Virus, Trojaner, irgendwas habe ich ja

Azzuros · 09.06.2014, 20:37

Seid mir gegrüßt!

Ich schaue ja manchmal filme auf gewissen seiten an und seit einiger Zeit ist mir aufgefallen:

1. mein hotmail.com account sagte mir, es wurde versucht von irgendwo einzuloggen.

2. pw geändert

3. nach ein paar tagen dann war ich mal afk und dann fiel mir auf das plötzlich mein pc sich von selbst gesteuert hat.. zwar ganz langsam, aber er hats gemacht.. er hat soviel ich gesehn hab so dateien am desktop erstellt und geöffnet und irgendwas rein geschrieben.. so ne art tool war das. habs dann sofort gelöscht dieses "tool"

4. nach einer woche schreibt mir jemand, das ICH versucht habe mit ferngesteuert auf seinem pc in meinem Email Account einzuloggen???

was is das fürn zeug und wie werd ichs los?

patrick

Hier noch der Hijacks Log:

Code:

ATTFilter

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:30:00, on 09.06.2014
Platform: Windows 7  (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\Thunder Master\THPanel.exe
C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\dlprotect.exe
C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE
C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
E:\Games\Battle.net\Battle.net.4656\Battle.net.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Shorty\Downloads\HiJackThis204 (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: CrossriderApp0052916 - {11111111-1111-1111-1111-110511291116} - C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-bho.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll
O4 - HKLM\..\Run: [RoccatKonePure] "C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE"
O4 - HKLM\..\Run: [RoccatIsku] "C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
O4 - HKLM\..\Run: [Download Protect] C:\ProgramData\dlprotect.exe
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKCU\..\Run: [THPanel] "C:\Program Files (x86)\Thunder Master\THPanel.exe" /A
O4 - HKCU\..\Run: [BitTorrent] "C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
O4 - HKCU\..\Run: [MyComGames] "C:\Users\Shorty\AppData\Local\MyComGames\MyComGames.exe" -autostart
O4 - HKCU\..\Run: [Java] C:\Users\Shorty\AppData\Roaming\Launcherr.exe
O4 - Global Startup: CodecPackUpdateChecker.lnk = C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: c:\windows\syswow64\nvinit.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Download Protect Service (DlProtectSvc) - Unknown owner - C:\Windows\System32\DlProtectSvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: globalUpdate Update Service (globalUpdate) (globalUpdate) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: globalUpdate Update Service (globalUpdatem) (globalUpdatem) - globalUpdate - C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe
O23 - Service: LogMeIn Hamachi Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Modules Remotezugriff-IPv6-ARP-Treiber (Netplwi{) - Unknown owner - C:\Windows\system32\wkscli64.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Intel(R) Extreme Tuning Utility Service (XTU3SERVICE) - Intel Corporation - C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe

--
End of file - 10923 bytes

Farbar tool:

addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2014 03
Ran by Shorty at 2014-06-09 21:51:46
Running from C:\Users\Shorty\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

.NET Reflector Desktop (HKLM-x32\...\{60EDFDF5-224E-4CB3-8BE8-55A6D852C0A8}) (Version: 8.3.3.115 - Red Gate Software Ltd)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Allods Online DE (HKCU\...\Allods Online DE) (Version: 1.15 - My.com B.V.)
Among the sleep (HKLM-x32\...\Among the sleep_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Anna - Extended Edition (HKLM-x32\...\Steam App 217690) (Version:  - Dreampainters)
ASRock eXtreme Tuner v0.1.248 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Beat Hazard 1.3s (HKLM-x32\...\{6B76A0FE-4D7F-4BCE-8BD1-D61CAB936D40}_is1) (Version:  - Cold Beam Games)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.1.30889 - BitTorrent Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Charles 3.8.3 (HKLM\...\{5CE7E4F6-039B-4A30-9F0E-A0FF90F1A018}) (Version: 3.8.3.3 - XK72 Ltd)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
CPUID CPU-Z 1.67.1 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Beta (HKLM-x32\...\Diablo III Beta) (Version:  - Blizzard Entertainment)
Download Protect (HKCU\...\{132401a7-2006-4342-b43c-ccf5f02c2b01}) (Version:  - Download Protect)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 2.0.1315.20 - Infernum Productions AG)
Dwarfs F2P (HKLM-x32\...\Steam App 213650) (Version:  - Power of 2)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
Forge Quest 1.0 (HKLM-x32\...\Forge Quest 1.0) (Version: 1.0 - Cat-A-Cat)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
GIGABYTE OC_GURU II (HKLM-x32\...\InstallShield_{5588D686-D23B-4C9D-BDFA-2A7875CD3722}) (Version: 1.61.0000 - GIGABYTE Technology Co.,Ltd.)
GIGABYTE OC_GURU II (x32 Version: 1.61.0000 - GIGABYTE Technology Co.,Ltd.) Hidden
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.0 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Intel Extreme Tuning Utility (HKLM-x32\...\{162FB65C-7E55-4962-84A9-5E69C4D85C73}) (Version: 3.0.38.5 - Intel Corporation)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2761 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.2.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kingdom Rush (HKLM-x32\...\S2luZ2RvbVJ1c2g=_is1) (Version: 1 - )
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.193 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.193 - LogMeIn, Inc.) Hidden
ManyCam 4.0.78 (HKLM-x32\...\ManyCam) (Version: 4.0.78 - Visicom Media Inc.)
Media Player Codec Pack 4.3.1 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.3.1 - Media Player Codec Pack) <==== ATTENTION
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Extended DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50861 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC (Version: 4.5.50861 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 6.0 Enterprise Edition (HKLM-x32\...\Visual Studio 6.0 Enterprise Edition) (Version:  - )
Microsoft VM for Java (HKLM-x32\...\MsJavaVM) (Version:  - )
Microsoft Web Publishing Wizard 1.53 (HKLM-x32\...\WebPost) (Version:  - )
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
My.Com GAMES (HKCU\...\MyComGames) (Version: 2.17 - BENSTAR LIMITED)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.6 - Black Tree Gaming)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA APEX(1.2.3) PhysX(3.2) Lab(64bit) (HKLM-x32\...\NVIDIA APEX(1.2.3) PhysX(3.2) Lab(64bit)) (Version: 1.1.102.1(Beta) - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Update 12.4.67 (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 12.4.67 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
Outlast: Whistleblower (HKLM-x32\...\T3V0bGFzdFdoaXN0bGVibG93ZXI=_is1) (Version: 1 - )
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
PlusSHD-9.9 (HKLM-x32\...\PlusSHD-9.9) (Version: 1.34.5.22 - PlusSHDC)
POSTAL 2 (HKLM-x32\...\Steam App 223470) (Version:  - Running With Scissors)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6482 - Realtek Semiconductor Corp.)
ROCCAT Isku Keyboard Driver (HKLM-x32\...\{4ABAF918-A6BD-43D8-AE0B-5292034B14CB}) (Version:  - Roccat GmbH)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Roccat Talk (HKLM-x32\...\{605D671E-1D1E-4840-84D9-BFACE17F160D}) (Version: 1.00.0002 - Roccat GmbH)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Sacred 2 Gold Edition (HKLM-x32\...\Sacred 2 Gold Edition_is1) (Version:  - )
SearchMe Toolbar v9.3 (HKLM-x32\...\{2711C4F6-0B26-4C38-A615-664331CAD807}) (Version: 9.3 - Spigot, Inc.) <==== ATTENTION
SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stronghold HD (HKLM-x32\...\Steam App 40950) (Version:  - FireFly Studios)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
The Battle for Middle-earth (tm) II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
The Mighty Quest For Epic Loot Version 1.223680 (HKLM-x32\...\The Mighty Quest For Epic Loot_is1) (Version: 1.223680 - )
Thief (HKLM-x32\...\VGhpZWY=_is1) (Version: 1 - )
Thunder Master v1.9 (HKLM-x32\...\{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1) (Version: 1.9.4.2 - Palit Microsystems Ltd.)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.2.15 - Electronic Arts)
TL-WN851ND Driver (HKLM-x32\...\{4BAE4C76-44C3-418F-B715-6BBF5A65323E}) (Version: 1.00.0000 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 2.01.0012 - TP-LINK)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)
Unreal Development Kit: 2012-07 (HKLM\...\UDK-28a7a413-84bb-4723-bfeb-26ac6dd931c7) (Version:  - Epic Games, Inc.)
Unreal Development Kit: 2013-07 (HKLM\...\UDK-4aec8fb0-2e1c-4bbf-a418-380e6bf684f0) (Version:  - Epic Games, Inc.)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VB Decompiler Lite (HKLM-x32\...\VB Decompiler Lite_is1) (Version:  - DotFix Software)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Webcam Simulator 7.3 (HKLM-x32\...\WCS7.3.0_is1) (Version: 7.3.0 - Webcam Simulator)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

29-05-2014 21:33:04 Gerätetreiber-Paketinstallation: Visicom Media Inc. Audio-, Video- und Gamecontroller
29-05-2014 21:33:09 Gerätetreiber-Paketinstallation: Visicom Media Inc. Audio-, Video- und Gamecontroller
29-05-2014 21:45:40 Installed MorphVOX Junior
05-06-2014 22:00:00 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-01-12 13:42 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0B18E58D-BDA8-4FB7-B1C6-E8245CC42E24} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {1AD8EBAA-7E00-44E8-8224-017E80AD246D} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6 => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-novainstaller.exe [2014-05-31] (PlusSHDC)
Task: {269E1536-B328-421B-BEC9-2EA2667FE34F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
Task: {2CA748E2-8790-480D-BA64-28105B024882} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.exe [2014-05-31] (PlusSHDC)
Task: {3410DB5C-D471-447D-83B0-07225DED8D9D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {34B4E260-5459-4C2C-BCC5-A81E9FB1BBAC} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31] (globalUpdate) <==== ATTENTION
Task: {35405A2E-8E1F-4F91-A3FA-7C264B88E79D} - System32\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25] (Intel Corporation)
Task: {3AFABAA2-E4C6-4787-B749-A986AD75154B} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.exe [2014-05-31] (PlusSHDC)
Task: {4C75DD7E-2000-4488-BEDE-777C7BBCDD53} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.exe [2014-05-31] (PlusSHDC)
Task: {51495046-331E-4770-A0F1-523FB68DE152} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1 => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-codedownloader.exe [2014-05-31] (PlusSHDC)
Task: {5E2B79D7-85A6-47AD-B5AE-29525A2A88CC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-08] (Adobe Systems Incorporated)
Task: {75B4A7FA-8079-4F47-9DBE-2ED4888E267D} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31] (globalUpdate) <==== ATTENTION
Task: {C6E77BCA-138D-45CA-9403-CA5F240E92EF} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7 => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.exe [2014-05-31] (PlusSHDC)
Task: {D18989DE-2929-47A0-B908-97249EB95A33} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04] (Google Inc.)
Task: {EAB0B612-5E18-4F21-9250-7ACDA11D19F1} - System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5 => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.exe [2014-05-31] (PlusSHDC)
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-codedownloader.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job => C:\Program Files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-novainstaller.exe
Task: C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job => C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe
Task: C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job => C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe

==================== Loaded Modules (whitelisted) =============

2014-05-31 22:01 - 2014-05-31 22:01 - 00123392 _____ () C:\Windows\System32\DlProtectSvc.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00119296 _____ () C:\Windows\system32\wkscli64.exe
2013-11-26 19:35 - 2014-04-30 11:37 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-25 21:24 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-11-25 21:10 - 2012-05-21 04:38 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-18 22:18 - 2014-05-18 22:18 - 00048712 _____ () C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00012800 _____ () C:\ProgramData\dlprotect.exe
2011-12-23 11:24 - 2011-12-23 11:24 - 00119808 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
2014-01-18 16:14 - 2012-06-23 15:54 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\hiddriver.dll
2014-01-18 16:15 - 2010-11-04 12:48 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Isku Keyboard\hiddriver.dll
2014-05-29 20:16 - 2014-05-29 20:16 - 26065408 _____ () E:\Games\Battle.net\Battle.net.4656\libcef.dll
2014-05-29 20:16 - 2014-05-29 20:16 - 00739840 _____ () E:\Games\Battle.net\Battle.net.4656\libglesv2.dll
2014-05-29 20:16 - 2014-05-29 20:16 - 00130048 _____ () E:\Games\Battle.net\Battle.net.4656\libegl.dll
2013-11-25 21:14 - 2013-11-25 21:14 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\c0efb322f8364c8759531666774c0627\IsdiInterop.ni.dll
2013-11-25 21:14 - 2012-05-30 14:55 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-11-25 21:15 - 2012-02-21 13:09 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 02603520 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll
2011-08-15 21:15 - 2011-08-15 21:15 - 00382464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll
2011-08-17 17:41 - 2011-08-17 17:41 - 00400384 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 00322048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll
2011-11-25 14:29 - 2011-11-25 14:29 - 00015872 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll
2011-08-15 21:12 - 2011-08-15 21:12 - 01006592 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll
2011-08-17 17:48 - 2011-08-17 17:48 - 00195584 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll
2011-08-15 20:23 - 2011-08-15 20:23 - 00062464 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll
2011-11-25 14:28 - 2011-11-25 14:28 - 00484352 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll
2011-11-25 14:42 - 2011-11-25 14:42 - 00499976 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll
2011-11-25 14:26 - 2011-11-25 14:26 - 00013824 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll
2011-07-19 17:05 - 2011-07-19 17:05 - 14978048 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll
2011-07-19 17:04 - 2011-07-19 17:04 - 00317952 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll
2011-08-15 21:17 - 2011-08-15 21:17 - 09224704 _____ () C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-06-04 01:16 - 2014-06-09 17:08 - 00012288 _____ () C:\Program Files (x86)\Google\Chrome\Application\WTSAPI32.dll
2014-05-31 22:01 - 2014-05-31 22:01 - 00122216 _____ () C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-03-15 23:08 - 2014-03-15 02:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-2291643653-583422786-3033649162-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\Software\Classes\exefile:  <===== ATTENTION!

==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: 70e6ca8c => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^GIGABYTE OC_GURU.lnk => C:\Windows\pss\GIGABYTE OC_GURU.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Roccat Talk.lnk => C:\Windows\pss\Roccat Talk.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk => C:\Windows\pss\TP-LINK Wireless Configuration Utility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Shorty^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Bf4Launcher.exe => C:\Windows\pss\Bf4Launcher.exe.Startup
MSCONFIG\startupfolder: C:^Users^Shorty^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^taskmgr.exe => C:\Windows\pss\taskmgr.exe.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Badoo Desktop => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
MSCONFIG\startupreg: BitTorrent => "C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "E:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: Overwolf => C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: Steam => "E:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: USB3MON => "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2014 05:06:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (06/09/2014 05:06:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/08/2014 09:54:02 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (06/08/2014 09:54:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/08/2014 06:46:26 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (06/08/2014 06:46:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/07/2014 00:47:58 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (06/07/2014 00:47:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/06/2014 10:49:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.

Error: (06/06/2014 06:21:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Fehler bei der Windows-Lizenzaktivierung. Fehler 0x80070005.


System errors:
=============
Error: (06/09/2014 05:06:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (06/08/2014 09:54:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (06/08/2014 06:46:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (06/07/2014 00:47:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "BlueStacks Android Service" wurde mit folgendem Fehler beendet: 
%%1064

Error: (06/07/2014 00:47:56 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎06.‎2014 um 00:44:28 unerwartet heruntergefahren.

Error: (06/06/2014 06:54:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (06/06/2014 06:54:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (06/05/2014 07:35:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎06.‎2014 um 23:50:09 unerwartet heruntergefahren.

Error: (06/04/2014 01:18:03 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Update raving reyven" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/04/2014 01:17:57 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Util raving reyven" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (06/09/2014 05:06:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (06/09/2014 05:06:32 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/08/2014 09:54:02 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (06/08/2014 09:54:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/08/2014 06:46:26 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (06/08/2014 06:46:26 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/07/2014 00:47:58 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (06/07/2014 00:47:57 AM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (06/06/2014 10:49:33 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000

Error: (06/06/2014 06:21:07 PM) (Source: Winlogon) (EventID: 4103) (User: )
Description: 0x800700050x00000000


==================== Memory info =========================== 

Percentage of memory in use: 17%
Total physical RAM: 16270.87 MB
Available physical RAM: 13481.07 MB
Total Pagefile: 32539.88 MB
Available Pagefile: 29483.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.57 GB) (Free:41.07 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:518.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 112 GB) (Disk ID: 623D4314)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: A5465066)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================

frst log

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-06-2014 03
Ran by Shorty (administrator) on SHORTY-PC on 09-06-2014 21:51:22
Running from C:\Users\Shorty\Downloads
Platform: Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Spigot, Inc.) C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
() C:\Windows\System32\DlProtectSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
() C:\Windows\System32\wkscli64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Palit Microsystems Ltd.) C:\Program Files (x86)\Thunder Master\THPanel.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.exe
() C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\dlprotect.exe
(Spigot, Inc.) C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
(Blizzard Entertainment) E:\Games\Battle.net\Battle.net.4656\Battle.net.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe
() C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe
(PlusSHDC) C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1225920 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [RoccatKonePure] => C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE [561152 2013-10-23] (ROCCAT GmbH)
HKLM-x32\...\Run: [RoccatIsku] => C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE [536576 2013-10-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3814736 2014-05-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Download Protect] => C:\ProgramData\dlprotect.exe [12800 2014-05-31] ()
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [SearchSettings] => C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe [1404736 2014-05-26] (Spigot, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [THPanel] => C:\Program Files (x86)\Thunder Master\THPanel.exe [2158888 2013-05-24] (Palit Microsystems Ltd.)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [BitTorrent] => C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe [1240664 2014-04-29] (BitTorrent Inc.)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [MyComGames] => C:\Users\Shorty\AppData\Local\MyComGames\MyComGames.exe [4395816 2014-04-25] ()
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\Run: [Java] => C:\Users\Shorty\AppData\Roaming\Launcherr.exe [24637952 2014-05-08] (Valve Corporation)
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\MountPoints2: {64facb41-560c-11e3-8b61-bc5ff47f61dc} - H:\setup.exe
HKU\S-1-5-21-2291643653-583422786-3033649162-1000\...\MountPoints2: {a939e20c-5603-11e3-b080-9d6ed9800837} - D:\OpenFiles.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://at.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7501A24EAA0FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
URLSearchHook: HKCU - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE64.dll (Spigot, Inc.)
URLSearchHook: HKCU - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll (Spigot, Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
SearchScopes: HKCU - {65414F7B-B20E-4E92-96AE-67643932670D} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2849855&CUI=UN35836628171878116&UM=1
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=protegere
BHO: PlusSHD-9.9 - {11111111-1111-1111-1111-110511291116} - C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-bho64.dll (PlusSHDC)
BHO-x32: PlusSHD-9.9 - {11111111-1111-1111-1111-110511291116} - C:\Program Files (x86)\PlusSHD-9.9\PlusSHD-9.9-bho.dll (PlusSHDC)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll (Spigot, Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE64.dll (Spigot, Inc.)
Toolbar: HKLM-x32 - SearchMe Toolbar - {B9C767DD-F66A-40B4-8F12-4199A9A4393C} - C:\Program Files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll (Spigot, Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\system32\urlmon.dll (Microsoft Corporation)
Handler-x32: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\syswow64\urlmon.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @my.com/Games - C:\Users\Shorty\AppData\Local\MyComGames\NPMyComDetector.dll (My.com, Inc)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Shorty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{C941F8B9-E9A5-40A2-940B-512D8A32CA74}] - C:\Windows\Installer\{E1DFA477-0AAC-4A40-8808-E4C11743F961}\{C941F8B9-E9A5-40A2-940B-512D8A32CA74}.xpi
FF Extension: Download Protect - C:\Windows\Installer\{E1DFA477-0AAC-4A40-8808-E4C11743F961}\{C941F8B9-E9A5-40A2-940B-512D8A32CA74}.xpi [2014-06-09]

Chrome: 
=======
CHR HomePage: https://at.search.yahoo.com/?type=888596&fr=spigot-yhp-ch
CHR StartupUrls: "https://at.search.yahoo.com/?type=888596&fr=spigot-yhp-ch", "hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV="
CHR Extension: (PlusSHD-9.9) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe [2014-06-08]
CHR Extension: (Google Drive) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-02]
CHR Extension: (YouTube) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-02]
CHR Extension: (Google-Suche) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-02]
CHR Extension: (Download Protect) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlaappnjcjjmkkcfodimdnafdbhjlcag [2014-06-09]
CHR Extension: (Google Wallet) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-02]
CHR Extension: (Google Mail) - C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-02]
CHR HKLM-x32\...\Chrome\Extension: [cikkkfooompgefbcjlgdjejfdknkheaj] - C:\Program Files (x86)\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [gpiifgmgnfdiblgpaepbmfdkcheicgof] - C:\Program Files (x86)\Common Files\Spigot\GC\nta_1.0_0.crx [2014-04-23]
CHR HKLM-x32\...\Chrome\Extension: [hbcennhacfaagdopikcegfcobcadeocj] - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.1.crx [2013-10-14]
CHR HKLM-x32\...\Chrome\Extension: [mhkaekfpcppmmioggniknbnbdbcigpkk] - C:\Users\Shorty\AppData\Local\Slick Savings\coupons.crx [2014-05-29]
CHR HKLM-x32\...\Chrome\Extension: [pfndaklgolladniicklehhancnlgocpp] - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx [2012-11-22]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 DlProtectSvc; C:\Windows\System32\DlProtectSvc.exe [123392 2014-05-31] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-31] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-05-31] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
S4 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [128280 2012-02-21] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-21] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 Netplwi{; C:\Windows\system32\wkscli64.exe [119296 2014-05-31] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-04-30] ()
S4 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [172192 2013-10-23] (Skype Technologies)
S3 Visual Studio Analyzer RPC bridge; C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe [34036 1998-06-06] (Microsoft Corporation) [File not signed]
R2 XTU3SERVICE; C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [14848 2011-09-12] (Intel Corporation)

==================== Drivers (Whitelisted) ====================

R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-26] (Disc Soft Ltd)
S3 GPCIDrv; C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [14376 2010-02-04] ()
R2 iocbios2; C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [22776 2011-09-12] (Intel Corporation)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-27] (Visicom Media Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64; C:\Windows\System32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys [61120 2014-05-22] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-09 21:51 - 2014-06-09 21:51 - 01333465 _____ () C:\Users\Shorty\Downloads\adwcleaner_3.212.exe
2014-06-09 21:51 - 2014-06-09 21:51 - 00280045 _____ () C:\Users\Shorty\Downloads\Nicht bestätigt 997419.crdownload
2014-06-09 21:51 - 2014-06-09 21:51 - 00019098 _____ () C:\Users\Shorty\Downloads\FRST.txt
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\FRST
2014-06-09 21:50 - 2014-06-09 21:50 - 02080768 _____ (Farbar) C:\Users\Shorty\Downloads\FRST64.exe
2014-06-09 21:30 - 2014-06-09 21:30 - 00010925 _____ () C:\Users\Shorty\Desktop\hijackthis.log
2014-06-09 21:28 - 2014-06-09 21:28 - 00003142 _____ () C:\Windows\System32\Tasks\{D24FF73B-DE36-4B62-B7E2-B4CE36598E8A}
2014-06-09 21:23 - 2014-06-09 21:30 - 00010925 _____ () C:\Users\Shorty\Downloads\hijackthis.log
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204.exe
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204 (1).exe
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Among the sleep
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-06 18:59 - 2014-06-06 23:13 - 00000000 ____D () C:\Users\Shorty\Downloads\[R.G. Mechanics] Among the sleep
2014-06-06 18:58 - 2014-06-06 18:58 - 00012714 _____ () C:\Users\Shorty\Downloads\[kickass.to]among.the.sleep.2014.pc.repack.by.r.g.Мechanics.torrent
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\Documents\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Freemake
2014-06-05 22:13 - 2014-06-05 22:13 - 01325576 _____ (Ellora Assets Corporation ) C:\Users\Shorty\Downloads\FreemakeVideoConverterSetup.exe
2014-06-04 22:39 - 2014-06-04 22:39 - 00000000 ____D () C:\Users\Shorty\Downloads\RgcAudio z3ta+ DXi VSTi v1.4
2014-06-04 22:30 - 2014-06-04 22:45 - 00000000 ____D () C:\Users\Shorty\Downloads\FL Studio Producer Edition 11.0.4 Signature Bundle [ChingLiu]
2014-06-04 22:30 - 2014-06-04 22:30 - 00025094 _____ () C:\Users\Shorty\Downloads\[kickass.to]fl.studio.producer.edition.11.0.4.signature.bundle.chingliu.torrent
2014-06-04 01:16 - 2014-06-09 17:08 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-03 00:48 - 2014-06-03 00:48 - 00145076 _____ () C:\Users\Shorty\Downloads\Minecraft.jar
2014-06-03 00:47 - 2014-06-03 00:47 - 01109677 _____ (TeamExtreme) C:\Users\Shorty\Downloads\Minecraft.exe
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\SearchMe Toolbar
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-05-31 23:35 - 2014-05-22 18:20 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys
2014-05-31 22:01 - 2014-06-09 21:01 - 00001336 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00003796 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00002236 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001486 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001406 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001390 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00001386 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job
2014-05-31 22:01 - 2014-06-09 17:06 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-05-31 22:01 - 2014-06-08 22:06 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-05-31 22:01 - 2014-05-31 22:01 - 00123392 _____ () C:\Windows\system32\DlProtectSvc.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00119296 _____ () C:\Windows\system32\wkscli64.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00012800 _____ () C:\ProgramData\dlprotect.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00006826 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3
2014-05-31 22:01 - 2014-05-31 22:01 - 00005266 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4
2014-05-31 22:01 - 2014-05-31 22:01 - 00004516 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5
2014-05-31 22:01 - 2014-05-31 22:01 - 00004436 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6
2014-05-31 22:01 - 2014-05-31 22:01 - 00004420 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1
2014-05-31 22:01 - 2014-05-31 22:01 - 00004416 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2
2014-05-31 22:01 - 2014-05-31 22:01 - 00004364 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7
2014-05-31 22:01 - 2014-05-31 22:01 - 00003920 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-05-31 22:01 - 2014-05-31 22:01 - 00003666 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\dlg
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Local\globalUpdate
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\PlusSHD-9.9
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-05-31 22:00 - 2014-06-04 01:19 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Security System 2
2014-05-31 21:59 - 2014-05-31 21:59 - 00467128 _____ () C:\Users\Shorty\Downloads\lotto-Downloader.exe
2014-05-30 18:04 - 2014-05-30 18:04 - 00232312 _____ (Fusion Install ) C:\Users\Shorty\Downloads\java_setup.exe
2014-05-30 17:43 - 2014-06-02 11:49 - 00000000 ____D () C:\Users\Shorty\Desktop\HACKING
2014-05-30 17:37 - 2014-05-30 17:37 - 00003361 _____ () C:\Users\Shorty\Downloads\[kickass.to]brutus.aet2.torrent
2014-05-30 17:32 - 2014-05-30 17:32 - 00000000 ____H () C:\Users\Shorty\Documents\Default.rdp
2014-05-30 17:21 - 2014-05-30 17:22 - 19961033 _____ () C:\Users\Shorty\Downloads\nmap-6.46-win32.zip
2014-05-30 17:13 - 2014-05-30 17:13 - 01107968 _____ () C:\Users\Shorty\Downloads\RSIT.exe
2014-05-30 17:13 - 2014-05-30 17:13 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-05-30 00:23 - 2014-05-30 00:23 - 00386459 _____ () C:\Users\Shorty\Downloads\Kuh scheißt.mp4
2014-05-30 00:19 - 2014-05-30 00:19 - 00215107 _____ () C:\Users\Shorty\Downloads\Furzende katze.mp4
2014-05-30 00:07 - 2014-05-30 00:09 - 55577752 _____ () C:\Users\Shorty\Downloads\hot-web-cam-girl.avi
2014-05-29 23:46 - 2014-05-29 23:46 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 02970992 _____ () C:\Users\Shorty\Downloads\MorphVOXJunior_Install-1.exe
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee
2014-05-29 23:33 - 2014-06-04 02:55 - 00000000 ____D () C:\Users\Shorty\AppData\Local\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-29 23:31 - 2014-05-29 23:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Shorty\Downloads\ManyCam - CHIP-Installer.exe
2014-05-29 23:26 - 2014-06-04 01:18 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Slick Savings
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Slick Savings
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065.exe
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065 (1).exe
2014-05-29 23:23 - 2014-05-29 23:23 - 00960566 _____ () C:\Users\Shorty\Downloads\Real Scary Ghost!.mp4
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup.exe
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup (1).exe
2014-05-29 23:18 - 2014-05-29 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webcam Simulator 7.3
2014-05-29 23:16 - 2014-05-29 23:16 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller (1).exe
2014-05-29 23:15 - 2014-05-29 23:15 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller.exe
2014-05-28 22:59 - 2014-05-28 22:59 - 00287448 _____ () C:\Users\Shorty\Downloads\jomgegar Crypter by DzkiLLeR.rar
2014-05-28 12:31 - 2014-05-28 13:30 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ubisoft Game Launcher
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-05-28 11:13 - 2014-05-31 22:01 - 00000000 ___RD () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 18:22 - 2014-05-28 11:09 - 00000000 ____D () C:\Users\Shorty\Downloads\Postal 3
2014-05-22 18:22 - 2014-05-22 18:22 - 00027850 _____ () C:\Users\Shorty\Downloads\[kickass.to]postal.3.torrent
2014-05-21 20:58 - 2014-05-21 20:58 - 00001449 _____ () C:\Users\Shorty\AppData\Local\recently-used.xbel
2014-05-18 22:18 - 2014-05-18 22:18 - 00045400 _____ () C:\Windows\SysWOW64\DiscHandler.exe
2014-05-18 13:49 - 2014-05-18 13:49 - 03535741 _____ () C:\Users\Shorty\Downloads\[www.OldSchoolHack.de]_MW3 .NET External ESP v3.9 by master131 (1).rar
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-17 20:16 - 2014-05-17 20:16 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo (1).7z
2014-05-17 20:15 - 2014-05-17 20:15 - 13005312 _____ () C:\Users\Shorty\AppData\Local\LbhprVWVzG6XeKnqgHErMwacUiHRBgBVZwOHHhG1UT8lA9Q1puAGTI2c9T6wLpC4as4aREHOoSTH2vFOaGw7H6EbHIYKt73bCEEOBk1Qpv3gt7ZmW5.exe
2014-05-17 20:13 - 2014-05-17 20:13 - 02296980 _____ () C:\Users\Shorty\Downloads\MrEpiclolface trololo.zip
2014-05-17 20:11 - 2014-05-17 20:11 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo.7z
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\Windows\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\Windows\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\Windows\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\Windows\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\Windows\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\Windows\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\Windows\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\Windows\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\Windows\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\Windows\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\Windows\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\Windows\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\Windows\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\Windows\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\Windows\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\Windows\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\Windows\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\Windows\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\Windows\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\Windows\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\Windows\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\Windows\SysWOW64\ff_wmv9.dll
2014-05-11 15:57 - 2014-05-11 15:57 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ascaron Entertainment
2014-05-11 15:29 - 2014-05-11 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-05-10 00:23 - 2014-05-10 00:29 - 00000000 __SHD () C:\Users\Shorty\AppData\Roaming\wyUpdate AU
2014-05-10 00:23 - 2014-05-10 00:29 - 00000000 ____D () C:\Users\Shorty\Documents\Universe Sandbox
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\System
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Universe Sandbox
2014-05-10 00:21 - 2014-05-10 00:22 - 00000000 ____D () C:\Users\Shorty\Downloads\Beat Hazard

==================== One Month Modified Files and Folders =======

2014-06-09 21:51 - 2014-06-09 21:51 - 01333465 _____ () C:\Users\Shorty\Downloads\adwcleaner_3.212.exe
2014-06-09 21:51 - 2014-06-09 21:51 - 00280045 _____ () C:\Users\Shorty\Downloads\Nicht bestätigt 997419.crdownload
2014-06-09 21:51 - 2014-06-09 21:51 - 00019098 _____ () C:\Users\Shorty\Downloads\FRST.txt
2014-06-09 21:51 - 2014-06-09 21:51 - 00000000 ____D () C:\FRST
2014-06-09 21:51 - 2013-11-25 21:00 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Temp
2014-06-09 21:50 - 2014-06-09 21:50 - 02080768 _____ (Farbar) C:\Users\Shorty\Downloads\FRST64.exe
2014-06-09 21:48 - 2013-12-05 01:26 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Battle.net
2014-06-09 21:30 - 2014-06-09 21:30 - 00010925 _____ () C:\Users\Shorty\Desktop\hijackthis.log
2014-06-09 21:30 - 2014-06-09 21:23 - 00010925 _____ () C:\Users\Shorty\Downloads\hijackthis.log
2014-06-09 21:28 - 2014-06-09 21:28 - 00003142 _____ () C:\Windows\System32\Tasks\{D24FF73B-DE36-4B62-B7E2-B4CE36598E8A}
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204.exe
2014-06-09 21:23 - 2014-06-09 21:23 - 00388608 _____ (Trend Micro Inc.) C:\Users\Shorty\Downloads\HiJackThis204 (1).exe
2014-06-09 21:01 - 2014-05-31 22:01 - 00001336 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job
2014-06-09 18:49 - 2014-01-13 15:17 - 00889812 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 17:27 - 2013-11-25 21:15 - 00000830 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-06-09 17:12 - 2009-07-14 19:58 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-06-09 17:12 - 2009-07-14 19:58 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-06-09 17:12 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-09 17:08 - 2014-06-04 01:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-06-09 17:06 - 2014-05-31 22:01 - 00003796 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00002236 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001486 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001406 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001390 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00001386 _____ () C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job
2014-06-09 17:06 - 2014-05-31 22:01 - 00000918 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-06-09 17:06 - 2014-04-25 13:35 - 00000000 ____D () C:\Users\Shorty\AppData\Local\MyComGames
2014-06-09 17:06 - 2014-03-16 14:55 - 00000000 ____D () C:\Users\Shorty\AppData\Local\LogMeIn Hamachi
2014-06-09 17:06 - 2014-01-13 15:17 - 00055580 _____ () C:\Windows\setupact.log
2014-06-09 17:06 - 2013-11-25 21:48 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\BitTorrent
2014-06-09 17:06 - 2013-11-25 21:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-09 17:06 - 2013-11-25 21:15 - 00000828 _____ () C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-06-09 17:06 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-08 22:29 - 2014-01-30 19:43 - 00000000 ____D () C:\Users\Shorty\Desktop\Bilder
2014-06-08 22:06 - 2014-05-31 22:01 - 00000922 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-06-08 22:06 - 2013-11-26 18:29 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Skype
2014-06-07 00:34 - 2013-12-18 20:37 - 00000000 ____D () C:\Users\Shorty\Desktop\Spiele
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Among the sleep
2014-06-06 23:18 - 2014-06-06 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-06 23:13 - 2014-06-06 18:59 - 00000000 ____D () C:\Users\Shorty\Downloads\[R.G. Mechanics] Among the sleep
2014-06-06 18:58 - 2014-06-06 18:58 - 00012714 _____ () C:\Users\Shorty\Downloads\[kickass.to]among.the.sleep.2014.pc.repack.by.r.g.Мechanics.torrent
2014-06-06 13:59 - 2014-01-31 19:44 - 00012958 _____ () C:\Windows\PFRO.log
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\Documents\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2014-06-05 22:14 - 2014-06-05 22:14 - 00000000 ____D () C:\ProgramData\Freemake
2014-06-05 22:13 - 2014-06-05 22:13 - 01325576 _____ (Ellora Assets Corporation ) C:\Users\Shorty\Downloads\FreemakeVideoConverterSetup.exe
2014-06-04 22:45 - 2014-06-04 22:30 - 00000000 ____D () C:\Users\Shorty\Downloads\FL Studio Producer Edition 11.0.4 Signature Bundle [ChingLiu]
2014-06-04 22:39 - 2014-06-04 22:39 - 00000000 ____D () C:\Users\Shorty\Downloads\RgcAudio z3ta+ DXi VSTi v1.4
2014-06-04 22:30 - 2014-06-04 22:30 - 00025094 _____ () C:\Users\Shorty\Downloads\[kickass.to]fl.studio.producer.edition.11.0.4.signature.bundle.chingliu.torrent
2014-06-04 02:55 - 2014-05-29 23:33 - 00000000 ____D () C:\Users\Shorty\AppData\Local\ManyCam
2014-06-04 01:19 - 2014-05-31 22:00 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Security System 2
2014-06-04 01:18 - 2014-05-29 23:26 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Slick Savings
2014-06-04 01:16 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-04 01:15 - 2009-07-14 04:34 - 00000541 _____ () C:\Windows\win.ini
2014-06-03 01:35 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-03 01:35 - 2009-07-14 06:45 - 00009584 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-03 01:00 - 2013-11-26 00:45 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\.minecraft
2014-06-03 00:48 - 2014-06-03 00:48 - 00145076 _____ () C:\Users\Shorty\Downloads\Minecraft.jar
2014-06-03 00:47 - 2014-06-03 00:47 - 01109677 _____ (TeamExtreme) C:\Users\Shorty\Downloads\Minecraft.exe
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\SearchMe Toolbar
2014-06-02 23:24 - 2014-06-02 23:24 - 00000000 ____D () C:\Program Files (x86)\Application Updater
2014-06-02 23:19 - 2013-12-04 17:35 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\TS3Client
2014-06-02 11:49 - 2014-05-30 17:43 - 00000000 ____D () C:\Users\Shorty\Desktop\HACKING
2014-06-02 11:48 - 2014-04-06 15:33 - 00000000 ____D () C:\ProgramData\Origin
2014-05-31 22:01 - 2014-05-31 22:01 - 00123392 _____ () C:\Windows\system32\DlProtectSvc.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00119296 _____ () C:\Windows\system32\wkscli64.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00012800 _____ () C:\ProgramData\dlprotect.exe
2014-05-31 22:01 - 2014-05-31 22:01 - 00006826 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3
2014-05-31 22:01 - 2014-05-31 22:01 - 00005266 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4
2014-05-31 22:01 - 2014-05-31 22:01 - 00004516 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5
2014-05-31 22:01 - 2014-05-31 22:01 - 00004436 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6
2014-05-31 22:01 - 2014-05-31 22:01 - 00004420 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1
2014-05-31 22:01 - 2014-05-31 22:01 - 00004416 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2
2014-05-31 22:01 - 2014-05-31 22:01 - 00004364 _____ () C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7
2014-05-31 22:01 - 2014-05-31 22:01 - 00003920 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-05-31 22:01 - 2014-05-31 22:01 - 00003666 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\dlg
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Users\Shorty\AppData\Local\globalUpdate
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\PlusSHD-9.9
2014-05-31 22:01 - 2014-05-31 22:01 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-05-31 22:01 - 2014-05-28 11:13 - 00000000 ___RD () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-31 22:01 - 2014-03-19 06:29 - 00290816 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-05-31 21:59 - 2014-05-31 21:59 - 00467128 _____ () C:\Users\Shorty\Downloads\lotto-Downloader.exe
2014-05-30 18:04 - 2014-05-30 18:04 - 00232312 _____ (Fusion Install ) C:\Users\Shorty\Downloads\java_setup.exe
2014-05-30 17:44 - 2014-05-02 17:28 - 00000000 ____D () C:\Users\Shorty\Desktop\Virus Things
2014-05-30 17:37 - 2014-05-30 17:37 - 00003361 _____ () C:\Users\Shorty\Downloads\[kickass.to]brutus.aet2.torrent
2014-05-30 17:32 - 2014-05-30 17:32 - 00000000 ____H () C:\Users\Shorty\Documents\Default.rdp
2014-05-30 17:22 - 2014-05-30 17:21 - 19961033 _____ () C:\Users\Shorty\Downloads\nmap-6.46-win32.zip
2014-05-30 17:13 - 2014-05-30 17:13 - 01107968 _____ () C:\Users\Shorty\Downloads\RSIT.exe
2014-05-30 17:13 - 2014-05-30 17:13 - 00000000 ____D () C:\Program Files (x86)\trend micro
2014-05-30 00:23 - 2014-05-30 00:23 - 00386459 _____ () C:\Users\Shorty\Downloads\Kuh scheißt.mp4
2014-05-30 00:19 - 2014-05-30 00:19 - 00215107 _____ () C:\Users\Shorty\Downloads\Furzende katze.mp4
2014-05-30 00:09 - 2014-05-30 00:07 - 55577752 _____ () C:\Users\Shorty\Downloads\hot-web-cam-girl.avi
2014-05-29 23:46 - 2014-05-29 23:46 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 02970992 _____ () C:\Users\Shorty\Downloads\MorphVOXJunior_Install-1.exe
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-05-29 23:45 - 2014-05-29 23:45 - 00000000 ____D () C:\Program Files (x86)\Screaming Bee
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManyCam
2014-05-29 23:33 - 2014-05-29 23:33 - 00000000 ____D () C:\Program Files (x86)\ManyCam
2014-05-29 23:31 - 2014-05-29 23:31 - 00961360 _____ (Chip Digital GmbH) C:\Users\Shorty\Downloads\ManyCam - CHIP-Installer.exe
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Slick Savings
2014-05-29 23:26 - 2014-05-29 23:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Player - Codec Pack
2014-05-29 23:26 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065.exe
2014-05-29 23:24 - 2014-05-29 23:24 - 00929416 _____ (CNET Download.com) C:\Users\Shorty\Downloads\cbsidlm-cbsi188-Media_Player_Codec_Pack-BP-10749065 (1).exe
2014-05-29 23:23 - 2014-05-29 23:23 - 00960566 _____ () C:\Users\Shorty\Downloads\Real Scary Ghost!.mp4
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup.exe
2014-05-29 23:18 - 2014-05-29 23:18 - 05210816 _____ (Webcam Simulator ) C:\Users\Shorty\Downloads\setup (1).exe
2014-05-29 23:18 - 2014-05-29 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webcam Simulator 7.3
2014-05-29 23:16 - 2014-05-29 23:16 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller (1).exe
2014-05-29 23:15 - 2014-05-29 23:15 - 00244320 _____ () C:\Users\Shorty\Downloads\ManyCamWebInstaller.exe
2014-05-28 22:59 - 2014-05-28 22:59 - 00287448 _____ () C:\Users\Shorty\Downloads\jomgegar Crypter by DzkiLLeR.rar
2014-05-28 13:30 - 2014-05-28 12:31 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ubisoft Game Launcher
2014-05-28 13:21 - 2014-02-02 12:37 - 00000000 ____D () C:\Users\Shorty\Documents\My Games
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-05-28 12:31 - 2014-05-28 12:31 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-05-28 12:30 - 2014-02-22 00:26 - 00214191 _____ () C:\Windows\DirectX.log
2014-05-28 12:23 - 2013-11-25 21:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-28 12:22 - 2013-11-25 21:24 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-28 11:09 - 2014-05-22 18:22 - 00000000 ____D () C:\Users\Shorty\Downloads\Postal 3
2014-05-25 17:42 - 2013-11-26 19:35 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-05-25 17:42 - 2013-11-26 19:35 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-05-22 20:32 - 2014-01-30 19:43 - 00000000 ____D () C:\Users\Shorty\Desktop\Musik
2014-05-22 18:22 - 2014-05-22 18:22 - 00027850 _____ () C:\Users\Shorty\Downloads\[kickass.to]postal.3.torrent
2014-05-22 18:20 - 2014-05-31 23:35 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys
2014-05-22 16:25 - 2013-12-04 19:03 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-05-21 22:49 - 2014-05-07 19:18 - 00000000 ____D () C:\Users\Shorty\Desktop\maps
2014-05-21 22:49 - 2013-12-18 16:50 - 00000000 ____D () C:\Users\Shorty\Desktop\PC
2014-05-21 20:58 - 2014-05-21 20:58 - 00001449 _____ () C:\Users\Shorty\AppData\Local\recently-used.xbel
2014-05-21 20:58 - 2014-04-27 12:09 - 00000000 ____D () C:\Users\Shorty\AppData\Local\gtk-2.0
2014-05-21 20:58 - 2014-02-20 23:37 - 00000000 ____D () C:\Users\Shorty\.gimp-2.8
2014-05-20 04:44 - 2014-05-28 12:20 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:44 - 2014-05-28 12:20 - 00382240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 00335704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-05-20 04:44 - 2014-05-28 12:20 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 04:44 - 2013-11-25 21:24 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 03:25 - 2013-11-25 21:24 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 03:25 - 2013-11-25 21:24 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 03:25 - 2013-11-25 21:24 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 01:10 - 2014-05-28 12:22 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-18 22:18 - 2014-05-18 22:18 - 00045400 _____ () C:\Windows\SysWOW64\DiscHandler.exe
2014-05-18 13:49 - 2014-05-18 13:49 - 03535741 _____ () C:\Users\Shorty\Downloads\[www.OldSchoolHack.de]_MW3 .NET External ESP v3.9 by master131 (1).rar
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-05-18 12:28 - 2014-05-18 12:28 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-05-17 20:16 - 2014-05-17 20:16 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo (1).7z
2014-05-17 20:15 - 2014-05-17 20:15 - 13005312 _____ () C:\Users\Shorty\AppData\Local\LbhprVWVzG6XeKnqgHErMwacUiHRBgBVZwOHHhG1UT8lA9Q1puAGTI2c9T6wLpC4as4aREHOoSTH2vFOaGw7H6EbHIYKt73bCEEOBk1Qpv3gt7ZmW5.exe
2014-05-17 20:13 - 2014-05-17 20:13 - 02296980 _____ () C:\Users\Shorty\Downloads\MrEpiclolface trololo.zip
2014-05-17 20:11 - 2014-05-17 20:11 - 01349667 _____ () C:\Users\Shorty\Downloads\Trololololo.7z
2014-05-15 01:49 - 2013-11-25 21:24 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-05-13 17:05 - 2014-05-13 17:05 - 04374528 _____ () C:\Windows\system32\ffdshow.ax
2014-05-13 17:05 - 2014-05-13 17:05 - 04009984 _____ () C:\Windows\system32\ffmpeg.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00474624 _____ () C:\Windows\system32\ff_kernelDeint.dll
2014-05-13 17:05 - 2014-05-13 17:05 - 00127488 _____ () C:\Windows\system32\ff_vfw.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 01532928 _____ () C:\Windows\system32\ff_samplerate.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00631296 _____ () C:\Windows\system32\TomsMoComp_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00222720 _____ () C:\Windows\system32\ff_libdts.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00190464 _____ () C:\Windows\system32\libmpeg2_ff.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00183296 _____ () C:\Windows\system32\ff_unrar.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00156672 _____ () C:\Windows\system32\ff_libmad.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00116224 _____ () C:\Windows\system32\ff_liba52.dll
2014-05-13 17:04 - 2014-05-13 17:04 - 00114688 _____ () C:\Windows\system32\ff_wmv9.dll
2014-05-13 17:02 - 2014-05-13 17:02 - 03916288 _____ () C:\Windows\SysWOW64\ffmpeg.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 03502592 _____ () C:\Windows\SysWOW64\ffdshow.ax
2014-05-13 17:01 - 2014-05-13 17:01 - 00271360 _____ () C:\Windows\SysWOW64\TomsMoComp_ff.dll
2014-05-13 17:01 - 2014-05-13 17:01 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 01525760 _____ () C:\Windows\SysWOW64\ff_samplerate.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00211968 _____ () C:\Windows\SysWOW64\ff_libdts.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00157184 _____ () C:\Windows\SysWOW64\ff_unrar.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00147456 _____ () C:\Windows\SysWOW64\ff_libmad.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00136704 _____ () C:\Windows\SysWOW64\libmpeg2_ff.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00114688 _____ () C:\Windows\SysWOW64\ff_liba52.dll
2014-05-13 17:00 - 2014-05-13 17:00 - 00099840 _____ () C:\Windows\SysWOW64\ff_wmv9.dll
2014-05-11 15:57 - 2014-05-11 15:57 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Ascaron Entertainment
2014-05-11 15:29 - 2014-05-11 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Deep Silver
2014-05-10 00:29 - 2014-05-10 00:23 - 00000000 __SHD () C:\Users\Shorty\AppData\Roaming\wyUpdate AU
2014-05-10 00:29 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\Documents\Universe Sandbox
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Roaming\System
2014-05-10 00:23 - 2014-05-10 00:23 - 00000000 ____D () C:\Users\Shorty\AppData\Local\Universe Sandbox
2014-05-10 00:22 - 2014-05-10 00:21 - 00000000 ____D () C:\Users\Shorty\Downloads\Beat Hazard

Files to move or delete:
====================
C:\ProgramData\dlprotect.exe


Some content of TEMP:
====================
C:\Users\Shorty\AppData\Local\Temp\4iy0RcPYtf.exe
C:\Users\Shorty\AppData\Local\Temp\98gzdQAGEO.exe
C:\Users\Shorty\AppData\Local\Temp\binkw32.dll
C:\Users\Shorty\AppData\Local\Temp\d2l_Install.exe
C:\Users\Shorty\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.1.exe
C:\Users\Shorty\AppData\Local\Temp\i4jdel0.exe
C:\Users\Shorty\AppData\Local\Temp\instloffer.exe
C:\Users\Shorty\AppData\Local\Temp\jj2RNx61w3.exe
C:\Users\Shorty\AppData\Local\Temp\LAUNCHER.EXE
C:\Users\Shorty\AppData\Local\Temp\N5PxROC8M5.exe
C:\Users\Shorty\AppData\Local\Temp\nsi17E5.exe
C:\Users\Shorty\AppData\Local\Temp\nsi1A3.exe
C:\Users\Shorty\AppData\Local\Temp\nst1601.exe
C:\Users\Shorty\AppData\Local\Temp\nstFFBF.exe
C:\Users\Shorty\AppData\Local\Temp\nsw8614.exe
C:\Users\Shorty\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Shorty\AppData\Local\Temp\nvStInst.exe
C:\Users\Shorty\AppData\Local\Temp\ot9Lapa2oX.exe
C:\Users\Shorty\AppData\Local\Temp\setup.exe
C:\Users\Shorty\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Shorty\AppData\Local\Temp\sonarinst.exe
C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE
C:\Users\Shorty\AppData\Local\Temp\vs60wiz.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-08 19:28

==================== End Of Log ============================

--- --- ---
* nvidia dateien weg sonst zu viel zeichen

adw cleaner:

Code:

ATTFilter

# AdwCleaner v3.212 - Bericht erstellt am 09/06/2014 um 21:53:07
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Shorty - SHORTY-PC
# Gestartet von : C:\Users\Shorty\Downloads\adwcleaner_3.212.exe
# Option : Suchen

***** [ Dienste ] *****

Dienst Gefunden : Application Updater
Dienst Gefunden : globalUpdate
Dienst Gefunden : globalUpdatem

***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gefunden : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Datei Gefunden : C:\Windows\System32\roboot64.exe
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6
Datei Gefunden : C:\Windows\System32\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7
Datei Gefunden : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
Datei Gefunden : C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job
Datei Gefunden : C:\Windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job
Datei Gefunden : C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
Datei Gefunden : C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
Ordner Gefunden : C:\Program Files (x86)\Application Updater
Ordner Gefunden : C:\Program Files (x86)\Common Files\Spigot
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\Program Files (x86)\SearchMe Toolbar
Ordner Gefunden : C:\ProgramData\Trymedia
Ordner Gefunden : C:\Users\Shorty\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Slick Savings
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Temp\OCS
Ordner Gefunden : C:\Users\Shorty\AppData\Local\Temp\raving reyven
Ordner Gefunden : C:\Users\Shorty\AppData\LocalLow\Search Settings
Ordner Gefunden : C:\Users\Shorty\AppData\Roaming\Slick Savings

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Search Settings
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Show-Password
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\installedbrowserextensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Schlüssel Gefunden : HKCU\Software\OCS
Schlüssel Gefunden : HKCU\Software\Search Settings
Schlüssel Gefunden : [x64] HKCU\Software\Conduit
Schlüssel Gefunden : [x64] HKCU\Software\installedbrowserextensions
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8A244612-A1F7-11E0-95C0-E71F4824019B}
Schlüssel Gefunden : [x64] HKCU\Software\OCS
Schlüssel Gefunden : [x64] HKCU\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\Application Updater
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292216}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4A40A2A9-DD1C-11CE-B7A6-00AA006EC3D4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.BHO.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.Sandbox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0052916.Sandbox.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295516}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296616}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440544294416}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Schlüssel Gefunden : HKLM\Software\installedbrowserextensions
Schlüssel Gefunden : HKLM\Software\InstallIQ
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\optprostart_rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-245486970
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gefunden : HKLM\Software\Search Settings
Schlüssel Gefunden : HKLM\Software\SProtector
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Vittalia
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522292216}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555295516}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566296616}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchSettings]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.16385

Einstellung Gefunden : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=

-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\Shorty\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=
Gefunden [Extension] : aaipilfmheplbcghignccoiiebekkdhe
Gefunden [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Gefunden [Extension] : cikkkfooompgefbcjlgdjejfdknkheaj
Gefunden [Extension] : flpcjncodpafbgdpnkljologafpionhb
Gefunden [Extension] : gpiifgmgnfdiblgpaepbmfdkcheicgof
Gefunden [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Gefunden [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Gefunden [Extension] : pfndaklgolladniicklehhancnlgocpp

*************************

AdwCleaner[R0].txt - [11337 octets] - [09/06/2014 21:53:07]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [11398 octets] ##########

schrauber · 10.06.2014, 06:48

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Azzuros · 10.06.2014, 12:51

TDSSKiller.exe log datei

Code:

ATTFilter

13:44:40.0380 0x111c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
13:44:40.0380 0x111c  UEFI system
13:44:42.0494 0x111c  ============================================================
13:44:42.0494 0x111c  Current date / time: 2014/06/10 13:44:42.0494
13:44:42.0494 0x111c  SystemInfo:
13:44:42.0494 0x111c  
13:44:42.0494 0x111c  OS Version: 6.1.7600 ServicePack: 0.0
13:44:42.0494 0x111c  Product type: Workstation
13:44:42.0494 0x111c  ComputerName: SHORTY-PC
13:44:42.0494 0x111c  UserName: Shorty
13:44:42.0494 0x111c  Windows directory: C:\Windows
13:44:42.0494 0x111c  System windows directory: C:\Windows
13:44:42.0494 0x111c  Running under WOW64
13:44:42.0494 0x111c  Processor architecture: Intel x64
13:44:42.0494 0x111c  Number of processors: 4
13:44:42.0494 0x111c  Page size: 0x1000
13:44:42.0495 0x111c  Boot type: Normal boot
13:44:42.0495 0x111c  ============================================================
13:44:42.0777 0x111c  KLMD registered as C:\Windows\system32\drivers\85479477.sys
13:44:42.0826 0x111c  System UUID: {F07DE42B-75B1-9CD1-A0F8-EAE1CA3D2214}
13:44:43.0057 0x111c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:44:43.0058 0x111c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:44:43.0060 0x111c  ============================================================
13:44:43.0060 0x111c  \Device\Harddisk0\DR0:
13:44:43.0060 0x111c  GPT partitions:
13:44:43.0061 0x111c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {FE8F3EBD-2512-465C-AE9F-E2B6B131FC7F}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
13:44:43.0061 0x111c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {7F91867A-A77B-4435-90CC-4DA943A0D9F8}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
13:44:43.0061 0x111c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A51DCD27-5285-432D-8CFE-D97600BB85A0}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0xDF22000
13:44:43.0061 0x111c  MBR partitions:
13:44:43.0061 0x111c  \Device\Harddisk1\DR1:
13:44:43.0061 0x111c  MBR partitions:
13:44:43.0061 0x111c  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
13:44:43.0061 0x111c  ============================================================
13:44:43.0062 0x111c  C: <-> \Device\Harddisk0\DR0\Partition3
13:44:43.0067 0x111c  E: <-> \Device\Harddisk1\DR1\Partition1
13:44:43.0067 0x111c  ============================================================
13:44:43.0067 0x111c  Initialize success
13:44:43.0067 0x111c  ============================================================
13:45:08.0011 0x1224  ============================================================
13:45:08.0011 0x1224  Scan started
13:45:08.0011 0x1224  Mode: Manual; SigCheck; TDLFS; 
13:45:08.0011 0x1224  ============================================================
13:45:08.0011 0x1224  KSN ping started
13:45:10.0353 0x1224  KSN ping finished: true
13:45:10.0485 0x1224  ================ Scan system memory ========================
13:45:10.0486 0x1224  System memory - ok
13:45:10.0486 0x1224  ================ Scan services =============================
13:45:10.0506 0x1224  [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
13:45:10.0532 0x1224  1394ohci - ok
13:45:10.0542 0x1224  [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI            C:\Windows\system32\DRIVERS\ACPI.sys
13:45:10.0551 0x1224  ACPI - ok
13:45:10.0554 0x1224  [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi         C:\Windows\system32\DRIVERS\acpipmi.sys
13:45:10.0566 0x1224  AcpiPmi - ok
13:45:10.0570 0x1224  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:45:10.0575 0x1224  AdobeARMservice - ok
13:45:10.0590 0x1224  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:45:10.0597 0x1224  AdobeFlashPlayerUpdateSvc - ok
13:45:10.0612 0x1224  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:45:10.0626 0x1224  adp94xx - ok
13:45:10.0641 0x1224  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:45:10.0653 0x1224  adpahci - ok
13:45:10.0668 0x1224  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:45:10.0680 0x1224  adpu320 - ok
13:45:10.0685 0x1224  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:45:10.0831 0x1224  AeLookupSvc - ok
13:45:10.0864 0x1224  [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD             C:\Windows\system32\drivers\afd.sys
13:45:10.0901 0x1224  AFD - ok
13:45:10.0905 0x1224  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\DRIVERS\agp440.sys
13:45:10.0909 0x1224  agp440 - ok
13:45:10.0912 0x1224  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
13:45:10.0922 0x1224  ALG - ok
13:45:10.0924 0x1224  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\DRIVERS\aliide.sys
13:45:10.0928 0x1224  aliide - ok
13:45:10.0930 0x1224  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
13:45:10.0934 0x1224  amdide - ok
13:45:10.0938 0x1224  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:45:10.0947 0x1224  AmdK8 - ok
13:45:10.0949 0x1224  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:45:10.0956 0x1224  AmdPPM - ok
13:45:10.0960 0x1224  [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
13:45:10.0965 0x1224  amdsata - ok
13:45:10.0971 0x1224  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:45:10.0979 0x1224  amdsbs - ok
13:45:10.0981 0x1224  [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
13:45:10.0985 0x1224  amdxata - ok
13:45:10.0987 0x1224  [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID           C:\Windows\system32\drivers\appid.sys
13:45:11.0014 0x1224  AppID - ok
13:45:11.0016 0x1224  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:45:11.0035 0x1224  AppIDSvc - ok
13:45:11.0038 0x1224  [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo         C:\Windows\System32\appinfo.dll
13:45:11.0044 0x1224  Appinfo - ok
13:45:11.0058 0x1224  [ 3F602C37DCC6C8E7C338A326AA582FE2, F008FA1B3FBBED51B2BDE885592CF6D6F184EB6B520B76CD93D9FB4867EA68CD ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
13:45:11.0073 0x1224  Application Updater - ok
13:45:11.0077 0x1224  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:45:11.0082 0x1224  arc - ok
13:45:11.0085 0x1224  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:45:11.0090 0x1224  arcsas - ok
13:45:11.0098 0x1224  [ 041672BAC20B34EAEDEB033129655DD8, 14264732F0CACF5732C7652C411F0A1C3B4A4417C31DD289C8AFF170BE683E5A ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:45:11.0105 0x1224  aspnet_state - ok
13:45:11.0107 0x1224  [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys
13:45:11.0115 0x1224  AsrRamDisk - ok
13:45:11.0117 0x1224  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:45:11.0136 0x1224  AsyncMac - ok
13:45:11.0138 0x1224  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\DRIVERS\atapi.sys
13:45:11.0142 0x1224  atapi - ok
13:45:11.0165 0x1224  [ 7D89B0C443F6068E5B27AA3B972069FF, 34CBB7D44D060F1D614BCA1357C8A260A002C21E67D33E819F57815AC400CCBD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
13:45:11.0198 0x1224  athr - ok
13:45:11.0211 0x1224  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:45:11.0241 0x1224  AudioEndpointBuilder - ok
13:45:11.0253 0x1224  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:45:11.0280 0x1224  AudioSrv - ok
13:45:11.0284 0x1224  [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:45:11.0294 0x1224  AxInstSV - ok
13:45:11.0304 0x1224  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:45:11.0317 0x1224  b06bdrv - ok
13:45:11.0324 0x1224  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:45:11.0334 0x1224  b57nd60a - ok
13:45:11.0339 0x1224  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:45:11.0346 0x1224  BDESVC - ok
13:45:11.0348 0x1224  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:45:11.0365 0x1224  Beep - ok
13:45:11.0378 0x1224  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE             C:\Windows\System32\bfe.dll
13:45:11.0407 0x1224  BFE - ok
13:45:11.0422 0x1224  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS            C:\Windows\System32\qmgr.dll
13:45:11.0455 0x1224  BITS - ok
13:45:11.0459 0x1224  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:45:11.0465 0x1224  blbdrive - ok
13:45:11.0468 0x1224  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:45:11.0487 0x1224  bowser - ok
13:45:11.0489 0x1224  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:45:11.0496 0x1224  BrFiltLo - ok
13:45:11.0498 0x1224  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:45:11.0505 0x1224  BrFiltUp - ok
13:45:11.0509 0x1224  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser         C:\Windows\System32\browser.dll
13:45:11.0528 0x1224  Browser - ok
13:45:11.0536 0x1224  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:45:11.0568 0x1224  Brserid - ok
13:45:11.0576 0x1224  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:45:11.0586 0x1224  BrSerWdm - ok
13:45:11.0590 0x1224  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:45:11.0601 0x1224  BrUsbMdm - ok
13:45:11.0604 0x1224  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:45:11.0612 0x1224  BrUsbSer - ok
13:45:11.0631 0x1224  [ 9FD1D36A81C0B13DA1EAA0C8ABB4DC65, EC73BBB82E38BF320E5D4D1597B4170CBDB51E08CF533773E1B9C1209115679A ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
13:45:11.0645 0x1224  BstHdAndroidSvc - ok
13:45:11.0652 0x1224  [ B0CEC6040ABA5510B8D36E3066AF718D, EDA306270655A7D6849BEB8E1C7F9A3D5D55C04896A3994AC884D762022AE8D1 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
13:45:11.0656 0x1224  BstHdDrv - ok
13:45:11.0672 0x1224  [ 4015287649DBA0336CB27A2757C7E5E6, 359C4419836CA61D8CFAC5C6B4555B6694B47E0D22C59588A8A61ED59DA01194 ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
13:45:11.0685 0x1224  BstHdLogRotatorSvc - ok
13:45:11.0714 0x1224  [ 2A7A71452CE6106E1F50BE759C369E66, D169D2038287F25F10772E66EED469969D616930FF38401D1F30B2D35A6B23F5 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
13:45:11.0730 0x1224  BstHdUpdaterSvc - ok
13:45:11.0734 0x1224  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:45:11.0748 0x1224  BTHMODEM - ok
13:45:11.0755 0x1224  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
13:45:11.0781 0x1224  bthserv - ok
13:45:11.0785 0x1224  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:45:11.0807 0x1224  cdfs - ok
13:45:11.0815 0x1224  [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:45:11.0830 0x1224  cdrom - ok
13:45:11.0833 0x1224  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc     C:\Windows\System32\certprop.dll
13:45:11.0858 0x1224  CertPropSvc - ok
13:45:11.0863 0x1224  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:45:11.0871 0x1224  circlass - ok
13:45:11.0879 0x1224  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
13:45:11.0888 0x1224  CLFS - ok
13:45:11.0892 0x1224  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:45:11.0896 0x1224  clr_optimization_v2.0.50727_32 - ok
13:45:11.0902 0x1224  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:45:11.0908 0x1224  clr_optimization_v2.0.50727_64 - ok
13:45:11.0914 0x1224  [ 397C2677C25CBE213F3270245A401624, 8121E37108DE7A0402DC5111EBF452F91893B63EECE3AAD9EACF61C40D3FC182 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:45:11.0925 0x1224  clr_optimization_v4.0.30319_32 - ok
13:45:11.0929 0x1224  [ 29139759FCC4E4E0531ABE2EA82CE646, CFF7B2F4A9B37D343BE18DC40161DC03FA9DB308CAE9E0B3DF1FCDC3EBAC0C08 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:45:11.0938 0x1224  clr_optimization_v4.0.30319_64 - ok
13:45:11.0941 0x1224  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:45:11.0947 0x1224  CmBatt - ok
13:45:11.0950 0x1224  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\DRIVERS\cmdide.sys
13:45:11.0954 0x1224  cmdide - ok
13:45:11.0963 0x1224  [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG             C:\Windows\system32\Drivers\cng.sys
13:45:11.0976 0x1224  CNG - ok
13:45:11.0978 0x1224  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:45:11.0982 0x1224  Compbatt - ok
13:45:11.0985 0x1224  [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
13:45:11.0992 0x1224  CompositeBus - ok
13:45:11.0994 0x1224  COMSysApp - ok
13:45:12.0008 0x1224  [ 46609CA1A73B8045764E488EA8C73439, 8A604874D9CD7456F75294202376C02B013491462D268B894F86356906A704AE ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
13:45:12.0015 0x1224  cphs - ok
13:45:12.0018 0x1224  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:45:12.0021 0x1224  crcdisk - ok
13:45:12.0027 0x1224  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:45:12.0047 0x1224  CryptSvc - ok
13:45:12.0058 0x1224  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:45:12.0085 0x1224  DcomLaunch - ok
13:45:12.0091 0x1224  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
13:45:12.0114 0x1224  defragsvc - ok
13:45:12.0118 0x1224  [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:45:12.0137 0x1224  DfsC - ok
13:45:12.0144 0x1224  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:45:12.0166 0x1224  Dhcp - ok
13:45:12.0169 0x1224  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
13:45:12.0187 0x1224  discache - ok
13:45:12.0190 0x1224  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:45:12.0194 0x1224  Disk - ok
13:45:12.0198 0x1224  [ 5D8D8550BC62BAD035437E9F0820DFA0, E9F62E3116455260199DA07E799172CF72E1B04AB2F4F0C27201CA1E404B2A75 ] DlProtectSvc    C:\Windows\System32\DlProtectSvc.exe
13:45:12.0202 0x1224  DlProtectSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:45:14.0616 0x1224  DlProtectSvc ( UnsignedFile.Multi.Generic ) - warning
13:45:16.0983 0x1224  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:45:17.0026 0x1224  Dnscache - ok
13:45:17.0032 0x1224  [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:45:17.0054 0x1224  dot3svc - ok
13:45:17.0059 0x1224  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS             C:\Windows\system32\dps.dll
13:45:17.0079 0x1224  DPS - ok
13:45:17.0081 0x1224  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:45:17.0088 0x1224  drmkaud - ok
13:45:17.0094 0x1224  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
13:45:17.0101 0x1224  dtsoftbus01 - ok
13:45:17.0117 0x1224  [ 7CB7D2B73813CE05C7BC0F5F95D27CEC, F80AD7E946B8C8C27A0EB8A99B3A61C3F09E5442372D64EB4886D86B8D0AFCFD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:45:17.0155 0x1224  DXGKrnl - ok
13:45:17.0164 0x1224  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
13:45:17.0187 0x1224  EapHost - ok
13:45:17.0311 0x1224  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:45:17.0394 0x1224  ebdrv - ok
13:45:17.0401 0x1224  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
13:45:17.0413 0x1224  EFS - ok
13:45:17.0429 0x1224  [ B91D81B3B54A54CCAFC03733DBC2E29E, B08CFD3136F678CF902722B32CA55C4983EEE5AEBDCEE036BEB746914742141C ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:45:17.0448 0x1224  ehRecvr - ok
13:45:17.0452 0x1224  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
13:45:17.0459 0x1224  ehSched - ok
13:45:17.0469 0x1224  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:45:17.0481 0x1224  elxstor - ok
13:45:17.0484 0x1224  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\DRIVERS\errdev.sys
13:45:17.0489 0x1224  ErrDev - ok
13:45:17.0499 0x1224  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
13:45:17.0524 0x1224  EventSystem - ok
13:45:17.0530 0x1224  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
13:45:17.0551 0x1224  exfat - ok
13:45:17.0556 0x1224  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:45:17.0577 0x1224  fastfat - ok
13:45:17.0590 0x1224  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax             C:\Windows\system32\fxssvc.exe
13:45:17.0608 0x1224  Fax - ok
13:45:17.0611 0x1224  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:45:17.0618 0x1224  fdc - ok
13:45:17.0620 0x1224  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
13:45:17.0639 0x1224  fdPHost - ok
13:45:17.0641 0x1224  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:45:17.0659 0x1224  FDResPub - ok
13:45:17.0662 0x1224  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:45:17.0666 0x1224  FileInfo - ok
13:45:17.0669 0x1224  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:45:17.0687 0x1224  Filetrace - ok
13:45:17.0689 0x1224  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:45:17.0694 0x1224  flpydisk - ok
13:45:17.0701 0x1224  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:45:17.0709 0x1224  FltMgr - ok
13:45:17.0728 0x1224  [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache       C:\Windows\system32\FntCache.dll
13:45:17.0767 0x1224  FontCache - ok
13:45:17.0771 0x1224  [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:45:17.0775 0x1224  FontCache3.0.0.0 - ok
13:45:17.0778 0x1224  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:45:17.0782 0x1224  FsDepends - ok
13:45:17.0784 0x1224  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:45:17.0788 0x1224  Fs_Rec - ok
13:45:17.0792 0x1224  [ B8B2A6E1558F8F5DE5CE431C5B2C7B09, 24A9F04A0622681A4E4B6BCC47C45016787C6036EAD828920812D9FAD49A71E3 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:45:17.0801 0x1224  fvevol - ok
13:45:17.0804 0x1224  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:45:17.0809 0x1224  gagp30kx - ok
13:45:17.0812 0x1224  globalUpdate - ok
13:45:17.0813 0x1224  globalUpdatem - ok
13:45:17.0816 0x1224  [ 5D4DF0BAC74E9AC62AF6BC99440B050B, 655110646BFF890C448C0951E11132DC3592BDA6E080696341B930D090224723 ] GPCIDrv         C:\Program Files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys
13:45:17.0819 0x1224  GPCIDrv - ok
13:45:17.0834 0x1224  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc           C:\Windows\System32\gpsvc.dll
13:45:17.0857 0x1224  gpsvc - ok
13:45:17.0861 0x1224  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:45:17.0865 0x1224  gupdate - ok
13:45:17.0868 0x1224  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:45:17.0872 0x1224  gupdatem - ok
13:45:17.0875 0x1224  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
13:45:17.0877 0x1224  hamachi - ok
13:45:17.0911 0x1224  [ 5D943A7CDD83F533D41A22E882677C6E, E9CD581EC985B3F765E5E890A02B2D8FE4E5345063969831278CB3876DFF1273 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
13:45:17.0948 0x1224  Hamachi2Svc - ok
13:45:17.0952 0x1224  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:45:17.0958 0x1224  hcw85cir - ok
13:45:17.0965 0x1224  [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:45:17.0979 0x1224  HdAudAddService - ok
13:45:17.0982 0x1224  [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
13:45:17.0991 0x1224  HDAudBus - ok
13:45:17.0993 0x1224  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:45:18.0000 0x1224  HidBatt - ok
13:45:18.0004 0x1224  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:45:18.0014 0x1224  HidBth - ok
13:45:18.0018 0x1224  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:45:18.0026 0x1224  HidIr - ok
13:45:18.0029 0x1224  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
13:45:18.0047 0x1224  hidserv - ok
13:45:18.0050 0x1224  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:45:18.0056 0x1224  HidUsb - ok
13:45:18.0059 0x1224  [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:45:18.0078 0x1224  hkmsvc - ok
13:45:18.0084 0x1224  [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:45:18.0094 0x1224  HomeGroupListener - ok
13:45:18.0099 0x1224  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:45:18.0108 0x1224  HomeGroupProvider - ok
13:45:18.0112 0x1224  [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD          C:\Windows\system32\DRIVERS\HpSAMD.sys
13:45:18.0117 0x1224  HpSAMD - ok
13:45:18.0130 0x1224  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:45:18.0160 0x1224  HTTP - ok
13:45:18.0163 0x1224  [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:45:18.0166 0x1224  hwpolicy - ok
13:45:18.0170 0x1224  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
13:45:18.0177 0x1224  i8042prt - ok
13:45:18.0188 0x1224  [ CCFA835960E35F30D28A868E0B3B8722, 47D95E75685F9D40229902A92426FBCB358EA929202EAFBBF79C72873B8B9032 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
13:45:18.0198 0x1224  iaStor - ok
13:45:18.0202 0x1224  [ 1F35EFEC56CD1BF62435EAF97EABC3B3, 0246EB0295D28A33FC4C430117FFEE2B553C007040DB975EFCBB29FF881F2D4B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:45:18.0205 0x1224  IAStorDataMgrSvc - ok
13:45:18.0212 0x1224  [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV         C:\Windows\system32\DRIVERS\iaStorV.sys
13:45:18.0222 0x1224  iaStorV - ok
13:45:18.0225 0x1224  [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT          C:\Windows\system32\DRIVERS\ICCWDT.sys
13:45:18.0227 0x1224  ICCWDT - ok
13:45:18.0231 0x1224  [ DAF66902F08796F9C694901660E5A64A, F4A4764DED05980426BAB54AAF040BC27A39C80315F5161E8D0B4C7F694BD8E6 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
13:45:18.0234 0x1224  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
13:45:20.0658 0x1224  Detect skipped due to KSN trusted
13:45:20.0659 0x1224  IDriverT - ok
13:45:20.0686 0x1224  [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:45:20.0708 0x1224  idsvc - ok
13:45:20.0918 0x1224  [ 72A89FFAB63239771DEE03C15AE7CAFD, 60577A06AC193003A21F47DFEA6CCDD26010104773D87DD4F4F9EB19CF313866 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
13:45:21.0226 0x1224  igfx - ok
13:45:21.0240 0x1224  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:45:21.0247 0x1224  iirsp - ok
13:45:21.0273 0x1224  [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT          C:\Windows\System32\ikeext.dll
13:45:21.0311 0x1224  IKEEXT - ok
13:45:21.0406 0x1224  [ F2744FD54BE1580BE05916D1C755C92A, 27FAC146876B6C6EBE0C00CDEC3E01C69DACB2584BEC85DD0FE5B55AD2157452 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:45:21.0448 0x1224  IntcAzAudAddService - ok
13:45:21.0457 0x1224  [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
13:45:21.0468 0x1224  IntcDAud - ok
13:45:21.0479 0x1224  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
13:45:21.0492 0x1224  Intel(R) Capability Licensing Service Interface - ok
13:45:21.0496 0x1224  [ 896AA2F1D79662B17D5DBBE588E24E30, 834257B3C247ECA0130A55FB8E5F906F54B94A124FBB842DB7D679C030BD439B ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
13:45:21.0501 0x1224  Intel(R) ME Service - ok
13:45:21.0503 0x1224  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\DRIVERS\intelide.sys
13:45:21.0507 0x1224  intelide - ok
13:45:21.0510 0x1224  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:45:21.0516 0x1224  intelppm - ok
13:45:21.0519 0x1224  [ D9EF5CDBBD784E0E211BF1F695E91382, 0764A88D32744DB51CCD678881C5CD22C5BA6AC938F64BD98C245A314E4728CD ] iocbios2        C:\Program Files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys
13:45:21.0522 0x1224  iocbios2 - ok
13:45:21.0525 0x1224  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:45:21.0545 0x1224  IPBusEnum - ok
13:45:21.0549 0x1224  [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:45:21.0569 0x1224  IpFilterDriver - ok
13:45:21.0580 0x1224  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:45:21.0608 0x1224  iphlpsvc - ok
13:45:21.0612 0x1224  [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV         C:\Windows\system32\DRIVERS\IPMIDrv.sys
13:45:21.0620 0x1224  IPMIDRV - ok
13:45:21.0623 0x1224  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:45:21.0643 0x1224  IPNAT - ok
13:45:21.0646 0x1224  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:45:21.0653 0x1224  IRENUM - ok
13:45:21.0655 0x1224  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\DRIVERS\isapnp.sys
13:45:21.0659 0x1224  isapnp - ok
13:45:21.0666 0x1224  [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
13:45:21.0675 0x1224  iScsiPrt - ok
13:45:21.0678 0x1224  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
13:45:21.0680 0x1224  iusb3hcs - ok
13:45:21.0694 0x1224  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
13:45:21.0702 0x1224  iusb3hub - ok
13:45:21.0730 0x1224  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
13:45:21.0743 0x1224  iusb3xhc - ok
13:45:21.0754 0x1224  [ 3C6630473DD42FFC57D9F5564F533127, 1B2BBB8CF7AD5BF3F99565DA49F51B1E15D4B35698C105C0597DDBEB2DA61A83 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
13:45:21.0761 0x1224  jhi_service - ok
13:45:21.0765 0x1224  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:45:21.0769 0x1224  kbdclass - ok
13:45:21.0772 0x1224  [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:45:21.0785 0x1224  kbdhid - ok
13:45:21.0791 0x1224  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
13:45:21.0797 0x1224  KeyIso - ok
13:45:21.0803 0x1224  [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:45:21.0808 0x1224  KSecDD - ok
13:45:21.0816 0x1224  [ BBE1BF6D9B661C354D4857D5FADB943B, D2F6E52CCD0DF07B3D92669B941CEB9A59E16D3518226F11028A70DBDEFABBCF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:45:21.0823 0x1224  KSecPkg - ok
13:45:21.0825 0x1224  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:45:21.0843 0x1224  ksthunk - ok
13:45:21.0859 0x1224  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:45:21.0890 0x1224  KtmRm - ok
13:45:21.0895 0x1224  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:45:21.0917 0x1224  LanmanServer - ok
13:45:21.0921 0x1224  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:45:21.0941 0x1224  LanmanWorkstation - ok
13:45:21.0944 0x1224  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:45:21.0962 0x1224  lltdio - ok
13:45:21.0969 0x1224  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:45:21.0992 0x1224  lltdsvc - ok
13:45:21.0995 0x1224  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:45:22.0013 0x1224  lmhosts - ok
13:45:22.0020 0x1224  [ D5F9C50082FA5F82C35922998B3DAD6E, 4957FB1888EC69E16E6D019F2D984EE810F8532FAB504B30D32518E4D3F01FDB ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
13:45:22.0029 0x1224  LMIGuardianSvc - ok
13:45:22.0035 0x1224  [ 2B23FAA39D8F949ED5EEE03ECA50BCD5, 7CEF2455D21A355542B290F4F18EDBC444F3704A31E569652D96A0A3E6799826 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:45:22.0042 0x1224  LMS - ok
13:45:22.0048 0x1224  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:45:22.0054 0x1224  LSI_FC - ok
13:45:22.0057 0x1224  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:45:22.0062 0x1224  LSI_SAS - ok
13:45:22.0065 0x1224  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:45:22.0070 0x1224  LSI_SAS2 - ok
13:45:22.0073 0x1224  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:45:22.0079 0x1224  LSI_SCSI - ok
13:45:22.0082 0x1224  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
13:45:22.0102 0x1224  luafv - ok
13:45:22.0105 0x1224  [ 039E4A64A5B6DE525E8CACFF1207B049, C907064F770D28193B8D3F6E1B14E0FF0424DBB7F977894FFEEC04FBB887D0AC ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv.sys
13:45:22.0108 0x1224  ManyCam - ok
13:45:22.0112 0x1224  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
13:45:22.0115 0x1224  MBfilt - ok
13:45:22.0117 0x1224  [ F1CE49C11A9833A5D2EC32443A142064, 70BFA69B61304F7FD4193205B59019B489FE9CE1D3E961568DCACBE0C68EC7B5 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys
13:45:22.0120 0x1224  mcaudrv_simple - ok
13:45:22.0123 0x1224  [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:45:22.0131 0x1224  Mcx2Svc - ok
13:45:22.0133 0x1224  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:45:22.0137 0x1224  megasas - ok
13:45:22.0144 0x1224  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:45:22.0153 0x1224  MegaSR - ok
13:45:22.0156 0x1224  [ 6B01B7414A105B9E51652089A03027CF, 9B113DC22F7D0D0B376E577C6D7083F9EDC09BBFE47726393E16D4FDAAAE21FE ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
13:45:22.0159 0x1224  MEIx64 - ok
13:45:22.0162 0x1224  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
13:45:22.0182 0x1224  MMCSS - ok
13:45:22.0184 0x1224  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
13:45:22.0202 0x1224  Modem - ok
13:45:22.0205 0x1224  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:45:22.0212 0x1224  monitor - ok
13:45:22.0215 0x1224  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:45:22.0219 0x1224  mouclass - ok
13:45:22.0221 0x1224  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:45:22.0227 0x1224  mouhid - ok
13:45:22.0230 0x1224  [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:45:22.0235 0x1224  mountmgr - ok
13:45:22.0239 0x1224  [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio            C:\Windows\system32\DRIVERS\mpio.sys
13:45:22.0245 0x1224  mpio - ok
13:45:22.0248 0x1224  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:45:22.0267 0x1224  mpsdrv - ok
13:45:22.0281 0x1224  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:45:22.0314 0x1224  MpsSvc - ok
13:45:22.0319 0x1224  [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:45:22.0329 0x1224  MRxDAV - ok
13:45:22.0333 0x1224  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:45:22.0353 0x1224  mrxsmb - ok
13:45:22.0360 0x1224  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:45:22.0383 0x1224  mrxsmb10 - ok
13:45:22.0387 0x1224  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:45:22.0406 0x1224  mrxsmb20 - ok
13:45:22.0409 0x1224  [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci          C:\Windows\system32\DRIVERS\msahci.sys
13:45:22.0412 0x1224  msahci - ok
13:45:22.0422 0x1224  [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm           C:\Windows\system32\DRIVERS\msdsm.sys
13:45:22.0432 0x1224  msdsm - ok
13:45:22.0440 0x1224  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
13:45:22.0449 0x1224  MSDTC - ok
13:45:22.0455 0x1224  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:45:22.0476 0x1224  Msfs - ok
13:45:22.0478 0x1224  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:45:22.0495 0x1224  mshidkmdf - ok
13:45:22.0498 0x1224  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\DRIVERS\msisadrv.sys
13:45:22.0501 0x1224  msisadrv - ok
13:45:22.0506 0x1224  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:45:22.0536 0x1224  MSiSCSI - ok
13:45:22.0538 0x1224  msiserver - ok
13:45:22.0540 0x1224  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:45:22.0558 0x1224  MSKSSRV - ok
13:45:22.0560 0x1224  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:45:22.0578 0x1224  MSPCLOCK - ok
13:45:22.0580 0x1224  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:45:22.0598 0x1224  MSPQM - ok
13:45:22.0605 0x1224  [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:45:22.0614 0x1224  MsRPC - ok
13:45:22.0617 0x1224  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
13:45:22.0621 0x1224  mssmbios - ok
13:45:22.0623 0x1224  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:45:22.0641 0x1224  MSTEE - ok
13:45:22.0643 0x1224  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:45:22.0649 0x1224  MTConfig - ok
13:45:22.0652 0x1224  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
13:45:22.0656 0x1224  Mup - ok
13:45:22.0665 0x1224  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent        C:\Windows\system32\qagentRT.dll
13:45:22.0691 0x1224  napagent - ok
13:45:22.0698 0x1224  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:45:22.0711 0x1224  NativeWifiP - ok
13:45:22.0727 0x1224  [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:45:22.0746 0x1224  NDIS - ok
13:45:22.0748 0x1224  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:45:22.0766 0x1224  NdisCap - ok
13:45:22.0769 0x1224  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:45:22.0786 0x1224  NdisTapi - ok
13:45:22.0789 0x1224  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:45:22.0808 0x1224  Ndisuio - ok
13:45:22.0812 0x1224  [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:45:22.0833 0x1224  NdisWan - ok
13:45:22.0835 0x1224  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:45:22.0854 0x1224  NDProxy - ok
13:45:22.0856 0x1224  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:45:22.0875 0x1224  NetBIOS - ok
13:45:22.0880 0x1224  [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:45:22.0902 0x1224  NetBT - ok
13:45:22.0904 0x1224  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
13:45:22.0910 0x1224  Netlogon - ok
13:45:22.0918 0x1224  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
13:45:22.0942 0x1224  Netman - ok
13:45:22.0949 0x1224  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:22.0956 0x1224  NetMsmqActivator - ok
13:45:22.0959 0x1224  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:22.0964 0x1224  NetPipeActivator - ok
13:45:22.0968 0x1224  [ 02351520D035CA389BA8877612D88509, FB9AD3CDC4ABD56DA740A41CCB82FF1E12D2353F96A39D0D5BEBECFBC30F02A3 ] Netplwi{        C:\Windows\system32\wkscli64.exe
13:45:22.0973 0x1224  Netplwi{ - detected UnsignedFile.Multi.Generic ( 1 )
13:45:25.0326 0x1224  Netplwi{ ( UnsignedFile.Multi.Generic ) - warning
13:45:27.0704 0x1224  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
13:45:27.0731 0x1224  netprofm - ok
13:45:27.0735 0x1224  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:27.0740 0x1224  NetTcpActivator - ok
13:45:27.0744 0x1224  [ 9A7D3A1AA5C830744FF6C44BB55A347A, 42D3281893DB4C0DDA6A7BDA92D3CCE23968D0E3CF880777B8DBBFD955629B08 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:45:27.0749 0x1224  NetTcpPortSharing - ok
13:45:27.0752 0x1224  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:45:27.0757 0x1224  nfrd960 - ok
13:45:27.0763 0x1224  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:45:27.0788 0x1224  NlaSvc - ok
13:45:27.0791 0x1224  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:45:27.0810 0x1224  Npfs - ok
13:45:27.0812 0x1224  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
13:45:27.0831 0x1224  nsi - ok
13:45:27.0833 0x1224  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:45:27.0852 0x1224  nsiproxy - ok
13:45:27.0878 0x1224  [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:45:27.0909 0x1224  Ntfs - ok
13:45:27.0912 0x1224  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
13:45:27.0930 0x1224  Null - ok
13:45:27.0935 0x1224  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:45:27.0941 0x1224  NVHDA - ok
13:45:28.0116 0x1224  [ 0AC797F70F2F3E5B69A34FF2F63496F3, 80A811F8234BA00779BA76AAF41E830FB6CED03667E6E8F430C14DEBF2E45DD9 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:45:28.0296 0x1224  nvlddmkm - ok
13:45:28.0330 0x1224  [ C22ADABFABBC2B7AC189C87D87B1ABD6, 20886F806C1C02FA8BAA8B76AFCC32C40FA51921ED8D97F592DF9F92BFA933EE ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
13:45:28.0360 0x1224  NvNetworkService - ok
13:45:28.0365 0x1224  [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid          C:\Windows\system32\DRIVERS\nvraid.sys
13:45:28.0371 0x1224  nvraid - ok
13:45:28.0376 0x1224  [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor          C:\Windows\system32\DRIVERS\nvstor.sys
13:45:28.0382 0x1224  nvstor - ok
13:45:28.0385 0x1224  [ A88135181D776F8C18550A589A9CAF2D, 47CA5246A55198BA5DEDD34C93A3C5E2DF0EED29ADA3F27AB963857116B6048E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
13:45:28.0388 0x1224  NvStreamKms - ok
13:45:28.0389 0x1224  NvStreamSvc - ok
13:45:28.0405 0x1224  [ C135A25E8CF21EB631AB041ABB1F73EA, D0A3DC0411E888D0934B7579EEB980FA7824E3F22F70819A33411D8B8BC9EE42 ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:45:28.0423 0x1224  nvsvc - ok
13:45:28.0426 0x1224  [ 75034A4D7C02327D150B617571D4196A, 8E7DAFEC4307E883D52BD0B5F0732E26E019C953770B52ACBBAD3074A66393CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
13:45:28.0429 0x1224  nvvad_WaveExtensible - ok
13:45:28.0432 0x1224  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\DRIVERS\nv_agp.sys
13:45:28.0438 0x1224  nv_agp - ok
13:45:28.0441 0x1224  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
13:45:28.0448 0x1224  ohci1394 - ok
13:45:28.0455 0x1224  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:45:28.0467 0x1224  p2pimsvc - ok
13:45:28.0476 0x1224  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
13:45:28.0489 0x1224  p2psvc - ok
13:45:28.0493 0x1224  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:45:28.0500 0x1224  Parport - ok
13:45:28.0503 0x1224  [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:45:28.0508 0x1224  partmgr - ok
13:45:28.0512 0x1224  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:45:28.0524 0x1224  PcaSvc - ok
13:45:28.0529 0x1224  [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci             C:\Windows\system32\DRIVERS\pci.sys
13:45:28.0536 0x1224  pci - ok
13:45:28.0540 0x1224  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\DRIVERS\pciide.sys
13:45:28.0543 0x1224  pciide - ok
13:45:28.0549 0x1224  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:45:28.0556 0x1224  pcmcia - ok
13:45:28.0558 0x1224  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:45:28.0563 0x1224  pcw - ok
13:45:28.0574 0x1224  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:45:28.0604 0x1224  PEAUTH - ok
13:45:28.0616 0x1224  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:45:28.0622 0x1224  PerfHost - ok
13:45:28.0647 0x1224  [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla             C:\Windows\system32\pla.dll
13:45:28.0691 0x1224  pla - ok
13:45:28.0700 0x1224  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:45:28.0725 0x1224  PlugPlay - ok
13:45:28.0727 0x1224  PnkBstrA - ok
13:45:28.0729 0x1224  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:45:28.0735 0x1224  PNRPAutoReg - ok
13:45:28.0741 0x1224  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:45:28.0751 0x1224  PNRPsvc - ok
13:45:28.0761 0x1224  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:45:28.0788 0x1224  PolicyAgent - ok
13:45:28.0793 0x1224  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
13:45:28.0814 0x1224  Power - ok
13:45:28.0818 0x1224  [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:45:28.0837 0x1224  PptpMiniport - ok
13:45:28.0840 0x1224  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:45:28.0847 0x1224  Processor - ok
13:45:28.0852 0x1224  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc         C:\Windows\system32\profsvc.dll
13:45:28.0874 0x1224  ProfSvc - ok
13:45:28.0876 0x1224  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
13:45:28.0882 0x1224  ProtectedStorage - ok
13:45:28.0886 0x1224  [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:45:28.0906 0x1224  Psched - ok
13:45:28.0933 0x1224  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:45:28.0963 0x1224  ql2300 - ok
13:45:28.0968 0x1224  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:45:28.0973 0x1224  ql40xx - ok
13:45:28.0979 0x1224  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
13:45:28.0991 0x1224  QWAVE - ok
13:45:28.0993 0x1224  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:45:29.0002 0x1224  QWAVEdrv - ok
13:45:29.0004 0x1224  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:45:29.0022 0x1224  RasAcd - ok
13:45:29.0025 0x1224  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:45:29.0043 0x1224  RasAgileVpn - ok
13:45:29.0046 0x1224  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
13:45:29.0066 0x1224  RasAuto - ok
13:45:29.0070 0x1224  [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:45:29.0090 0x1224  Rasl2tp - ok
13:45:29.0097 0x1224  [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan          C:\Windows\System32\rasmans.dll
13:45:29.0122 0x1224  RasMan - ok
13:45:29.0125 0x1224  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:45:29.0144 0x1224  RasPppoe - ok
13:45:29.0147 0x1224  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:45:29.0166 0x1224  RasSstp - ok
13:45:29.0173 0x1224  [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:45:29.0196 0x1224  rdbss - ok
13:45:29.0199 0x1224  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:45:29.0206 0x1224  rdpbus - ok
13:45:29.0208 0x1224  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:45:29.0225 0x1224  RDPCDD - ok
13:45:29.0228 0x1224  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:45:29.0246 0x1224  RDPENCDD - ok
13:45:29.0249 0x1224  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:45:29.0267 0x1224  RDPREFMP - ok
13:45:29.0273 0x1224  [ 8A3E6BEA1C53EA6177FE2B6EBA2C80D7, 02179089E0816AD544F370A8A3557498D09981F60CC94E497DC4A5A2BBBE1E48 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:45:29.0297 0x1224  RDPWD - ok
13:45:29.0302 0x1224  [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:45:29.0309 0x1224  rdyboost - ok
13:45:29.0313 0x1224  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:45:29.0333 0x1224  RemoteAccess - ok
13:45:29.0338 0x1224  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:45:29.0359 0x1224  RemoteRegistry - ok
13:45:29.0362 0x1224  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:45:29.0382 0x1224  RpcEptMapper - ok
13:45:29.0384 0x1224  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
13:45:29.0390 0x1224  RpcLocator - ok
13:45:29.0399 0x1224  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs           C:\Windows\system32\rpcss.dll
13:45:29.0425 0x1224  RpcSs - ok
13:45:29.0429 0x1224  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:45:29.0448 0x1224  rspndr - ok
13:45:29.0458 0x1224  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
13:45:29.0468 0x1224  RTL8167 - ok
13:45:29.0471 0x1224  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
13:45:29.0477 0x1224  SamSs - ok
13:45:29.0480 0x1224  [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port        C:\Windows\system32\DRIVERS\sbp2port.sys
13:45:29.0486 0x1224  sbp2port - ok
13:45:29.0491 0x1224  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:45:29.0513 0x1224  SCardSvr - ok
13:45:29.0515 0x1224  [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:45:29.0533 0x1224  scfilter - ok
13:45:29.0553 0x1224  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule        C:\Windows\system32\schedsvc.dll
13:45:29.0591 0x1224  Schedule - ok
13:45:29.0595 0x1224  [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:45:29.0613 0x1224  SCPolicySvc - ok
13:45:29.0615 0x1224  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
13:45:29.0618 0x1224  ScreamBAudioSvc - ok
13:45:29.0623 0x1224  [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:45:29.0632 0x1224  SDRSVC - ok
13:45:29.0634 0x1224  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:45:29.0652 0x1224  secdrv - ok
13:45:29.0655 0x1224  [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon        C:\Windows\system32\seclogon.dll
13:45:29.0674 0x1224  seclogon - ok
13:45:29.0677 0x1224  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
13:45:29.0696 0x1224  SENS - ok
13:45:29.0699 0x1224  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:45:29.0705 0x1224  SensrSvc - ok
13:45:29.0707 0x1224  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:45:29.0712 0x1224  Serenum - ok
13:45:29.0716 0x1224  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:45:29.0722 0x1224  Serial - ok
13:45:29.0725 0x1224  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:45:29.0731 0x1224  sermouse - ok
13:45:29.0737 0x1224  [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:45:29.0757 0x1224  SessionEnv - ok
13:45:29.0759 0x1224  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\DRIVERS\sffdisk.sys
13:45:29.0766 0x1224  sffdisk - ok
13:45:29.0768 0x1224  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\DRIVERS\sffp_mmc.sys
13:45:29.0775 0x1224  sffp_mmc - ok
13:45:29.0777 0x1224  [ 5588B8C6193EB1522490C122EB94DFFA, 53AE3597D3305F2839130A2F3567F1690564B922035503EB418B9DE1586AEA43 ] sffp_sd         C:\Windows\system32\DRIVERS\sffp_sd.sys
13:45:29.0784 0x1224  sffp_sd - ok
13:45:29.0786 0x1224  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:45:29.0792 0x1224  sfloppy - ok
13:45:29.0799 0x1224  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:45:29.0824 0x1224  SharedAccess - ok
13:45:29.0831 0x1224  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:45:29.0846 0x1224  ShellHWDetection - ok
13:45:29.0849 0x1224  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:45:29.0853 0x1224  SiSRaid2 - ok
13:45:29.0856 0x1224  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:45:29.0861 0x1224  SiSRaid4 - ok
13:45:29.0894 0x1224  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     E:\Program Files (x86)\Skype\Updater\Updater.exe
13:45:29.0908 0x1224  SkypeUpdate - ok
13:45:29.0915 0x1224  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:45:29.0942 0x1224  Smb - ok
13:45:29.0946 0x1224  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:45:29.0954 0x1224  SNMPTRAP - ok
13:45:29.0956 0x1224  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:45:29.0960 0x1224  spldr - ok
13:45:29.0971 0x1224  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] Spooler         C:\Windows\System32\spoolsv.exe
13:45:29.0987 0x1224  Spooler - ok
13:45:30.0039 0x1224  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc          C:\Windows\system32\sppsvc.exe
13:45:30.0110 0x1224  sppsvc - ok
13:45:30.0115 0x1224  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:45:30.0134 0x1224  sppuinotify - ok
13:45:30.0143 0x1224  [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:45:30.0169 0x1224  srv - ok
13:45:30.0177 0x1224  [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:45:30.0203 0x1224  srv2 - ok
13:45:30.0207 0x1224  [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:45:30.0228 0x1224  srvnet - ok
13:45:30.0233 0x1224  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:45:30.0254 0x1224  SSDPSRV - ok
13:45:30.0257 0x1224  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:45:30.0277 0x1224  SstpSvc - ok
13:45:30.0287 0x1224  [ 6E1A473DD2A4714EAF7D11E2315DF794, 4460546191072C7DF8B2E5A00577BA8E4FF5A1B2EA399DDF65EBE1AE4A5A5C84 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
13:45:30.0298 0x1224  Steam Client Service - ok
13:45:30.0307 0x1224  [ 718D79F2E7EC3AFFD3661DA81F93BBEA, BA2A4E58E5EE06392EE6F4C2E738DC807EC5A8B9F6DD4B7935FE27CBC648E390 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:45:30.0316 0x1224  Stereo Service - ok
13:45:30.0319 0x1224  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:45:30.0323 0x1224  stexstor - ok
13:45:30.0334 0x1224  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc          C:\Windows\System32\wiaservc.dll
13:45:30.0353 0x1224  stisvc - ok
13:45:30.0355 0x1224  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
13:45:30.0359 0x1224  swenum - ok
13:45:30.0369 0x1224  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
13:45:30.0396 0x1224  swprv - ok
13:45:30.0424 0x1224  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain         C:\Windows\system32\sysmain.dll
13:45:30.0465 0x1224  SysMain - ok
13:45:30.0469 0x1224  [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:45:30.0479 0x1224  TabletInputService - ok
13:45:30.0486 0x1224  [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:45:30.0510 0x1224  TapiSrv - ok
13:45:30.0513 0x1224  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
13:45:30.0532 0x1224  TBS - ok
13:45:30.0562 0x1224  [ 7FC877A25796D8ADF539E64703FCA7E1, 9099A131FA05DCC10733460F2923671E9B8F878D769755E10D0E7261EC2A15EC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:45:30.0596 0x1224  Tcpip - ok
13:45:30.0626 0x1224  [ 7FC877A25796D8ADF539E64703FCA7E1, 9099A131FA05DCC10733460F2923671E9B8F878D769755E10D0E7261EC2A15EC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:45:30.0655 0x1224  TCPIP6 - ok
13:45:30.0660 0x1224  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:45:30.0677 0x1224  tcpipreg - ok
13:45:30.0680 0x1224  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:45:30.0686 0x1224  TDPIPE - ok
13:45:30.0689 0x1224  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:45:30.0706 0x1224  TDTCP - ok
13:45:30.0710 0x1224  [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:45:30.0729 0x1224  tdx - ok
13:45:30.0731 0x1224  [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
13:45:30.0735 0x1224  TermDD - ok
13:45:30.0748 0x1224  [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService     C:\Windows\System32\termsrv.dll
13:45:30.0779 0x1224  TermService - ok
13:45:30.0782 0x1224  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
13:45:30.0791 0x1224  Themes - ok
13:45:30.0794 0x1224  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
13:45:30.0812 0x1224  THREADORDER - ok
13:45:30.0816 0x1224  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
13:45:30.0836 0x1224  TrkWks - ok
13:45:30.0841 0x1224  [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:45:30.0850 0x1224  TrustedInstaller - ok
13:45:30.0854 0x1224  [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:45:30.0872 0x1224  tssecsrv - ok
13:45:30.0875 0x1224  [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:45:30.0895 0x1224  tunnel - ok
13:45:30.0898 0x1224  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:45:30.0902 0x1224  uagp35 - ok
13:45:30.0909 0x1224  [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:45:30.0932 0x1224  udfs - ok
13:45:30.0937 0x1224  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:45:30.0943 0x1224  UI0Detect - ok
13:45:30.0946 0x1224  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\DRIVERS\uliagpkx.sys
13:45:30.0951 0x1224  uliagpkx - ok
13:45:30.0953 0x1224  [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:45:30.0959 0x1224  umbus - ok
13:45:30.0962 0x1224  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:45:30.0967 0x1224  UmPass - ok
13:45:30.0975 0x1224  [ 3C5405EF78576E8E4D791EB18F6856A8, 18FD6A5C0ACD045B324F46C7C596D537D52F43B7F2896F0D54CEBEFF4886CAEC ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:45:30.0983 0x1224  UNS - ok
13:45:30.0990 0x1224  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
13:45:31.0015 0x1224  upnphost - ok
13:45:31.0018 0x1224  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:45:31.0025 0x1224  usbccgp - ok
13:45:31.0029 0x1224  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\DRIVERS\usbcir.sys
13:45:31.0038 0x1224  usbcir - ok
13:45:31.0040 0x1224  [ 2EA4AFF7BE7EB4632E3AA8595B0803B5, CBECE7CEC0EFA4B283C63E9B6A270D595F5F3D006306DA5E5121BBFDCAB16376 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:45:31.0047 0x1224  usbehci - ok
13:45:31.0053 0x1224  [ 4C9042B8DF86C1E8E6240C218B99B39B, D286633311C047B9C4FB1AA89D7B02B9F943FDDCE473255DC8E14DD07CC9B292 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:45:31.0065 0x1224  usbhub - ok
13:45:31.0067 0x1224  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
13:45:31.0073 0x1224  usbohci - ok
13:45:31.0075 0x1224  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:45:31.0083 0x1224  usbprint - ok
13:45:31.0086 0x1224  [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:45:31.0093 0x1224  USBSTOR - ok
13:45:31.0096 0x1224  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:45:31.0102 0x1224  usbuhci - ok
13:45:31.0104 0x1224  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
13:45:31.0123 0x1224  UxSms - ok
13:45:31.0125 0x1224  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
13:45:31.0131 0x1224  VaultSvc - ok
13:45:31.0134 0x1224  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\DRIVERS\vdrvroot.sys
13:45:31.0138 0x1224  vdrvroot - ok
13:45:31.0147 0x1224  [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds             C:\Windows\System32\vds.exe
13:45:31.0163 0x1224  vds - ok
13:45:31.0166 0x1224  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:45:31.0173 0x1224  vga - ok
13:45:31.0175 0x1224  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:45:31.0193 0x1224  VgaSave - ok
13:45:31.0198 0x1224  [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp           C:\Windows\system32\DRIVERS\vhdmp.sys
13:45:31.0291 0x1224  vhdmp - ok
13:45:31.0296 0x1224  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\DRIVERS\viaide.sys
13:45:31.0304 0x1224  viaide - ok
13:45:31.0310 0x1224  [ B5BA71EADEED0773D2E0978F962E1BF3, 5A0A4A44281EEC31EF01A01CC962CEDCE15569452C64BA71B020A6417CF8F6CA ] Visual Studio Analyzer RPC bridge C:\Program Files (x86)\Microsoft Visual Studio\Common\Tools\VS-Ent98\Vanalyzr\varpc.exe
13:45:31.0317 0x1224  Visual Studio Analyzer RPC bridge - detected UnsignedFile.Multi.Generic ( 1 )
13:45:33.0746 0x1224  Detect skipped due to KSN trusted
13:45:33.0746 0x1224  Visual Studio Analyzer RPC bridge - ok
13:45:33.0749 0x1224  [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr          C:\Windows\system32\DRIVERS\volmgr.sys
13:45:33.0754 0x1224  volmgr - ok
13:45:33.0761 0x1224  [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:45:33.0770 0x1224  volmgrx - ok
13:45:33.0777 0x1224  [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap         C:\Windows\system32\DRIVERS\volsnap.sys
13:45:33.0785 0x1224  volsnap - ok
13:45:33.0789 0x1224  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:45:33.0795 0x1224  vsmraid - ok
13:45:33.0820 0x1224  [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS             C:\Windows\system32\vssvc.exe
13:45:33.0854 0x1224  VSS - ok
13:45:33.0858 0x1224  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
13:45:33.0864 0x1224  vwifibus - ok
13:45:33.0867 0x1224  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
13:45:33.0875 0x1224  vwififlt - ok
13:45:33.0883 0x1224  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
13:45:33.0908 0x1224  W32Time - ok
13:45:33.0911 0x1224  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:45:33.0917 0x1224  WacomPen - ok
13:45:33.0920 0x1224  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:45:33.0939 0x1224  WANARP - ok
13:45:33.0941 0x1224  [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:45:33.0960 0x1224  Wanarpv6 - ok
13:45:33.0990 0x1224  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
13:45:34.0018 0x1224  WatAdminSvc - ok
13:45:34.0066 0x1224  [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine        C:\Windows\system32\wbengine.exe
13:45:34.0103 0x1224  wbengine - ok
13:45:34.0109 0x1224  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:45:34.0120 0x1224  WbioSrvc - ok
13:45:34.0127 0x1224  [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:45:34.0142 0x1224  wcncsvc - ok
13:45:34.0144 0x1224  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:45:34.0151 0x1224  WcsPlugInService - ok
13:45:34.0153 0x1224  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:45:34.0157 0x1224  Wd - ok
13:45:34.0168 0x1224  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:45:34.0181 0x1224  Wdf01000 - ok
13:45:34.0185 0x1224  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:45:34.0195 0x1224  WdiServiceHost - ok
13:45:34.0198 0x1224  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:45:34.0207 0x1224  WdiSystemHost - ok
13:45:34.0213 0x1224  [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient       C:\Windows\System32\webclnt.dll
13:45:34.0226 0x1224  WebClient - ok
13:45:34.0231 0x1224  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:45:34.0253 0x1224  Wecsvc - ok
13:45:34.0257 0x1224  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:45:34.0277 0x1224  wercplsupport - ok
13:45:34.0280 0x1224  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:45:34.0299 0x1224  WerSvc - ok
13:45:34.0301 0x1224  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:45:34.0318 0x1224  WfpLwf - ok
13:45:34.0321 0x1224  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:45:34.0324 0x1224  WIMMount - ok
13:45:34.0326 0x1224  WinDefend - ok
13:45:34.0329 0x1224  WinHttpAutoProxySvc - ok
13:45:34.0336 0x1224  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:45:34.0359 0x1224  Winmgmt - ok
13:45:34.0389 0x1224  [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM           C:\Windows\system32\WsmSvc.dll
13:45:34.0442 0x1224  WinRM - ok
13:45:34.0447 0x1224  [ 817EAFF5D38674EDD7713B9DFB8E9791, F6E0BFC503BA7395F92989C11B454D1F1E58E29302BA203801449A2C5236E84D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:45:34.0454 0x1224  WinUsb - ok
13:45:34.0470 0x1224  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:45:34.0494 0x1224  Wlansvc - ok
13:45:34.0497 0x1224  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
13:45:34.0502 0x1224  WmiAcpi - ok
13:45:34.0508 0x1224  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:45:34.0517 0x1224  wmiApSrv - ok
13:45:34.0519 0x1224  WMPNetworkSvc - ok
13:45:34.0521 0x1224  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:45:34.0527 0x1224  WPCSvc - ok
13:45:34.0530 0x1224  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:45:34.0539 0x1224  WPDBusEnum - ok
13:45:34.0541 0x1224  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:45:34.0559 0x1224  ws2ifsl - ok
13:45:34.0562 0x1224  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
13:45:34.0572 0x1224  wscsvc - ok
13:45:34.0574 0x1224  WSearch - ok
13:45:34.0611 0x1224  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:45:34.0652 0x1224  wuauserv - ok
13:45:34.0657 0x1224  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:45:34.0676 0x1224  WudfPf - ok
13:45:34.0681 0x1224  [ 3B197AF0FFF08AA66B6B2241CA538D64, BC94E5EFF38B9C6A37717B2A6CA56679781A4872A0C4298056E074033571BE79 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:45:34.0702 0x1224  WUDFRd - ok
13:45:34.0705 0x1224  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:45:34.0724 0x1224  wudfsvc - ok
13:45:34.0730 0x1224  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:45:34.0742 0x1224  WwanSvc - ok
13:45:34.0745 0x1224  [ 43433AEC32B036AF92FC603749133085, C85E76E750F8BAE94C1318B8702E4C3E6A074DB86AF06431F72509C485FA9F29 ] XTU3SERVICE     C:\Program Files (x86)\Intel\Extreme Tuning Utility\XtuService.exe
13:45:34.0748 0x1224  XTU3SERVICE - ok
13:45:34.0753 0x1224  [ BA8BD1C0182BD860A379C0DF959976F3, 335DCD93516D303335E755211F26B7BFFDDDAB9D15CF841982E66827E97CF2B8 ] {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64 C:\Windows\system32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys
13:45:34.0757 0x1224  {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64 - ok
13:45:34.0758 0x1224  ================ Scan global ===============================
13:45:34.0762 0x1224  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:45:34.0767 0x1224  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:45:34.0775 0x1224  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
13:45:34.0779 0x1224  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:45:34.0786 0x1224  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:45:34.0792 0x1224  [ Global ] - ok
13:45:34.0792 0x1224  ================ Scan MBR ==================================
13:45:34.0793 0x1224  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
13:45:34.0815 0x1224  \Device\Harddisk0\DR0 - ok
13:45:34.0816 0x1224  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
13:45:34.0872 0x1224  \Device\Harddisk1\DR1 - ok
13:45:34.0872 0x1224  ================ Scan VBR ==================================
13:45:34.0875 0x1224  [ AE6A72ACD0DDEA89F8E09FD9D2795C55 ] \Device\Harddisk0\DR0\Partition1
13:45:34.0876 0x1224  \Device\Harddisk0\DR0\Partition1 - ok
13:45:34.0878 0x1224  [ A1A1CC4BA4AE1C51FC0245E9B1587FFB ] \Device\Harddisk0\DR0\Partition2
13:45:34.0879 0x1224  \Device\Harddisk0\DR0\Partition2 - ok
13:45:34.0882 0x1224  [ F8C9E75116875F0A8B0A1A94D390C4D5 ] \Device\Harddisk0\DR0\Partition3
13:45:34.0885 0x1224  \Device\Harddisk0\DR0\Partition3 - ok
13:45:34.0887 0x1224  [ 452D3187A5BB729597A504414718BDE2 ] \Device\Harddisk1\DR1\Partition1
13:45:34.0929 0x1224  \Device\Harddisk1\DR1\Partition1 - ok
13:45:34.0930 0x1224  ================ Scan generic autorun ======================
13:45:34.0937 0x1224  [ 421FA83C9DA7694D9C60A871A8F402D5, 0D1E9A1C497125920EA6A639AF9064343F1823749ACE5A2F3622F71BC63526A7 ] C:\Windows\system32\igfxtray.exe
13:45:34.0949 0x1224  IgfxTray - ok
13:45:34.0963 0x1224  [ 2F08C6E097D8A4B5A6437B9FB548606B, D78EE35D6271BD609131C78091E8A0CC69248EAF9177786B2D85E3CB482F37FA ] C:\Windows\system32\hkcmd.exe
13:45:34.0974 0x1224  HotKeysCmds - ok
13:45:34.0983 0x1224  [ 221AEF5DEF3EA32806B82A4B9342EB67, 144EB845CD113BE05FE2FD5DDA9AD179AE5D7DFDF474D93190C46D3BCA3E0E74 ] C:\Windows\system32\igfxpers.exe
13:45:34.0995 0x1224  Persistence - ok
13:45:35.0185 0x1224  [ C43D50453404EF1C6801EFFC2492A202, 1D4142E49B2F8129C5643A3B6AD3BA93520FA008D9382EFA60CCDC6172F48D43 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:45:35.0392 0x1224  RTHDVCPL - ok
13:45:35.0399 0x1224  Nvtmru - ok
13:45:35.0402 0x1224  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
13:45:35.0409 0x1224  ShadowPlay - ok
13:45:35.0441 0x1224  [ 44FE94FCDF97E574B6986C5A81758628, D950CF92623CA2AD053F7DCC44B483176D02E721C716255957DA90A083D0F1B9 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
13:45:35.0477 0x1224  NvBackend - ok
13:45:35.0489 0x1224  [ 036224DB76C7D4808D6AB76D542077A5, 4465619103D24CD364911537FEADAFBDB902C604AE8EA9CA60F5D9AFC74C46DB ] C:\Program Files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE
13:45:35.0501 0x1224  RoccatKonePure - detected UnsignedFile.Multi.Generic ( 1 )
13:45:37.0927 0x1224  Detect skipped due to KSN trusted
13:45:37.0927 0x1224  RoccatKonePure - ok
13:45:37.0945 0x1224  [ D0B1DA5382433AFBF52DE8815298EB0C, A326D01783359CCA1054210D82F17533638A9769A7A08C2BD0621DE016909359 ] C:\Program Files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE
13:45:37.0967 0x1224  RoccatIsku - detected UnsignedFile.Multi.Generic ( 1 )
13:45:40.0328 0x1224  Detect skipped due to KSN trusted
13:45:40.0328 0x1224  RoccatIsku - ok
13:45:40.0338 0x1224  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:45:40.0352 0x1224  SunJavaUpdateSched - ok
13:45:40.0414 0x1224  [ 2F0DEB0C6413D9DEABFD95A950A422CD, 76DA8246127028BDDCC551FC55A2D21914EEFBCF93D26E314F59FDB0192519B5 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
13:45:40.0474 0x1224  LogMeIn Hamachi Ui - ok
13:45:40.0478 0x1224  [ 04928B1C012DAF544410AAA52B9E7B00, 85A71E03842C6066371015027C963382A33CFECC2496C813BDA37AB70626C159 ] C:\ProgramData\dlprotect.exe
13:45:40.0480 0x1224  Download Protect - detected UnsignedFile.Multi.Generic ( 1 )
13:45:42.0845 0x1224  Detect skipped due to KSN trusted
13:45:42.0845 0x1224  Download Protect - ok
13:45:42.0881 0x1224  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:45:42.0910 0x1224  Sidebar - ok
13:45:42.0913 0x1224  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:45:42.0923 0x1224  mctadmin - ok
13:45:42.0942 0x1224  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:45:42.0965 0x1224  Sidebar - ok
13:45:42.0969 0x1224  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:45:42.0977 0x1224  mctadmin - ok
13:45:43.0010 0x1224  [ 3A2389720DAC6B8EB1558724FE578FD6, 5EBD4ED966DE296CE9F8F04A85C6BD1C6766845A3394D7BC8A418857EAFDF9EC ] C:\Program Files (x86)\Thunder Master\THPanel.exe
13:45:43.0046 0x1224  THPanel - ok
13:45:43.0071 0x1224  [ 2C637A38354C2395DBBAE2F592D9F922, 4EDB9AE0831A4900E77D2224FC887859DFC1F79175FD09109C165B3AD9DC9B15 ] C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe
13:45:43.0093 0x1224  BitTorrent - ok
13:45:43.0157 0x1224  [ 8255FA3217766B9A495CF82D57CC0C39, 0638FACDABC4890E3ADBAEB9F4379FE23E6713A3B168AD9C73E7C2F250405B37 ] C:\Users\Shorty\AppData\Local\MyComGames\MyComGames.exe
13:45:43.0227 0x1224  MyComGames - ok
13:45:43.0230 0x1224  Java - ok
13:45:43.0231 0x1224  Waiting for KSN requests completion. In queue: 9
13:45:44.0232 0x1224  Waiting for KSN requests completion. In queue: 9
13:45:45.0232 0x1224  Waiting for KSN requests completion. In queue: 7
13:45:45.0664 0x0470  Object required for P2P: [ 2C637A38354C2395DBBAE2F592D9F922 ] C:\Users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe
13:45:46.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:47.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:48.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:49.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:50.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:51.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:52.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:53.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:54.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:55.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:56.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:57.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:58.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:45:59.0232 0x1224  Waiting for KSN requests completion. In queue: 2
13:46:00.0125 0x0470  Object send P2P result: true
13:46:00.0249 0x1224  Win FW state via NFP2: enabled
13:46:02.0615 0x1224  ============================================================
13:46:02.0615 0x1224  Scan finished
13:46:02.0615 0x1224  ============================================================
13:46:02.0623 0x0ab4  Detected object count: 2
13:46:02.0623 0x0ab4  Actual detected object count: 2
13:46:11.0010 0x0ab4  DlProtectSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:11.0010 0x0ab4  DlProtectSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:46:11.0011 0x0ab4  Netplwi{ ( UnsignedFile.Multi.Generic ) - skipped by user
13:46:11.0011 0x0ab4  Netplwi{ ( UnsignedFile.Multi.Generic ) - User select action: Skip 
13:46:13.0643 0x0e20  Deinitialize success

mbar log file:

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org

Database version: v2014.06.10.03

Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Shorty :: SHORTY-PC [administrator]

10.06.2014 13:48:07
mbar-log-2014-06-10 (13-48-07).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 281440
Time elapsed: 3 minute(s), 28 second(s)

Memory Processes Detected: 2
C:\ProgramData\dlprotect.exe (Trojan.Downloader) -> 3648 -> Delete on reboot. [f4be2152e69558dee3755d2c2ad7d32d]
C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE (Backdoor.Agent.DCRSAGen) -> 4616 -> Delete on reboot. [9b1713606a110e284b1d1084db258080]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKU\S-1-5-21-2291643653-583422786-3033649162-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DC3_FEXEC (Malware.Trace) -> Delete on reboot. [5062d89b611ad066d2595509f112cd33]

Registry Values Detected: 1
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Download Protect (Trojan.Downloader) -> Data: C:\ProgramData\dlprotect.exe -> Delete on reboot. [f4be2152e69558dee3755d2c2ad7d32d]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 1
C:\Users\Shorty\AppData\Roaming\dclogs (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]

Files Detected: 34
C:\ProgramData\dlprotect.exe (Trojan.Downloader) -> Delete on reboot. [f4be2152e69558dee3755d2c2ad7d32d]
C:\Users\Shorty\AppData\Local\Temp\SVCHOST.EXE (Backdoor.Agent.DCRSAGen) -> Delete on reboot. [9b1713606a110e284b1d1084db258080]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-08-5.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-29-5.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-09-6.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-10-7.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-11-1.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-15-5.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-17-7.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-18-1.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-20-3.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-21-4.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-22-5.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-23-6.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-24-7.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-25-1.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-26-2.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-27-3.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-28-4.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-30-6.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-05-31-7.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-01-1.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-02-2.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-03-3.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-04-4.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-05-5.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-06-6.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-07-7.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-08-1.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-09-2.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]
C:\Users\Shorty\AppData\Roaming\dclogs\2014-06-10-3.dc (Stolen.Data) -> Delete on reboot. [8a286b086417d56168844b41b94a9a66]

Physical Sectors Detected: 0
(No malicious items detected)

(end)

so nach mehrfachem mbar durchlauf bleiben immer die gleichen 5 übrig:

1. appdata/local/temp/svchost.exe -> backdoor.agent.dcrsAgen
2. appdata/local/temp/svchost.exe -> backdoor.agent.dcrsAgen
3. dclogs/2014-06-10-3.dc (stolen.data)
4. roaming/dclogs (stolen.data)
5. hku/s-1-5-21-2291643653-583422786-3033649162-1000-{ed1fc765-e35e-4c3d-bf15-2c2b11260ce4}-0/software/dc3_fexec (malware.trace)

schrauber · 11.06.2014, 08:22

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Azzuros · 11.06.2014, 16:50

combo logfile:

Code:

ATTFilter

ComboFix 14-06-10.01 - Shorty 11.06.2014  17:43:16.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.43.1031.18.16271.13919 [GMT 2:00]
ausgeführt von:: c:\users\Shorty\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\YoutubeAdblocker
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0\22
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\background.html
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\chromeCoreFilesIndex.txt
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\crossriderManifest.json
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\manifest.xml
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins.json
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\1.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\102.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\104.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\119.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\123.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\13.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\14.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\155.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\17.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\177.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\178.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\179.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\180.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\182.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\183.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\184.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\19.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\190.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\191.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\195.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\207.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\21.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\22.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\220.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\221.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\223.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\231.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\232.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\242.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\244.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\246.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\260.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\262.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\263.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\265.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\28.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\4.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\47.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\64.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\7.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\72.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\78.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\80.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\9.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\91.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\93.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\plugins\97.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\userCode\background.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\extensionData\userCode\extension.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\icons\actions\1.png
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\icons\icon128.png
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\icons\icon16.png
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\icons\icon48.png
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\api\chrome.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\api\cookie.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\api\message.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\api\monitor.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\api\pageAction.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\api\pageActionBG.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\background.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\app_api.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\bg_app_api.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\consts.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\cookie_store.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\crossriderAPI.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\delegate.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\events.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\extensionDataStore.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\installer.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\logFile.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\logging.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\onBGDocumentLoad.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\popupResource\newPopup.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\popupResource\popup.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\reports.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\storageWrapper.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\updateManager.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\util.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\lib\xhr.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\main.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\js\platformVersion.js
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\manifest.json
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaipilfmheplbcghignccoiiebekkdhe\1.26.50_0\popup.html
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000005.ldb
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000023.ldb
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\000048.log
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\CURRENT
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOCK
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOG
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\LOG.old
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\aaipilfmheplbcghignccoiiebekkdhe\MANIFEST-000046
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0.localstorage-journal
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaipilfmheplbcghignccoiiebekkdhe_0.localstorage
c:\users\Shorty\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Shorty\AppData\Local\LbhprVWVzG6XeKnqgHErMwacUiHRBgBVZwOHHhG1UT8lA9Q1puAGTI2c9T6wLpC4as4aREHOoSTH2vFOaGw7H6EbHIYKt73bCEEOBk1Qpv3gt7ZmW5.exe
c:\users\Shorty\AppData\Roaming\dclogs
c:\users\Shorty\AppData\Roaming\dclogs\2014-06-10-3.dc
c:\users\Shorty\AppData\Roaming\dclogs\2014-06-11-4.dc
c:\users\Shorty\AppData\Roaming\Launcherr.exe
c:\users\Shorty\AppData\Roaming\Slick Savings
c:\windows\system\VI30AUT.DLL
c:\windows\SysWow64\DiscHandler.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
-------\Service_globalUpdate
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-05-11 bis 2014-06-11  ))))))))))))))))))))))))))))))
.
.
2014-06-10 11:48 . 2014-06-10 11:48	--------	d-----w-	c:\programdata\Malwarebytes
2014-06-10 11:48 . 2014-06-10 12:30	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-06-10 11:48 . 2014-06-10 11:58	128728	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-10 11:47 . 2014-06-10 11:58	92888	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2014-06-09 19:53 . 2010-08-30 06:34	536576	----a-w-	c:\windows\SysWow64\sqlite3.dll
2014-06-09 19:53 . 2014-06-09 19:53	--------	d-----w-	C:\AdwCleaner
2014-06-09 19:51 . 2014-06-09 19:51	--------	d-----w-	C:\FRST
2014-06-06 21:18 . 2014-06-06 21:18	--------	d-----w-	c:\users\Shorty\AppData\Roaming\Among the sleep
2014-06-05 20:14 . 2014-06-05 20:14	--------	d-----w-	c:\programdata\Freemake
2014-06-02 21:24 . 2014-06-02 21:24	--------	d-----w-	c:\program files (x86)\Application Updater
2014-06-02 21:24 . 2014-06-02 21:24	--------	d-----w-	c:\program files (x86)\SearchMe Toolbar
2014-05-31 21:35 . 2014-05-22 16:20	61120	----a-w-	c:\windows\system32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys
2014-05-31 20:01 . 2014-05-31 20:01	--------	d-----w-	c:\users\Shorty\AppData\Roaming\dlg
2014-05-31 20:01 . 2014-05-31 20:01	123392	----a-w-	c:\windows\system32\DlProtectSvc.exe
2014-05-31 20:01 . 2014-05-31 20:01	119296	----a-w-	c:\windows\system32\wkscli64.exe
2014-05-31 20:01 . 2014-05-31 20:01	--------	d-----w-	c:\users\Shorty\AppData\Local\globalUpdate
2014-05-31 20:01 . 2014-05-31 20:01	--------	d-----w-	c:\program files (x86)\globalUpdate
2014-05-31 20:01 . 2014-05-31 20:01	--------	d-----w-	c:\program files (x86)\PlusSHD-9.9
2014-05-31 20:00 . 2014-06-03 23:19	--------	d-----w-	c:\users\Shorty\AppData\Roaming\Security System 2
2014-05-30 15:13 . 2014-05-30 15:13	--------	d-----w-	c:\program files (x86)\trend micro
2014-05-29 21:46 . 2014-05-29 21:46	--------	d-----w-	c:\users\Shorty\AppData\Roaming\Screaming Bee
2014-05-29 21:45 . 2014-05-29 21:45	--------	d-----w-	c:\program files (x86)\Screaming Bee
2014-05-29 21:33 . 2014-06-04 00:55	--------	d-----w-	c:\users\Shorty\AppData\Local\ManyCam
2014-05-29 21:33 . 2014-05-29 21:33	--------	d-----w-	c:\users\Shorty\AppData\Roaming\ManyCam
2014-05-29 21:33 . 2014-05-29 21:33	--------	d-----w-	c:\program files (x86)\ManyCam
2014-05-29 21:26 . 2014-05-29 21:26	--------	d-----w-	c:\users\Shorty\AppData\Local\Slick Savings
2014-05-29 21:26 . 2014-06-02 21:24	--------	d-----w-	c:\program files (x86)\Common Files\Spigot
2014-05-29 21:26 . 2014-05-29 21:26	--------	d-----w-	c:\windows\SysWow64\C2MP
2014-05-29 21:18 . 2014-05-29 21:18	--------	d-----w-	c:\program files (x86)\Common Files\Webcam Simulator
2014-05-28 10:31 . 2014-05-28 11:30	--------	d-----w-	c:\users\Shorty\AppData\Local\Ubisoft Game Launcher
2014-05-28 10:31 . 2014-05-28 10:31	--------	d-----w-	c:\program files (x86)\Ubisoft
2014-05-28 10:22 . 2014-05-19 23:10	601432	----a-w-	c:\windows\SysWow64\nvStreaming.exe
2014-05-22 01:36 . 2014-04-17 03:31	10651704	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{17B3A2E3-CF42-4E8F-BE69-FE889B1D1C7C}\mpengine.dll
2014-05-18 10:28 . 2014-05-18 10:28	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2014-05-13 15:05 . 2014-05-13 15:05	4009984	----a-w-	c:\windows\system32\ffmpeg.dll
2014-05-13 15:05 . 2014-05-13 15:05	474624	----a-w-	c:\windows\system32\ff_kernelDeint.dll
2014-05-13 15:05 . 2014-05-13 15:05	127488	----a-w-	c:\windows\system32\ff_vfw.dll
2014-05-13 15:05 . 2014-05-13 15:05	4374528	----a-w-	c:\windows\system32\ffdshow.ax
2014-05-13 15:04 . 2014-05-13 15:04	631296	----a-w-	c:\windows\system32\TomsMoComp_ff.dll
2014-05-13 15:04 . 2014-05-13 15:04	222720	----a-w-	c:\windows\system32\ff_libdts.dll
2014-05-13 15:04 . 2014-05-13 15:04	156672	----a-w-	c:\windows\system32\ff_libmad.dll
2014-05-13 15:04 . 2014-05-13 15:04	116224	----a-w-	c:\windows\system32\ff_liba52.dll
2014-05-13 15:04 . 2014-05-13 15:04	114688	----a-w-	c:\windows\system32\ff_wmv9.dll
2014-05-13 15:04 . 2014-05-13 15:04	190464	----a-w-	c:\windows\system32\libmpeg2_ff.dll
2014-05-13 15:04 . 2014-05-13 15:04	183296	----a-w-	c:\windows\system32\ff_unrar.dll
2014-05-13 15:04 . 2014-05-13 15:04	1532928	----a-w-	c:\windows\system32\ff_samplerate.dll
2014-05-13 15:02 . 2014-05-13 15:02	3916288	----a-w-	c:\windows\SysWow64\ffmpeg.dll
2014-05-13 15:01 . 2014-05-13 15:01	112640	----a-w-	c:\windows\SysWow64\ff_vfw.dll
2014-05-13 15:01 . 2014-05-13 15:01	3502592	----a-w-	c:\windows\SysWow64\ffdshow.ax
2014-05-13 15:01 . 2014-05-13 15:01	271360	----a-w-	c:\windows\SysWow64\TomsMoComp_ff.dll
2014-05-13 15:00 . 2014-05-13 15:00	99840	----a-w-	c:\windows\SysWow64\ff_wmv9.dll
2014-05-13 15:00 . 2014-05-13 15:00	157184	----a-w-	c:\windows\SysWow64\ff_unrar.dll
2014-05-13 15:00 . 2014-05-13 15:00	211968	----a-w-	c:\windows\SysWow64\ff_libdts.dll
2014-05-13 15:00 . 2014-05-13 15:00	1525760	----a-w-	c:\windows\SysWow64\ff_samplerate.dll
2014-05-13 15:00 . 2014-05-13 15:00	147456	----a-w-	c:\windows\SysWow64\ff_libmad.dll
2014-05-13 15:00 . 2014-05-13 15:00	114688	----a-w-	c:\windows\SysWow64\ff_liba52.dll
2014-05-13 15:00 . 2014-05-13 15:00	136704	----a-w-	c:\windows\SysWow64\libmpeg2_ff.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-10 22:30 . 2013-11-26 17:35	281872	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2014-06-10 22:30 . 2013-11-26 17:35	281872	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2014-06-10 22:30 . 2013-11-26 17:35	76888	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2014-05-31 20:01 . 2014-03-19 04:29	290816	------w-	c:\windows\Setup1.exe
2014-05-20 02:44 . 2013-11-25 19:24	952952	----a-w-	c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2013-11-25 19:24	3109248	----a-w-	c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2013-11-25 19:24	2730208	----a-w-	c:\windows\SysWow64\nvapi.dll
2014-05-20 02:44 . 2013-11-25 19:24	18531568	----a-w-	c:\windows\system32\nvwgf2umx.dll
2014-05-20 02:44 . 2013-11-25 19:24	166568	----a-w-	c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2013-11-25 19:24	146480	----a-w-	c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2013-11-25 19:24	14434704	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2014-05-20 01:25 . 2013-11-25 19:24	6769096	----a-w-	c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2013-11-25 19:24	3514144	----a-w-	c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2013-11-25 19:24	927520	----a-w-	c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2013-11-25 19:24	62808	----a-w-	c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2013-11-25 19:24	387528	----a-w-	c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2013-11-25 19:24	2560968	----a-w-	c:\windows\system32\nvsvcr.dll
2014-05-14 23:49 . 2013-11-25 19:24	3774821	----a-w-	c:\windows\system32\nvcoproc.bin
2014-05-08 08:19 . 2013-11-25 22:25	70832	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-08 08:19 . 2013-11-25 22:25	692400	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-30 18:27 . 2013-11-25 20:02	1081112	----a-w-	c:\windows\SysWow64\nvspcap.dll
2014-04-30 18:26 . 2013-11-25 20:02	1225920	----a-w-	c:\windows\system32\nvspcap64.dll
2014-04-14 18:13 . 2013-11-25 22:45	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-08 20:50 . 2014-04-08 20:50	235520	----a-w-	c:\windows\SysWow64\xvidvfw.dll
2014-04-08 20:50 . 2014-04-08 20:50	632320	----a-w-	c:\windows\SysWow64\xvidcore.dll
2014-04-08 15:30 . 2014-04-08 15:30	7682192	----a-w-	c:\windows\system32\avcodec-lav-55.dll
2014-04-08 15:30 . 2014-04-08 15:30	570512	----a-w-	c:\windows\system32\LAVSplitter.ax
2014-04-08 15:30 . 2014-04-08 15:30	441488	----a-w-	c:\windows\system32\IntelQuickSyncDecoder.dll
2014-04-08 15:30 . 2014-04-08 15:30	430736	----a-w-	c:\windows\system32\swscale-lav-2.dll
2014-04-08 15:30 . 2014-04-08 15:30	401040	----a-w-	c:\windows\system32\avutil-lav-52.dll
2014-04-08 15:30 . 2014-04-08 15:30	302224	----a-w-	c:\windows\system32\LAVAudio.ax
2014-04-08 15:30 . 2014-04-08 15:30	286352	----a-w-	c:\windows\system32\libbluray.dll
2014-04-08 15:30 . 2014-04-08 15:30	250512	----a-w-	c:\windows\system32\avfilter-lav-4.dll
2014-04-08 15:30 . 2014-04-08 15:30	161424	----a-w-	c:\windows\system32\avresample-lav-1.dll
2014-04-08 15:30 . 2014-04-08 15:30	1251984	----a-w-	c:\windows\system32\avformat-lav-55.dll
2014-04-08 15:30 . 2014-04-08 15:30	1109136	----a-w-	c:\windows\system32\LAVVideo.ax
2014-04-08 15:29 . 2014-04-08 15:29	411280	----a-w-	c:\windows\SysWow64\swscale-lav-2.dll
2014-04-08 15:29 . 2014-04-08 15:29	238736	----a-w-	c:\windows\SysWow64\libbluray.dll
2014-04-08 15:29 . 2014-04-08 15:29	934544	----a-w-	c:\windows\SysWow64\LAVVideo.ax
2014-04-08 15:29 . 2014-04-08 15:29	7186064	----a-w-	c:\windows\SysWow64\avcodec-lav-55.dll
2014-04-08 15:29 . 2014-04-08 15:29	478864	----a-w-	c:\windows\SysWow64\LAVSplitter.ax
2014-04-08 15:29 . 2014-04-08 15:29	412304	----a-w-	c:\windows\SysWow64\avutil-lav-52.dll
2014-04-08 15:29 . 2014-04-08 15:29	344720	----a-w-	c:\windows\SysWow64\IntelQuickSyncDecoder.dll
2014-04-08 15:29 . 2014-04-08 15:29	263824	----a-w-	c:\windows\SysWow64\LAVAudio.ax
2014-04-08 15:29 . 2014-04-08 15:29	241296	----a-w-	c:\windows\SysWow64\avfilter-lav-4.dll
2014-04-08 15:29 . 2014-04-08 15:29	152208	----a-w-	c:\windows\SysWow64\avresample-lav-1.dll
2014-04-08 15:29 . 2014-04-08 15:29	1293456	----a-w-	c:\windows\SysWow64\avformat-lav-55.dll
2014-03-31 16:42 . 2014-05-08 14:31	40392	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2014-03-31 16:42 . 2013-11-25 19:54	37320	----a-w-	c:\windows\system32\nvaudcap64v.dll
2014-03-31 16:42 . 2014-05-08 14:31	34760	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2014-03-31 07:35 . 2013-11-25 20:15	270496	------w-	c:\windows\system32\MpSigStub.exe
2014-03-19 04:33 . 2014-03-19 04:33	94208	----a-w-	c:\windows\DIIUnin.exe
2014-03-19 04:33 . 2014-03-19 04:33	2829	----a-w-	c:\windows\DIIUnin.pif
2014-03-19 04:29 . 2014-03-19 04:29	73216	------w-	c:\windows\ST6UNST.EXE
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2009-07-14 . 72D7B3EA16946E8F0CF7458150031CC6 . 1008640 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[-] 2012-09-12 . 2C353B6CE0C8D03225CAA2AF33B68D79 . 1008640 . . [6.1.7600.16385] .. c:\windows\system32\user32.dll
.
[-] 2012-09-12 . 861C4346F9281DC0380DE72C8D55D6BE . 833024 . . [6.1.7600.16385] .. c:\windows\SysWOW64\user32.dll
[7] 2009-07-14 . E8B0FFC209E504CB7E79FC24E6C085F0 . 833024 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{B9C767DD-F66A-40B4-8F12-4199A9A4393C}"= "c:\program files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll" [2014-05-26 1398592]
.
[HKEY_CLASSES_ROOT\clsid\{b9c767dd-f66a-40b4-8f12-4199a9a4393c}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110511291116}]
2014-05-31 20:01	543592	----a-w-	c:\program files (x86)\PlusSHD-9.9\PlusSHD-9.9-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B9C767DD-F66A-40B4-8F12-4199A9A4393C}]
2014-05-26 15:02	1398592	----a-w-	c:\program files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{B9C767DD-F66A-40B4-8F12-4199A9A4393C}"= "c:\program files (x86)\SearchMe Toolbar\IE\9.3\searchmeToolbarIE.dll" [2014-05-26 1398592]
.
[HKEY_CLASSES_ROOT\clsid\{b9c767dd-f66a-40b4-8f12-4199a9a4393c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"THPanel"="c:\program files (x86)\Thunder Master\THPanel.exe" [2013-05-24 2158888]
"BitTorrent"="c:\users\Shorty\AppData\Roaming\BitTorrent\BitTorrent.exe" [2014-04-29 1240664]
"MyComGames"="c:\users\Shorty\AppData\Local\MyComGames\MyComGames.exe" [2014-04-25 4395816]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"RoccatKonePure"="c:\program files (x86)\ROCCAT\Kone Pure Mouse\KonePureMonitor.EXE" [2013-10-22 561152]
"RoccatIsku"="c:\program files (x86)\ROCCAT\Isku Keyboard\IskuMonitor.EXE" [2013-10-30 536576]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2014-05-13 3814736]
"SearchSettings"="c:\program files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe" [2014-05-26 1404736]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2014-5-18 48712]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe;c:\program files (x86)\Intel\Extreme Tuning Utility\XtuService.exe [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 GPCIDrv;GPCIDrv;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys;c:\program files (x86)\GIGABYTE\GIGABYTE OC_GURU II\GPCIDrv64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R4 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
R4 SkypeUpdate;Skype Updater;e:\program files (x86)\Skype\Updater\Updater.exe;e:\program files (x86)\Skype\Updater\Updater.exe [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 {e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64;{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64;c:\windows\system32\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys;c:\windows\SYSNATIVE\drivers\{e63d9559-e4c3-499e-867a-a3c9d0a21400}Gw64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Application Updater;Application Updater;c:\program files (x86)\Application Updater\ApplicationUpdater.exe;c:\program files (x86)\Application Updater\ApplicationUpdater.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 DlProtectSvc;Download Protect Service;c:\windows\System32\DlProtectSvc.exe;c:\windows\SYSNATIVE\DlProtectSvc.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 iocbios2;iocbios2;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys;c:\program files (x86)\Intel\Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 Netplwi{;Intel(R) Modules Remotezugriff-IPv6-ARP-Treiber;c:\windows\system32\wkscli64.exe;c:\windows\SYSNATIVE\wkscli64.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 21:08	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-11 c:\windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-1.job
- c:\program files (x86)\PlusSHD-9.9\PlusSHD-9.9-codedownloader.exe [2014-05-31 20:01]
.
2014-06-11 c:\windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.job
- c:\program files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-2.exe [2014-05-31 20:01]
.
2014-06-11 c:\windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.job
- c:\program files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-3.exe [2014-05-31 20:01]
.
2014-06-11 c:\windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.job
- c:\program files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-4.exe [2014-05-31 20:01]
.
2014-06-11 c:\windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.job
- c:\program files (x86)\PlusSHD-9.9\17908f5f-e636-4631-93d6-057c4ab5a3ca-5.exe [2014-05-31 20:01]
.
2014-06-11 c:\windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-6.job
- c:\program files (x86)\PlusSHD-9.9\PlusSHD-9.9-novainstaller.exe [2014-05-31 20:01]
.
2014-06-11 c:\windows\Tasks\17908f5f-e636-4631-93d6-057c4ab5a3ca-7.job
- c:\program files (x86)\PlusSHD-9.9\PlusSHD-9.9-nova.exe [2014-05-31 20:01]
.
2014-05-08 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-25 08:19]
.
2014-06-11 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31 20:01]
.
2014-06-10 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-05-31 20:01]
.
2014-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 12:25]
.
2014-03-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-01-04 12:25]
.
2014-06-11 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 12:41]
.
2014-06-09 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 12:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-05-24 170304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-05-24 398656]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-05-24 440128]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-10-17 13307496]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-04-30 1225920]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-04-30 2199840]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.trovi.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=MCF6E9A04-AC1C-4F51-A6A1-2B197E1108C1&SearchSource=55&CUI=&UM=5&UP=SPBEE8CC4D-566F-4F5C-A2A6-88EA63B2C172&SSPV=
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 10.0.0.138
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM-Run-Nvtmru - c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
AddRemove-ASRock eXtreme Tuner_is1 - e:\program files (x86)\ASRock Utility\AXTU\unins000.exe
AddRemove-DAEMON Tools Lite - e:\program files (x86)\DAEMON Tools Lite\uninst.exe
AddRemove-Fraps - e:\fraps\uninstall.exe
AddRemove-Steam App 202480 - e:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 213650 - e:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 239220 - e:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 34270 - e:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 72850 - e:\program files (x86)\Steam\steam.exe
AddRemove-The Mighty Quest For Epic Loot_is1 - e:\program files (x86)\The Mighty Quest For Epic Loot\LauncherData\unins000.exe
AddRemove-Unity - e:\program files (x86)\Unity\Editor\Uninstall.exe
AddRemove-{00CB4CAD-DBCD-0947-09BB-739E756D46A1} - c:\progra~3\INSTAL~1\{387CF~1\Setup.exe
AddRemove-{2A9F95AB-65A3-432c-8631-B8BC5BF7477A} - e:\program files (x86)\Electronic Arts\The Battle for Middle-earth (tm) II\EAUninstall.exe
AddRemove-{95716cce-fc71-413f-8ad5-56c2892d4b3a} - c:\programdata\Package Cache\{95716cce-fc71-413f-8ad5-56c2892d4b3a}\vcredist_x86.exe
AddRemove-{a1909659-0a08-4554-8af1-2175904903a1} - c:\programdata\Package Cache\{a1909659-0a08-4554-8af1-2175904903a1}\vcredist_x64.exe
AddRemove-{EE04522C-0814-4B63-AE57-0B63E5A355BB}_is1 - c:\program files (x86)\Thunder Master\unins000.exe
AddRemove-GameRanger - c:\users\Shorty\AppData\Roaming\GameRanger\GameRanger\GameRanger.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_170_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_170.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-06-11  17:47:51 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-06-11 15:47
.
Vor Suchlauf: 9 Verzeichnis(se), 43.608.166.400 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 43.495.292.928 Bytes frei
.
- - End Of File - - 3828EE9348150CDDB484AF162D6925A9

es wurde kein fehler gemeldet beim start oder neustart des pc´s

schrauber · 12.06.2014, 08:03

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Virus, Trojaner, irgendwas habe ich ja

Plagegeister aller Art und deren Bekämpfung: Virus, Trojaner, irgendwas habe ich ja