5293-46EB-A680-79439667ECD3}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{7FC58348-EA2D-4B93-97F5-1FCC28A13098}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3EA5B687-CB70-4B38-8EDB-DA92D5DEA03E}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E4CE38B1-67C6-48BE-AEB0-43741A5DB61A}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{3CEA719B-59CA-47A3-A128-EA38F6203767}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{ED046DE6-8593-4ACB-88AB-12FE9DADCE5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{50F22C28-A275-49F5-8FFB-4FC705790566}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CF30EEA-5266-4843-842E-A5848F3B3A8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{2071ED9D-CDA3-4AE0-AB99-589D0063C1A3}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{4AD09943-4E0B-4B4C-BE6F-8BEC47558360}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{E0C67E8B-538C-4C58-9B8D-E9A136C6561A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{089ABDF0-6301-454A-9E00-D13741DD5F78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{A62C35D7-1438-4E07-A376-9045403121FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CF93EF37-7C0C-4FBE-9E76-1DB4ECD36BE4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{258D4E68-9F48-4A3D-99FF-4B8A893327FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3CA64B4F-3945-45D9-B296-59A57D7668DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CA7BFC79-27B7-4FD4-8D55-A3D36F815288}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{2E631837-A925-4599-898C-62EDE02384B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [TCP Query User{3D05B55B-499A-43EA-AC1B-DC84C070E646}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [UDP Query User{BEBCDCC8-3A54-4488-888A-CC1124C73A24}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [{2525FEB5-4C76-4820-9E01-EEEE099226AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{738646F5-B9CD-48CC-8481-E5F32FE03D8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6BF1BE8E-9965-4F07-8A7F-098D1FA07692}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C000DB22-758D-4972-8ACE-D6846D0EBEBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{E08FA131-8EE3-4BC3-B230-A993E75926BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{7F43164F-A3E3-4828-A84D-3860D76E119D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E80D329B-C554-44EC-9AF2-6642CCEFFFF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{DC37F596-A736-4BC2-9EDD-7A571139BEB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{6315E9FB-005B-451B-9465-45F90B02F124}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CE581422-A7C9-4DD0-AEC7-A132E5ACA086}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{839CDCCA-5215-4C87-8F03-77F1DB5FC8CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BF82BF46-B9F3-4496-AF19-515B13C00AF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CE821BED-65FA-40E8-8B5C-9F0090F25DC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{0BA6424E-E16B-4462-BBC8-ABDDEF8AC93A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{3855BB20-4D88-4158-9639-EEF44C206138}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D9063798-C745-454E-8603-0A6D57671F75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{88712BB0-D5F5-4DE7-AE51-04E1A168B205}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{1ED02756-ED68-4E0C-A669-008DD26E65D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{281651BA-1176-4C05-A603-035167472F7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{42FF3278-2FD6-44B7-B0BD-B92F2B56992C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{53F137EF-F8F1-45EA-AA2B-4E646B5E6691}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D0FEAEA8-BF35-409E-838E-13FF2748490C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D58C92BB-93AB-4929-9097-D46A5915577E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{33CA1E79-5DDC-4344-BE83-402446E0E1A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{55230E58-E582-4278-B295-9881D7A259EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AD73000A-66E6-476A-B801-93276BB049C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED4B1177-E3C3-46F4-8D53-D0E5280FAE47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8C48C058-1ED7-491B-B109-1A2763612EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{34C1140C-BC6D-4169-A56A-197A4E6DF4B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7C41BEBA-7DCE-4F11-AAFB-191E2BD9696A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F2971CB-2AF3-4BA1-BF92-397547B2BC36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{DB683BEC-4583-40F1-ADB1-1639A8E4C0F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{50A20A17-A0F4-4551-9288-7C0FC6774E58}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{77ACD185-CEBC-4E21-B547-B9D1952775A6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{2A7955DA-B167-4725-914E-871EE27C98FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7CEEB1ED-31CC-47CC-A481-7F3A0B46A7DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9D2A75DE-90DE-4B23-A49F-A024821864BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F44820B3-9FB0-466D-8D5D-C6C1AD7EEEBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{31F0C286-4B92-4A29-AC2A-1F34C2F53DE8}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{9E8CF545-129E-471D-B4B4-1E2F56C06C1D}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{4A64229C-E342-4F29-A41D-563CEBC24A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{DC1AF2C8-DEC4-4329-AAC2-02E64FEFF89C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{EC78C749-D555-4833-9C3F-FE2B3BC1039B}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{3C686866-55BA-45BD-A161-9E4934ECCAFE}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{767C01C4-A9A7-43A4-8B4F-4819E2F57C62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

01-01-2016 18:44:17 Installed Helium
01-01-2016 18:47:17 Installed Motorola Device Manager
01-01-2016 18:55:11 Removed Helium
01-01-2016 18:57:21 Removed Motorola Mobile Drivers Installation 6.4.0
01-01-2016 18:57:44 Removed Motorola Device Manager
02-01-2016 21:01:23 Windows Update
04-01-2016 16:02:06 Windows Backup

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2016 10:52:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 07:39:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:37:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:37:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:37:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:36:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:31:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/01/2016 06:56:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1824

Start Time: 01d144bd9358e5e9

Termination Time: 10

Application Path: C:\Windows\explorer.exe

Report Id: 03ac3f30-b0b1-11e5-be53-6c626d3f3cac

Error: (01/01/2016 06:55:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 89c

Start Time: 01d144b238c1fb6e

Termination Time: 12

Application Path: C:\Windows\Explorer.EXE

Report Id: cfccd4cf-b0b0-11e5-be53-6c626d3f3cac

Error: (01/01/2016 05:33:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Fallout4.exe version 1.2.37.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d2c

Start Time: 01d144b2050d36a7

Termination Time: 186

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4.exe

Report Id:


System errors:
=============
Error: (01/05/2016 12:40:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:40:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/05/2016 12:40:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:40:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/05/2016 12:40:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:40:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/05/2016 12:38:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:38:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/05/2016 12:38:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:38:15 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


CodeIntegrity:
===================================
  Date: 2013-10-20 18:45:44.901
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 18:45:44.848
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 76%
Total physical RAM: 8173.57 MB
Available physical RAM: 1910.92 MB
Total Virtual: 16345.36 MB
Available Virtual: 6993.64 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:2.67 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Elements) (Fixed) (Total:465.75 GB) (Free:48.33 GB) NTFS
Drive g: () (Fixed) (Total:99.51 GB) (Free:71.44 GB) NTFS
Drive h: (Games) (Fixed) (Total:244.14 GB) (Free:92.53 GB) NTFS
Drive i: (Musik und Filme) (Fixed) (Total:587.76 GB) (Free:101.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 786EE9E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 61BCEE7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=587.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 946FF2BA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

--- --- ---

--- --- ---

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by benjay (administrator) on BENJAY-PC (05-01-2016 23:53:42)
Running from C:\Users\benjay\Desktop
Loaded Profiles: benjay (Available Profiles: benjay)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Bethesda Softworks) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-11-23] (Avira Operations GmbH & Co. KG)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{644AFD7F-2BFA-4EAF-9367-910E4890C4A0}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6577D245-50AD-4FD1-BE32-C7919691D5E1}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{C6522AAA-71CD-4ABC-A830-78F97174AD2A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901
FF DefaultSearchEngine: LEO Eng-Deu
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-05-06] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1780921663-2346165912-1911888604-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\benjay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-05-11] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-images.xml [2014-12-30]
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-maps.xml [2014-12-30]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-03] [not signed]
FF Extension: FoxyProxy Standard - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\foxyproxy@eric.h.jung [2015-05-29]
FF Extension: Flash and Video Download - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-17]
FF Extension: Ghostery - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\firefox@ghostery.com.xpi [2015-12-14]
FF Extension: Adblock Plus - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-23]
CHR Extension: (Google Docs) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-23]
CHR Extension: (Google Drive) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-05]
CHR Extension: (Google-Suche) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-23]
CHR Extension: (Avira Browserschutz) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (Ghostery) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-06-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-11-07]
CHR Extension: (Google Mail) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-22] (Adobe Systems) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [249624 2015-11-23] (Avira Operations GmbH & Co. KG)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-03-08] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-01-20] (Echobit, LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-03-08] ()
S3 Maplom; no ImagePath
S3 MaplomL; no ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-19] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 14:13 - 2016-01-05 14:13 - 00000000 ____D C:\Users\benjay\Documents\Updater
2016-01-05 12:31 - 2016-01-05 12:31 - 01749504 _____ C:\Users\benjay\Desktop\adwcleaner_5.028.exe
2016-01-05 12:30 - 2016-01-05 12:31 - 02870984 _____ (ESET) C:\Users\benjay\Desktop\esetsmartinstaller_deu.exe
2016-01-04 23:46 - 2016-01-04 23:56 - 00419704 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_23.46.03_log.txt
2016-01-04 15:53 - 2016-01-04 15:58 - 00212772 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_15.53.45_log.txt
2016-01-04 15:52 - 2016-01-04 15:52 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\benjay\Desktop\tdsskiller.exe
2016-01-01 18:54 - 2016-01-01 18:57 - 00000000 ____D C:\Users\benjay\Desktop\handy
2016-01-01 18:53 - 2016-01-01 18:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-01-01 18:48 - 2016-01-01 18:48 - 00000000 ____D C:\ProgramData\Motorola
2016-01-01 18:47 - 2016-01-01 18:47 - 00000000 ____D C:\Users\benjay\AppData\Roaming\Motorola Mobility
2016-01-01 18:47 - 2016-01-01 18:47 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-01-01 18:47 - 2016-01-01 18:47 - 00000000 ____D C:\Program Files (x86)\Motorola Mobility
2016-01-01 18:44 - 2016-01-01 18:44 - 00000000 ____D C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2016-01-01 18:44 - 2016-01-01 18:44 - 00000000 ____D C:\Users\benjay\.android
2016-01-01 18:44 - 2016-01-01 18:44 - 00000000 ____D C:\Program Files (x86)\ClockworkMod
2016-01-01 18:43 - 2016-01-01 18:44 - 18114048 _____ C:\Users\benjay\Desktop\CarbonSetup.msi
2016-01-01 18:36 - 2016-01-02 12:44 - 00000000 ____D C:\Program Files (x86)\Motorola
2016-01-01 18:36 - 2016-01-01 18:47 - 00000000 ____D C:\Temp
2016-01-01 18:36 - 2016-01-01 18:36 - 00000000 ____D C:\Users\benjay\AppData\Roaming\Motorola
2016-01-01 18:36 - 2016-01-01 18:36 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared
2015-12-31 13:23 - 2015-12-31 13:23 - 00055222 _____ C:\Users\benjay\Desktop\Avira.txt
2015-12-31 13:22 - 2015-12-31 13:22 - 00001054 _____ C:\Users\benjay\Desktop\Malware.txt
2015-12-31 13:20 - 2015-12-31 13:20 - 00055794 _____ C:\Users\benjay\Desktop\Addition.txt
2015-12-31 13:19 - 2016-01-05 23:53 - 00021765 _____ C:\Users\benjay\Desktop\FRST.txt
2015-12-31 13:19 - 2016-01-05 23:53 - 00000000 ____D C:\FRST
2015-12-31 13:19 - 2015-12-31 13:19 - 02370560 _____ (Farbar) C:\Users\benjay\Desktop\FRST64.exe
2015-12-31 13:05 - 2015-12-31 13:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-17 19:50 - 2015-12-17 19:50 - 00000000 ____D C:\Users\benjay\Desktop\freenet Mail
2015-12-14 02:57 - 2015-12-17 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-09 10:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 10:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 10:26 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 10:26 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 10:26 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 10:26 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 10:26 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 10:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 10:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 10:26 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 10:26 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 10:26 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 10:26 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 10:26 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 10:26 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 10:26 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 10:26 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 10:26 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 10:26 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 10:26 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 10:26 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 10:26 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 10:26 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 10:26 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 10:26 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 10:26 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 10:26 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 10:26 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 10:26 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 10:26 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 10:26 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 10:26 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 10:26 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 10:26 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 10:26 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 10:26 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 10:26 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 10:26 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 10:26 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 10:26 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 10:26 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 10:26 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 10:26 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 10:26 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 10:26 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 10:26 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 10:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 10:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 10:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 10:26 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 10:26 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 10:25 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 10:25 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 11:35 - 2015-12-08 11:35 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Users\benjay\AppData\Local\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-12-08 11:23 - 2015-12-08 12:01 - 00000000 ____D C:\Users\benjay\Desktop\Weinheim

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-05 23:49 - 2012-11-12 12:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-05 23:02 - 2015-06-21 13:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-05 23:01 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-05 23:01 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-05 22:59 - 2015-03-31 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-05 12:40 - 2009-07-14 06:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-05 12:40 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-05 12:36 - 2015-06-21 13:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-05 12:36 - 2015-01-26 22:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-05 12:36 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-05 12:34 - 2013-10-20 18:34 - 00000000 ____D C:\AdwCleaner
2016-01-02 21:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-02 18:49 - 2012-11-12 12:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-02 18:49 - 2012-06-22 06:28 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-02 18:49 - 2011-11-03 00:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 01:49 - 2015-11-14 12:37 - 00010156 _____ C:\Users\benjay\Desktop\Bewerbungsstand.xlsx
2016-01-01 18:47 - 2011-11-03 00:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-01 18:44 - 2011-11-03 00:20 - 00000000 ____D C:\Users\benjay
2015-12-31 13:20 - 2015-06-27 10:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-30 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-19 01:19 - 2011-11-03 07:17 - 00000436 _____ C:\Users\benjay\Desktop\fut.pls
2015-12-17 19:25 - 2015-03-06 00:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-17 19:25 - 2014-10-09 13:13 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-16 23:06 - 2015-06-21 13:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-11 21:25 - 2009-07-14 05:45 - 04846936 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 10:57 - 2011-11-11 02:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 10:56 - 2013-01-03 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 10:54 - 2013-07-23 02:00 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 10:51 - 2012-12-16 23:17 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 04:39 - 2011-11-03 00:42 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 12:34 - 2015-11-30 15:33 - 00000000 ____D C:\Users\benjay\Desktop\Fotos Ordnen

==================== Files in the root of some directories =======

2013-06-12 21:51 - 2013-06-12 21:51 - 0004608 _____ () C:\Users\benjay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-19 21:20 - 2015-09-19 21:20 - 0007605 _____ () C:\Users\benjay\AppData\Local\Resmon.ResmonCfg
2011-12-20 00:21 - 2011-12-20 00:22 - 0000044 ___SH () C:\ProgramData\.zreglib

Some files in TEMP:
====================
C:\Users\benjay\AppData\Local\Temp\avgnt.exe
C:\Users\benjay\AppData\Local\Temp\Quarantine.exe
C:\Users\benjay\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-30 00:28

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

deeprybka · 06.01.2016, 17:39

Laufen ja immer noch zwei Antivirusprogramme....

benjay · 07.01.2016, 10:24

Upps, ja, habe den Scan begonnen, bevor ich Avira runter geschmissen habe. Hier also nochmal die Logs

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-12-2015
Ran by benjay (administrator) on BENJAY-PC (07-01-2016 10:21:20)
Running from C:\Users\benjay\Desktop
Loaded Profiles: benjay (Available Profiles: benjay)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(CMedia) C:\Program Files\UNi Xonar Audio\Customapp\AsusAudioCenter.exe
(NVIDIA Corporation) C:\Users\benjay\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll [2013-05-25] (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{644AFD7F-2BFA-4EAF-9367-910E4890C4A0}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{6577D245-50AD-4FD1-BE32-C7919691D5E1}: [DhcpNameServer] 192.168.179.1
Tcpip\..\Interfaces\{C6522AAA-71CD-4ABC-A830-78F97174AD2A}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-05-06] (DivX, LLC)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-07-11] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-07-11] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901
FF DefaultSearchEngine: LEO Eng-Deu
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Session Restore: -> is enabled.
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1209149.dll [2014-01-29] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Plus Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2013-05-06] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-06-20] (DivX, LLC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-07-11] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-03-13] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1780921663-2346165912-1911888604-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\benjay\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-05-11] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-images.xml [2014-12-30]
FF SearchPlugin: C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\searchplugins\google-maps.xml [2014-12-30]
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-06-03] [not signed]
FF Extension: FoxyProxy Standard - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\foxyproxy@eric.h.jung [2015-05-29]
FF Extension: Flash and Video Download - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2015-12-17]
FF Extension: Ghostery - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\firefox@ghostery.com.xpi [2015-12-14]
FF Extension: Adblock Plus - C:\Users\benjay\AppData\Roaming\Mozilla\Firefox\Profiles\iplifue2.default-1370786723901\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-14]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5

Chrome: 
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-06-23]
CHR Extension: (Google Docs) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-23]
CHR Extension: (Google Drive) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24]
CHR Extension: (YouTube) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Adblock Plus) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-01-05]
CHR Extension: (Google-Suche) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-06-23]
CHR Extension: (Avira Browserschutz) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-12-16]
CHR Extension: (Google Docs Offline) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21]
CHR Extension: (Ghostery) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2015-12-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Mehr Leistung und Videoformate für dein HTML5 <video>) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-06-23]
CHR Extension: (Bitdefender QuickScan) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-11-07]
CHR Extension: (Google Mail) - C:\Users\benjay\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-23]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2013-05-06]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-10-22] (Adobe Systems) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-03-08] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2011-12-20] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2013-01-20] (Echobit, LLC)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-03-08] ()
S3 Maplom; no ImagePath
S3 MaplomL; no ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [450048 2010-03-31] (Realtek Semiconductor Corporation                           )
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2011-12-19] (Duplex Secure Ltd.)
S4 avgntflt; system32\DRIVERS\avgntflt.sys [X]
R4 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-07 10:19 - 2016-01-07 10:19 - 00000000 _____ C:\ProgramData\rebootpending.txt
2016-01-05 14:13 - 2016-01-05 14:13 - 00000000 ____D C:\Users\benjay\Documents\Updater
2016-01-05 12:31 - 2016-01-05 12:31 - 01749504 _____ C:\Users\benjay\Desktop\adwcleaner_5.028.exe
2016-01-05 12:30 - 2016-01-05 12:31 - 02870984 _____ (ESET) C:\Users\benjay\Desktop\esetsmartinstaller_deu.exe
2016-01-04 23:46 - 2016-01-04 23:56 - 00419704 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_23.46.03_log.txt
2016-01-04 15:53 - 2016-01-04 15:58 - 00212772 _____ C:\TDSSKiller.3.1.0.9_04.01.2016_15.53.45_log.txt
2016-01-04 15:52 - 2016-01-04 15:52 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\benjay\Desktop\tdsskiller.exe
2016-01-01 18:54 - 2016-01-01 18:57 - 00000000 ____D C:\Users\benjay\Desktop\handy
2016-01-01 18:53 - 2016-01-01 18:53 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2016-01-01 18:48 - 2016-01-01 18:48 - 00000000 ____D C:\ProgramData\Motorola
2016-01-01 18:47 - 2016-01-01 18:47 - 00000000 ____D C:\Users\benjay\AppData\Roaming\Motorola Mobility
2016-01-01 18:47 - 2016-01-01 18:47 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2016-01-01 18:47 - 2016-01-01 18:47 - 00000000 ____D C:\Program Files (x86)\Motorola Mobility
2016-01-01 18:44 - 2016-01-01 18:44 - 00000000 ____D C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ClockworkMod
2016-01-01 18:44 - 2016-01-01 18:44 - 00000000 ____D C:\Users\benjay\.android
2016-01-01 18:44 - 2016-01-01 18:44 - 00000000 ____D C:\Program Files (x86)\ClockworkMod
2016-01-01 18:43 - 2016-01-01 18:44 - 18114048 _____ C:\Users\benjay\Desktop\CarbonSetup.msi
2016-01-01 18:36 - 2016-01-02 12:44 - 00000000 ____D C:\Program Files (x86)\Motorola
2016-01-01 18:36 - 2016-01-01 18:47 - 00000000 ____D C:\Temp
2016-01-01 18:36 - 2016-01-01 18:36 - 00000000 ____D C:\Users\benjay\AppData\Roaming\Motorola
2016-01-01 18:36 - 2016-01-01 18:36 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared
2015-12-31 13:23 - 2015-12-31 13:23 - 00055222 _____ C:\Users\benjay\Desktop\Avira.txt
2015-12-31 13:22 - 2015-12-31 13:22 - 00001054 _____ C:\Users\benjay\Desktop\Malware.txt
2015-12-31 13:20 - 2016-01-05 23:54 - 00055811 _____ C:\Users\benjay\Desktop\Addition.txt
2015-12-31 13:19 - 2016-01-07 10:21 - 00019780 _____ C:\Users\benjay\Desktop\FRST.txt
2015-12-31 13:19 - 2016-01-07 10:21 - 00000000 ____D C:\FRST
2015-12-31 13:19 - 2015-12-31 13:19 - 02370560 _____ (Farbar) C:\Users\benjay\Desktop\FRST64.exe
2015-12-31 13:05 - 2015-12-31 13:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-12-17 19:50 - 2015-12-17 19:50 - 00000000 ____D C:\Users\benjay\Desktop\freenet Mail
2015-12-14 02:57 - 2015-12-17 20:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-09 10:26 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-09 10:26 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-09 10:26 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-09 10:26 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-09 10:26 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-09 10:26 - 2015-11-11 22:12 - 00387792 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 21:52 - 00341192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 01735680 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:53 - 00525312 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 01242624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2015-12-09 10:26 - 2015-11-11 19:39 - 00487936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2015-12-09 10:26 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-12-09 10:26 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-12-09 10:26 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-12-09 10:26 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-12-09 10:26 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-12-09 10:26 - 2015-11-11 15:57 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-12-09 10:26 - 2015-11-10 19:55 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2015-12-09 10:26 - 2015-11-10 19:39 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-12-09 10:26 - 2015-11-10 19:37 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2015-12-09 10:26 - 2015-11-10 18:47 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-12-09 10:26 - 2015-11-10 01:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-12-09 10:26 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-12-09 10:26 - 2015-11-10 01:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-12-09 10:26 - 2015-11-10 01:12 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-12-09 10:26 - 2015-11-10 01:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-12-09 10:26 - 2015-11-10 01:06 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-12-09 10:26 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-12-09 10:26 - 2015-11-10 01:03 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-12-09 10:26 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-12-09 10:26 - 2015-11-10 01:02 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-12-09 10:26 - 2015-11-10 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-10 00:47 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-12-09 10:26 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-12-09 10:26 - 2015-11-10 00:44 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-12-09 10:26 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-12-09 10:26 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-12-09 10:26 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-12-09 10:26 - 2015-11-10 00:35 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-12-09 10:26 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-12-09 10:26 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-12-09 10:26 - 2015-11-08 23:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-12-09 10:26 - 2015-11-08 23:32 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-12-09 10:26 - 2015-11-08 23:16 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-12-09 10:26 - 2015-11-08 23:15 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-12-09 10:26 - 2015-11-08 23:15 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-12-09 10:26 - 2015-11-08 23:14 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-12-09 10:26 - 2015-11-08 23:07 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-12-09 10:26 - 2015-11-08 23:06 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-12-09 10:26 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-12-09 10:26 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-12-09 10:26 - 2015-11-08 23:01 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-12-09 10:26 - 2015-11-08 23:01 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-12-09 10:26 - 2015-11-08 22:52 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-12-09 10:26 - 2015-11-08 22:48 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-12-09 10:26 - 2015-11-08 22:40 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-12-09 10:26 - 2015-11-08 22:35 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-12-09 10:26 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-12-09 10:26 - 2015-11-08 22:29 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-12-09 10:26 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-12-09 10:26 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-12-09 10:26 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-12-09 10:26 - 2015-11-08 22:14 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-12-09 10:26 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-12-09 10:26 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-12-09 10:26 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-12-09 10:26 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-12-09 10:26 - 2015-11-05 20:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\wshrm.dll
2015-12-09 10:26 - 2015-11-05 20:02 - 00014848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshrm.dll
2015-12-09 10:26 - 2015-11-05 10:53 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys
2015-12-09 10:26 - 2015-11-03 20:04 - 00802304 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2015-12-09 10:26 - 2015-11-03 19:56 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2015-12-09 10:25 - 2015-11-03 20:04 - 00241664 _____ (Microsoft Corporation) C:\Windows\system32\els.dll
2015-12-09 10:25 - 2015-11-03 19:55 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\els.dll
2015-12-08 11:35 - 2015-12-08 11:35 - 00001083 _____ C:\Users\Public\Desktop\PDF24 Creator.lnk
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Users\benjay\AppData\Local\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2015-12-08 11:35 - 2015-12-08 11:35 - 00000000 ____D C:\Program Files (x86)\PDF24
2015-12-08 11:23 - 2015-12-08 12:01 - 00000000 ____D C:\Users\benjay\Desktop\Weinheim

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-07 10:20 - 2014-10-09 13:13 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-07 10:20 - 2012-10-28 13:23 - 00000000 ____D C:\ProgramData\Avira
2016-01-07 10:20 - 2012-10-28 13:23 - 00000000 ____D C:\Program Files (x86)\Avira
2016-01-07 10:18 - 2015-06-21 13:28 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-07 10:18 - 2015-01-26 22:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-07 10:18 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-01-06 12:06 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-01-06 12:06 - 2009-07-14 05:45 - 00014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-01-06 12:02 - 2015-06-21 13:28 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-06 12:00 - 2009-07-14 06:13 - 00781790 _____ C:\Windows\system32\PerfStringBackup.INI
2016-01-06 12:00 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2016-01-06 02:49 - 2012-11-12 12:00 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-01-06 01:52 - 2011-11-03 07:17 - 00000524 _____ C:\Users\benjay\Desktop\fut.pls
2016-01-05 23:54 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2016-01-05 22:59 - 2015-03-31 17:11 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-05 12:34 - 2013-10-20 18:34 - 00000000 ____D C:\AdwCleaner
2016-01-02 18:49 - 2012-11-12 12:00 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-01-02 18:49 - 2012-06-22 06:28 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-01-02 18:49 - 2011-11-03 00:46 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-02 01:49 - 2015-11-14 12:37 - 00010156 _____ C:\Users\benjay\Desktop\Bewerbungsstand.xlsx
2016-01-01 18:47 - 2011-11-03 00:39 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-01-01 18:44 - 2011-11-03 00:20 - 00000000 ____D C:\Users\benjay
2015-12-31 13:20 - 2015-06-27 10:30 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-30 00:35 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-16 23:06 - 2015-06-21 13:29 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-11 21:25 - 2009-07-14 05:45 - 04846936 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-09 10:57 - 2011-11-11 02:20 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 10:56 - 2013-01-03 20:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-12-09 10:55 - 2013-01-03 20:46 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-12-09 10:54 - 2013-07-23 02:00 - 00000000 ____D C:\Windows\system32\MRT
2015-12-09 10:51 - 2012-12-16 23:17 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-12-09 04:39 - 2011-11-03 00:42 - 00301728 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-12-08 12:34 - 2015-11-30 15:33 - 00000000 ____D C:\Users\benjay\Desktop\Fotos Ordnen

==================== Files in the root of some directories =======

2013-06-12 21:51 - 2013-06-12 21:51 - 0004608 _____ () C:\Users\benjay\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-19 21:20 - 2015-09-19 21:20 - 0007605 _____ () C:\Users\benjay\AppData\Local\Resmon.ResmonCfg
2011-12-20 00:21 - 2011-12-20 00:22 - 0000044 ___SH () C:\ProgramData\.zreglib
2016-01-07 10:19 - 2016-01-07 10:19 - 0000000 _____ () C:\ProgramData\rebootpending.txt

Some files in TEMP:
====================
C:\Users\benjay\AppData\Local\Temp\avgnt.exe
C:\Users\benjay\AppData\Local\Temp\Quarantine.exe
C:\Users\benjay\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-12-30 00:28

==================== End of FRST.txt ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

[CODE]Additional
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:31-12-2015
Ran by benjay (2016-01-07 10:21:44)
Running from C:\Users\benjay\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-11-02 23:20:18)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1780921663-2346165912-1911888604-500 - Administrator - Disabled)
benjay (S-1-5-21-1780921663-2346165912-1911888604-1000 - Administrator - Enabled) => C:\Users\benjay
Guest (S-1-5-21-1780921663-2346165912-1911888604-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1780921663-2346165912-1911888604-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.0.6 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.270 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock (HKLM-x32\...\{E280923D-C5D9-4728-8C79-AC9A0DC75875}) (Version: 2.5.0000 - 2K Games)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.1.0236 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.44 - DivX, LLC)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Dropbox (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\Dropbox) (Version: 2.0.22 - Dropbox, Inc.)
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 3.7.143.923 - Foxit Software Inc.)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.1.5.425 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version:  - Arobas Music)
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.50.1172 - Intel Corporation)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.650 - Oracle)
Live Update 5 (HKLM-x32\...\{36F6E986-D2D1-403C-8BD3-D95EF7BC705D}}_is1) (Version: 5.0.109 - MSI)
Logitech Webcam Software Driver Package (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Media Player Classic - Home Cinema v1.5.2.3456 x64 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
MotoHelper MergeModules (x32 Version: 1.2.0 - Motorola) Hidden
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.0 - Mozilla)
Mozilla Thunderbird 38.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.5.0 (x86 de)) (Version: 38.5.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oblivion - Knights of the Nine (HKLM-x32\...\{14C87AA7-08E6-419F-A165-998EBE5023D7}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Mehrunes Razor (HKLM-x32\...\{EF295F5C-7B57-47AA-8889-6B3E8E214E89}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Vile Lair (HKLM-x32\...\{520F4B09-3A51-47A2-82B0-9FF1DC2D20FA}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion - Wizard's Tower (HKLM-x32\...\{2F2E3D62-8B8C-448F-8900-451325E50948}) (Version: 1.00.0000 - Bethesda Softworks)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF24 Creator 7.4.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden
ScummVM 1.7.0 (HKLM-x32\...\ScummVM_is1) (Version:  - The ScummVM Team)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TL-WN822N/TL-WN821N Driver (HKLM-x32\...\{62FE0726-9652-4CD2-9F09-C769D8699C21}) (Version: 1.0.0 - TP-LINK)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Unity Web Player (HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.62  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1780921663-2346165912-1911888604-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\benjay\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll (Dropbox, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {12A21D38-E243-472B-AAAA-3D54F9FBBDB2} - System32\Tasks\{4DC7E083-C052-4F68-BE68-C0013673421C} => K:\INSTALL.EXE
Task: {12CF6B43-1715-4AD4-8844-D99D053BDA4D} - System32\Tasks\AdobeAAMUpdater-1.0-benjay-PC-benjay => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {2061113B-6101-49F1-ABE2-1CEA0E410B3E} - System32\Tasks\{BC482785-3E2F-40AC-AE4F-E1E7E50637BE} => J:\install.exe
Task: {2A569622-B446-4CD3-BA2D-62278738BB0B} - System32\Tasks\{5A684C7D-9519-4705-9E1B-FB11053117DA} => C:\Program Files (x86)\Atari\Desperados 2\Desperados2.exe
Task: {352485ED-ED40-4E44-AAF0-DBE87CE6C833} - System32\Tasks\{FFA36975-C895-4B07-A20F-D60C14C1A3BE} => K:\INSTALL.EXE
Task: {39BA6308-1331-4544-8C6B-A8544F2BA9CE} - System32\Tasks\{23BC10D8-8D1F-424E-97BC-F07142F25C5D} => J:\install.exe
Task: {3AEDCEF3-24CF-466C-B436-163BB6C95447} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {3B7DEA0C-ABF1-4508-A9BF-0023A8E8D300} - System32\Tasks\{AA4FE6BD-B397-4668-93EB-D03E71BEFBE7} => J:\install.exe
Task: {4080960D-B993-4F5F-807C-3EEDB0105985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-02] (Adobe Systems Incorporated)
Task: {5A40E926-9E86-4B89-9CFD-B12311724371} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {62AD0709-1C33-4F4C-AB53-0E6938FC4BF9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-06-21] (Google Inc.)
Task: {AD9FA85A-80BE-446A-9F5B-9B0CD2319E91} - System32\Tasks\{A8C03F36-13A2-4E4D-A512-9049A27573F6} => K:\INSTALL.EXE
Task: {BA7B668C-54F5-4D08-ADC1-828418329C1B} - System32\Tasks\{E99F55D7-FAE6-4D3D-A89C-0303810AEFB9} => K:\INSTALL.EXE
Task: {C434A2B8-A478-4876-9FCA-A7E2894D5CD2} - System32\Tasks\{FDCAB79B-0C3E-4704-A7A1-B6993F219C05} => J:\install.exe
Task: {CC562DC9-AE0C-4B9F-8B34-7756FC87EF84} - System32\Tasks\{1590464B-1892-4A4D-9F97-B5EF5826FE1A} => pcalua.exe -a K:\German\setup.exe -d K:\German
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => start sppsvc
Task: {DDBAD45E-4BAB-43D8-80E5-F41B86E6AD12} - System32\Tasks\{4105F22C-5814-41DE-9DA1-A44D7F7FAE34} => K:\INSTALL.EXE
Task: {FD6CCED3-2124-480C-B09F-78613D428D81} - System32\Tasks\{3A9ED561-51AE-4442-85B8-84CD49F4E3C0} => J:\install.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2015-01-26 22:30 - 2015-03-13 17:16 - 00118472 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-08 22:29 - 2008-07-11 14:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2015-06-08 22:29 - 2008-07-11 14:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2015-12-16 23:05 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:05 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-05-27 23:26 - 2015-05-23 02:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-06-08 22:29 - 2012-06-06 08:56 - 00143360 ____N () C:\Program Files\UNi Xonar Audio\Customapp\VmixP8.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:8CE646EE

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2013-10-20 17:45 - 00000027 ___RA C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1780921663-2346165912-1911888604-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\benjay\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma.lnk => C:\Windows\pss\Adobe Gamma.lnk.Startup
MSCONFIG\startupfolder: C:^Users^benjay^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: EvolveClient => "C:\Program Files\Echobit\Evolve\EvolveClient.exe" -autorun
MSCONFIG\startupreg: Live Update 5 => C:\Program Files (x86)\MSI\Live Update 5\BootStartLiveupdate.exe /reminder
MSCONFIG\startupreg: PDFPrint => "C:\Program Files (x86)\PDF24\pdf24.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{0F6DFCC7-4D47-4924-B569-5C5755C48973}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{C295E058-2FA5-4B68-B678-B16B8BB29D1F}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{1A5CD637-824E-4DAA-8FF9-FFC9AD8826BA}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{809A0247-19A7-4B5A-BE62-900769916E8D}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [{39F87BDE-E5BB-47EA-A5C3-2CB3E387721F}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{BB5F0DD7-35EF-441F-982C-56FD6A010B83}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{1238E446-DAD4-45FF-A2E0-9D676E7788CE}] => (Allow) C:\Users\benjay\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{1FBE5297-64A6-4534-AA37-EB5B0C54038C}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{9B9C20B5-40F5-4A1C-997B-2035E72156A5}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [{01A0A08D-C688-406A-A0C3-59D069B7172F}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{D0B543E3-5689-4079-B35C-05DB03942B43}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{6C182283-B207-4B36-A722-58F64512C243}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{3B9D77E6-DC50-4777-8829-3B978F3AABAA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.515\Agent.exe
FirewallRules: [{C0608C4A-07E6-4384-9553-78C9A244D0A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{8456CCC6-30AF-4E97-88EA-7D8E57F0C563}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.649\Agent.exe
FirewallRules: [{66B8F3C1-E30B-4B64-9AB9-EDB29BFF6078}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [{E9DF8FEF-C65E-42AA-BE51-39786C617FB6}] => (Allow) C:\Program Files (x86)\Diablo III Beta\Diablo III.exe
FirewallRules: [TCP Query User{6AF58584-35A9-4C58-B40A-DABC2154EEF6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [UDP Query User{CD55E8A7-8561-4AB2-A3BA-7FFFDC2854C6}C:\programdata\battle.net\agent\agent.749\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.749\agent.exe
FirewallRules: [TCP Query User{E71EDC47-AE54-47AA-8311-204B3F25EF4E}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [UDP Query User{F9996362-C16A-4FD9-A405-BCF88D3BF7CD}C:\programdata\battle.net\agent\agent.954\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.954\agent.exe
FirewallRules: [TCP Query User{80B1205D-75D4-4EBF-B7E2-59707ACB7B0F}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{AFE46DA5-5B41-4CB8-9A47-9AAE330D54E7}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{D0FC0044-A78A-4293-8AB4-EA58B6EB8F94}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [UDP Query User{5ACE821D-1517-4FFF-92D8-AF1377A98D81}C:\programdata\battle.net\agent\agent.976\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.976\agent.exe
FirewallRules: [TCP Query User{90E609CA-1A7D-4AF3-92DD-C89A8E464238}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [UDP Query User{95AFA473-F5E1-4FE7-8CC4-265843ADBDB5}C:\programdata\battle.net\agent\agent.998\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.998\agent.exe
FirewallRules: [TCP Query User{83766DDC-ACAD-429D-B16C-315454178B3A}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [UDP Query User{EF9D19CD-EABF-4582-9426-5C45B8434839}C:\programdata\battle.net\agent\agent.1040\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.1040\agent.exe
FirewallRules: [{3BEC5EC9-9E50-40EC-940C-342EC5A29B4B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{FB57C8AE-661F-46B0-B20C-5850B5A1A027}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1199\Agent.exe
FirewallRules: [{9B135F9A-03BB-44C3-A51B-53530255836E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{4036EAF4-0CB2-49E3-9ACE-1460C956D632}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1225\Agent.exe
FirewallRules: [{F1A66AE7-9472-41FF-A70A-DCB8333463BE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{35C95002-4008-4D01-A4B4-662A70DB443C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1267\Agent.exe
FirewallRules: [{5C65D816-2D0B-4BDD-BAD3-EDA0A5A6E325}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{A07F7F2F-7189-4680-9E3C-B6F8A8610233}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1363\Agent.exe
FirewallRules: [{9FAF5BF7-6579-46CC-AD87-7A2AB1EA98C3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{DC49891D-A36F-4179-A1EF-A18444CE7FDF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{D1C8E81E-DC8A-4B5C-84F3-5FC7019D889A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{6067107C-A2FE-4D23-9B6E-89D19884809F}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Allow) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [{0B9B4838-1C2E-4E12-B2FC-6AD1A2761A98}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{9448DCCF-D1A1-434C-95D2-D1C4A7DA101F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [TCP Query User{A61D4624-AA40-4850-B410-6726ED199DFB}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{28FBB594-EF61-4A1E-A8A7-39BEB7AE8528}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{8E277956-A6AC-4602-96FE-6E59A1BF8F6A}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{657707A6-368C-4A83-A8F7-31009B949C6C}C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe] => (Block) C:\program files (x86)\2k games\gearbox software\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{301A99A4-2A0C-42C4-B85C-929FA3DC578A}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{21E65557-DFDD-4924-85E2-392A8D5AF82C}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [TCP Query User{59727D75-5F3B-4B99-8AB6-EFB80CE6E454}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [UDP Query User{B7AA76D9-3D59-4799-A7E2-354D4375DB70}C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv_dx11.exe
FirewallRules: [{C6BAC3BA-0D22-4049-A7FE-BB103C34A86E}] => (Allow) C:\Program Files\Echobit\Evolve\EvoSvc.exe
FirewallRules: [{85D1E51E-B08E-4069-AF44-3FCE52AD05CC}] => (Allow) C:\Program Files\Echobit\Evolve\EvolveClient.exe
FirewallRules: [TCP Query User{E9EA77EC-002A-4C4E-8E58-249E9A51DC1D}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [UDP Query User{3584F9BD-8B3F-4146-8DF2-2D2D42189E64}C:\program files (x86)\sid meier's civilization v\civilizationv.exe] => (Allow) C:\program files (x86)\sid meier's civilization v\civilizationv.exe
FirewallRules: [{0FE34B5D-2679-4043-9C2E-351E36961F0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{4D832D93-9917-4763-834D-916AD6E8A2CC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1637\Agent.exe
FirewallRules: [{16F224C7-0D96-4C95-AE8F-3851E1D403A1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{87D35EAE-E971-4486-A17F-621552028416}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{1360E61F-2488-4D29-8AB8-E2D746ADCF02}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [{17A605CE-48BE-42D0-9DFA-78A8C86E90C9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1737\Agent.exe
FirewallRules: [TCP Query User{A5993935-A1A8-4C9A-B58D-F62858C74B7D}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [UDP Query User{B1280C40-46B6-43E0-9207-1D7B761D4681}C:\program files (x86)\ea sports\fifa 11\game\fifa.exe] => (Block) C:\program files (x86)\ea sports\fifa 11\game\fifa.exe
FirewallRules: [{8FA81560-293C-4A58-9B62-D196921D8673}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [{E767DB21-500B-4EF0-8E09-C8BD8D1FD97A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2045\Agent.exe
FirewallRules: [TCP Query User{B5215464-8812-4390-9713-B0095039EC2E}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{B9E11CB2-7A3D-480A-A687-A8CC622B7544}C:\program files (x86)\winamp\winamp.exe] => (Block) C:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{055BA207-12A0-485B-8716-DE81F204FFE1}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [UDP Query User{2E7329A4-9B19-4505-BD94-FC97BB794378}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe
FirewallRules: [TCP Query User{709E6C82-5293-46EB-A680-79439667ECD3}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{7FC58348-EA2D-4B93-97F5-1FCC28A13098}C:\program files (x86)\internet explorer\iexplore.exe] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{3EA5B687-CB70-4B38-8EDB-DA92D5DEA03E}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E4CE38B1-67C6-48BE-AEB0-43741A5DB61A}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{3CEA719B-59CA-47A3-A128-EA38F6203767}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{ED046DE6-8593-4ACB-88AB-12FE9DADCE5E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{50F22C28-A275-49F5-8FFB-4FC705790566}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1CF30EEA-5266-4843-842E-A5848F3B3A8C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{2071ED9D-CDA3-4AE0-AB99-589D0063C1A3}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [UDP Query User{4AD09943-4E0B-4B4C-BE6F-8BEC47558360}H:\images\warcraft iii\war3.exe] => (Block) H:\images\warcraft iii\war3.exe
FirewallRules: [{E0C67E8B-538C-4C58-9B8D-E9A136C6561A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{089ABDF0-6301-454A-9E00-D13741DD5F78}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2689\Agent.exe
FirewallRules: [{A62C35D7-1438-4E07-A376-9045403121FB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CF93EF37-7C0C-4FBE-9E76-1DB4ECD36BE4}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{258D4E68-9F48-4A3D-99FF-4B8A893327FC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{3CA64B4F-3945-45D9-B296-59A57D7668DE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{CA7BFC79-27B7-4FD4-8D55-A3D36F815288}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{2E631837-A925-4599-898C-62EDE02384B7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [TCP Query User{3D05B55B-499A-43EA-AC1B-DC84C070E646}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [UDP Query User{BEBCDCC8-3A54-4488-888A-CC1124C73A24}C:\programdata\battle.net\agent\agent.beta.2753\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.beta.2753\agent.exe
FirewallRules: [{2525FEB5-4C76-4820-9E01-EEEE099226AF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{738646F5-B9CD-48CC-8481-E5F32FE03D8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2787\Agent.exe
FirewallRules: [{6BF1BE8E-9965-4F07-8A7F-098D1FA07692}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{C000DB22-758D-4972-8ACE-D6846D0EBEBC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{E08FA131-8EE3-4BC3-B230-A993E75926BB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{7F43164F-A3E3-4828-A84D-3860D76E119D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{E80D329B-C554-44EC-9AF2-6642CCEFFFF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{DC37F596-A736-4BC2-9EDD-7A571139BEB2}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{6315E9FB-005B-451B-9465-45F90B02F124}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CE581422-A7C9-4DD0-AEC7-A132E5ACA086}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{839CDCCA-5215-4C87-8F03-77F1DB5FC8CE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BF82BF46-B9F3-4496-AF19-515B13C00AF3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{CE821BED-65FA-40E8-8B5C-9F0090F25DC4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{0BA6424E-E16B-4462-BBC8-ABDDEF8AC93A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{3855BB20-4D88-4158-9639-EEF44C206138}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{D9063798-C745-454E-8603-0A6D57671F75}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{88712BB0-D5F5-4DE7-AE51-04E1A168B205}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{1ED02756-ED68-4E0C-A669-008DD26E65D1}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3668\Agent.exe
FirewallRules: [{281651BA-1176-4C05-A603-035167472F7F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{42FF3278-2FD6-44B7-B0BD-B92F2B56992C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{53F137EF-F8F1-45EA-AA2B-4E646B5E6691}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D0FEAEA8-BF35-409E-838E-13FF2748490C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{D58C92BB-93AB-4929-9097-D46A5915577E}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{33CA1E79-5DDC-4344-BE83-402446E0E1A5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{55230E58-E582-4278-B295-9881D7A259EC}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{AD73000A-66E6-476A-B801-93276BB049C2}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{ED4B1177-E3C3-46F4-8D53-D0E5280FAE47}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8C48C058-1ED7-491B-B109-1A2763612EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{34C1140C-BC6D-4169-A56A-197A4E6DF4B3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7C41BEBA-7DCE-4F11-AAFB-191E2BD9696A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4F2971CB-2AF3-4BA1-BF92-397547B2BC36}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{DB683BEC-4583-40F1-ADB1-1639A8E4C0F8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{50A20A17-A0F4-4551-9288-7C0FC6774E58}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{77ACD185-CEBC-4E21-B547-B9D1952775A6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{2A7955DA-B167-4725-914E-871EE27C98FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7CEEB1ED-31CC-47CC-A481-7F3A0B46A7DE}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{9D2A75DE-90DE-4B23-A49F-A024821864BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F44820B3-9FB0-466D-8D5D-C6C1AD7EEEBB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{31F0C286-4B92-4A29-AC2A-1F34C2F53DE8}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [UDP Query User{9E8CF545-129E-471D-B4B4-1E2F56C06C1D}H:\unrealtournament\system\unrealtournament.exe] => (Block) H:\unrealtournament\system\unrealtournament.exe
FirewallRules: [{4A64229C-E342-4F29-A41D-563CEBC24A7D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{DC1AF2C8-DEC4-4329-AAC2-02E64FEFF89C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [TCP Query User{EC78C749-D555-4833-9C3F-FE2B3BC1039B}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [UDP Query User{3C686866-55BA-45BD-A161-9E4934ECCAFE}C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\fallout 4\fallout4.exe
FirewallRules: [{767C01C4-A9A7-43A4-8B4F-4819E2F57C62}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-01-2016 21:01:23 Windows Update
04-01-2016 16:02:06 Windows Backup
06-01-2016 12:07:18 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/05/2016 10:52:46 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 07:39:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:37:32 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:37:17 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:37:15 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:36:08 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/05/2016 12:31:00 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.

Error: (01/01/2016 06:56:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program explorer.exe version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1824

Start Time: 01d144bd9358e5e9

Termination Time: 10

Application Path: C:\Windows\explorer.exe

Report Id: 03ac3f30-b0b1-11e5-be53-6c626d3f3cac

Error: (01/01/2016 06:55:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17514 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 89c

Start Time: 01d144b238c1fb6e

Termination Time: 12

Application Path: C:\Windows\Explorer.EXE

Report Id: cfccd4cf-b0b0-11e5-be53-6c626d3f3cac

Error: (01/01/2016 05:33:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Fallout4.exe version 1.2.37.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: d2c

Start Time: 01d144b2050d36a7

Termination Time: 186

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Fallout 4\Fallout4.exe

Report Id:


System errors:
=============
Error: (01/07/2016 10:18:06 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (01/06/2016 11:57:45 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Avira Email-Schutz service terminated with service-specific error %%1.

Error: (01/06/2016 11:57:45 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Avira Email-Schutz service hung on starting.

Error: (01/06/2016 11:57:45 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: Service 'WMPNetworkSvc' did not start correctly because CoCreateInstance(CLSID_UPnPDeviceFinder) encountered error '0x80004005'. Verify that the UPnPHost service is running and that the UPnPHost component of Windows is installed properly.

Error: (01/05/2016 12:40:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:40:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/05/2016 12:40:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:40:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

Error: (01/05/2016 12:40:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The eapihdrv service failed to start due to the following error: 
%%1275

Error: (01/05/2016 12:40:49 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\benjay\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


CodeIntegrity:
===================================
  Date: 2013-10-20 18:45:44.901
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-10-20 18:45:44.848
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 49%
Total physical RAM: 8173.57 MB
Available physical RAM: 4143.89 MB
Total Virtual: 16345.36 MB
Available Virtual: 12274.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:5.33 GB) NTFS
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (Elements) (Fixed) (Total:465.75 GB) (Free:48.33 GB) NTFS
Drive g: () (Fixed) (Total:99.51 GB) (Free:71.44 GB) NTFS
Drive h: (Games) (Fixed) (Total:244.14 GB) (Free:92.53 GB) NTFS
Drive i: (Musik und Filme) (Fixed) (Total:587.76 GB) (Free:101.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 786EE9E8)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 61BCEE7D)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=587.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: 946FF2BA)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Eine Rückfrage habe ich noch; Du tippst ja auf Spoofing/Online Hack, Spoofing würde aber ja nicht erklären, wie Adressen, die irgendwo in meinem Konto zu finden sind, gespammt werden, oder? Zudem ist ja zuerst das freenet- und nachdem ich dieses deaktiviert habe, das gMail Konto betroffen. Anscheinend vom selben Angreifer (wegen der identischen Nachricht). Das macht auch einen Online Hack etwas unwahrscheinlicher, oder?

deeprybka · 11.01.2016, 12:59

Wenn sich jemand mit einem anderen Gerät oder von einem anderen Ort in gmail einloggt, bekommt man eine Benachrichtigung. Auch kann man die Logins im Konto anschauen.
Auf dem PC sehe ich keine Malware.

Das installierte Java bitte deinstallieren.

Wir haben es geschafft!

Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...

und/oder das Forum mit einer kleinen Spende unterstützen.

Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.

Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte

DelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken (z.B. hier) in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:

NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie

.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

04.01.2016, 22:45	#5
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Ich verschicke Spam Ach wenn sich am Resultat nicht viel ändern wird, bitte Scan so durchführen wie in der Anleitung beschrieben ist. __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

06.01.2016, 17:39	#13
deeprybka /// TB-Ausbilder /// Anleitungs-Guru	Ich verschicke Spam Laufen ja immer noch zwei Antivirusprogramme.... __________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Ich verschicke Spam

Plagegeister aller Art und deren Bekämpfung: Ich verschicke Spam