| |
| |||||||
Log-Analyse und Auswertung: audiodg.exe - Virus?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
13.05.2015, 23:24
| #1 |
 |  audiodg.exe - Virus? Hey und hallo ich galube ich habe mir mal wieder einen Virus zugezogen wenn ja dann einen ziemlich agressiven... glaube ich. Mir ist aufgefallen das in letzter Zeit immer wenn ich TeamSpeak laufen hatte ein Programm namens "audiodg.exe" ziemlich viel CPU zieht. Außerdem kann ich mein Avira nicht updaten konnte weil es wohl keine "internet conection" gäbe. Zudem lässt es mich keine Scans machen acuh wenn ich im Admin Acount bin. Hier Ein paar logs: Aviar Update: Code:
ATTFilter Avira Free Antivirus Updater
Complete product update
Creation time: Donnerstag, 14. Mai 2015 00:20:58
Operating system:
Windows 8.1 () [6.2.9200] 64 bit
Product information:
Product version: 15.0.10.434
Updater: C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 15.0.10.434
Update resource: C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll 15.0.10.236
Library: C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll 15.0.10.434
GUI: C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll 15.0.10.414
Temp Directory: C:\ProgramData\Avira\Antivirus\TEMP\UPDATE\
Backup folder: C:\ProgramData\Avira\Antivirus\BACKUP\
Installation Directory: C:\Program Files (x86)\Avira\AntiVir Desktop\
Updater folder: C:\Program Files (x86)\Avira\AntiVir Desktop\
AppData folder: C:\ProgramData\Avira\Antivirus\
Connection settings:
- Connection type: Web server
- Transfer type: Existing connection
-Proxy settings: System settings used
00:20:58 [UPD] [ERROR] Failed to get update bridge data:
00:21:00 [UPD] [ERROR] Failed to get update bridge data:
00:21:04 [UPD] [ERROR] Failed to get update bridge data:
00:21:10 [UPD] [ERROR] Failed to get update bridge data:
00:21:10 [UPD] [ERROR] Missing settings from updater bridge: server '' file ''
Summary:
********
0 Files downloaded
0 Files installed
Donnerstag, 14. Mai 2015 00:21:10
The update failed!
|
|
13.05.2015, 23:31
| #2 |
| | audiodg.exe - Virus? Dann noch Avira scan log:
__________________Code:
ATTFilter Exported events:
12.05.2015 18:12 [System Scanner] Scan
Scan completed [The scan has been done completely.].
Number of files: 1551786
Number of directories: 70337
Number of malware: 0
Number of warnings: 2
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2015 01
Ran by MeinAdmin at 2015-05-14 00:27:09
Running from C:\Users\Leo\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-514103404-2733609734-414756415-1002 - Administrator - Enabled) => C:\Users\peter
Administrator (S-1-5-21-514103404-2733609734-414756415-500 - Administrator - Disabled)
Gast (S-1-5-21-514103404-2733609734-414756415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514103404-2733609734-414756415-1009 - Limited - Enabled)
Leo (S-1-5-21-514103404-2733609734-414756415-1006 - Limited - Enabled) => C:\Users\Leo
Mama (S-1-5-21-514103404-2733609734-414756415-1005 - Administrator - Enabled)
MeinAdmin (S-1-5-21-514103404-2733609734-414756415-1008 - Administrator - Enabled) => C:\Users\MeinAdmin
Robert (S-1-5-21-514103404-2733609734-414756415-1007 - Administrator - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version: - RED DUCK Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{0B448829-3672-18EA-4117-C1240D4CF140}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3906 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Notes de-DE (HKLM-x32\...\{C438C1D0-A46C-4BFA-AF07-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Hours of Titanfall (HKLM-x32\...\Steam App 292060) (Version: - Geoff Keighley)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GeoGebra 5 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\GeoGebra 5) (Version: 5.0.67.0 - International GeoGebra Institute)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HIT (HKLM-x32\...\Steam App 336670) (Version: - Shifty Chair Games)
Hitman: Contracts (HKLM-x32\...\Steam App 247430) (Version: - IO Interactive)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Color LaserJet Pro MFP M176 (HKLM-x32\...\{7ef5f914-a8e1-4f35-8b91-5f5a3ea16c55}) (Version: 8.0.13192.913 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM176DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM176LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM176 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.3.2.2 (HKLM-x32\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{F93EE340-3735-4032-8B74-0A3E489017A0}) (Version: 4.1.4670 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
Paintball2 Alpha build 40 (HKLM-x32\...\Paintball2) (Version: Alpha build 40 - Digital Paint)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Pokki) (Version: 0.269.7.574 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.8 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
Toribash (HKLM-x32\...\Steam App 248570) (Version: - Nabi Studios)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
14-04-2015 19:42:50 Geplanter Prüfpunkt
27-04-2015 13:57:36 Geplanter Prüfpunkt
05-05-2015 19:56:03 Geplanter Prüfpunkt
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {316007E6-D02E-481B-80AE-AAF221232C23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {4DEC0FF5-02D7-4A5D-A92F-C760D3A73FEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {6657947E-2D48-4AE1-BF4E-CF4D6105712B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {B284AD28-073B-4655-94C7-C0C257C067AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {B84A40CB-13A5-40E8-8476-DE10AB0D9D27} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {D3CCAA93-6012-4DC7-8DD8-61855EC97C88} - System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/abandoninstall?page=tsProgressBar
Task: {DD3A2C72-2298-436B-848C-94FA11EE34ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {E8BC3766-ADA2-4E7D-BC00-7201889A3FE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EF9A97A4-4FCB-4D9F-9B50-B63DAF391E2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {F32F1211-375B-484F-8FE8-D44401E98193} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) ==============
2014-03-01 18:38 - 2014-03-01 18:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-04-06 22:38 - 2014-04-06 22:38 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-10 21:21 - 2014-03-05 18:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-03-01 18:41 - 2014-03-01 18:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\fl_core.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_asr.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_base.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_pron.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_platform.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\sdxg.dll
2014-06-10 21:46 - 2013-02-01 11:15 - 00027136 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\WASAPIResamplingStreamCOMServer.dll
2015-04-06 18:37 - 2015-03-16 10:59 - 00023496 _____ () C:\Users\Leo\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-01 20:19 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:53 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-10-01 20:19 - 2015-05-12 00:03 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 16:53 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:53 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-10-01 20:19 - 2015-05-12 00:03 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-01 20:19 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-13 23:01 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2014-02-28 15:33 - 2014-02-28 15:33 - 00148480 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00864768 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:45 - 2014-02-27 15:45 - 00677376 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00092104 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00105416 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00025600 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00242688 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00477128 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00484808 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00123904 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\peter\OneDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
==================== FirewallRules (whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{534EAE76-5BD5-4C7F-92A2-CF7BCD016932}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B8F5F911-67A9-499F-930D-2C04450BEE01}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F43B38F-58AD-45A3-BB95-ACEF24BD7F10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0EF8A23A-6CD0-47F1-811F-FCB12B5158DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2027DDBC-8D98-4416-82CA-5BA362FB91F9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{AEDD7A15-184A-47B8-AE85-01C85E89A19E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{300161F6-4599-49E6-867E-FA5F87FA4A15}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F73BD28F-DE8B-407A-B685-9410EF5E304A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F5A63762-0D2A-40EE-8DF5-DDD7C2220ED6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{3D08EED6-E6B8-4516-B6AA-DDC431911A64}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F3F10151-8FA3-4127-BCDF-16E83B19A176}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{42AE9A0D-04AE-4AF6-83D5-84AEBBBC3DF2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3239697B-80F4-4047-AAA0-AF431D6F1A8D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BB78B2B8-B7F5-49BF-99BB-AFA56D744B82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5EEF03FE-3D0F-4C6C-A008-E1D850923B6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BC94677-9600-4ECB-AC94-F1EB5E326F7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{80ED146F-F349-4B24-8BA7-FE231D5533E4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CB74F533-638D-49C4-81B3-73D94B16E39E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{8A0C432F-0477-4A51-8F15-8CA5A2457D18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{C30E76F1-A545-4017-8629-FEBA58680BD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A8A82F7B-7232-4E8E-8A16-0FE738363E2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B529881D-9A12-49A9-832B-F76932049145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{95E50C90-5652-4602-B3B4-E44E2C38800D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{67BC7081-9238-4C08-9DB4-97D4CDB3B95A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{EFA5C98D-50A1-48EA-A3EE-60FB61771471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{FFB45D2E-CA82-4940-ADF6-9A290167E293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{65DC87C8-56B6-41F0-9F25-B1C2885C669A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{26476AE8-5B9A-47C2-BEBA-B12ED08B37ED}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{6E0137E5-4DA1-4AD9-95FE-B64C94FF40BF}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{53D139FB-CBB7-4DF2-933A-8CF9F2F0102F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{10C3AA12-62C8-411E-9D84-770DA4CE9B82}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BD59F42F-4452-4D6E-BE89-A0DFAC4BAA5B}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{AF0F5FFF-7703-4BBA-BE93-5AD784E8D25D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{2D838EE3-8C8E-4750-8F85-1C57411D4D87}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{2EB8CBBE-7691-4AA8-838B-4AF9CAFE8966}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{6E22E814-9FAD-4222-872D-F85DEC1CACE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9777A85D-795E-4613-92FD-91458A068297}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9115C681-FFBB-422D-8AFC-8020F5E4DC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{D9F1C8C8-E9EC-4A2F-A26E-3081F55B1E5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{B143437E-45BC-4953-AFA2-2F9D8EA6863D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E73E896C-BDAA-479B-B4F4-F5FEC79C8563}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{2F814522-A797-4090-B4F8-815A75FE6439}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CC481BB3-3A1B-4AE4-BE30-E028FB09A3EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AB41F4F6-C6C1-425E-8D07-8DA1A1926C2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{A1510135-637C-491A-A874-B4C30BA7E9C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{49C50CDE-9068-43C7-9B8F-D0F614BDA5EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{76700D58-87E8-4E43-B368-9648DE627B9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{23651672-6196-46B3-B0DA-4461B6B65B1F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D3669514-03FE-401F-85A4-28AD41525A58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{802C2036-075F-4EF8-A3CB-F210CCD239F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2FEB3C83-84E2-4C44-94BD-3EBBBA4A3366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2DB46667-8550-4783-825A-BD44B7C6717D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{B4685F03-ABF5-4743-A43A-396664AE607D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{411F0DEF-B8C9-430A-97E4-A03261456C5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{55354E14-020D-4709-B53B-6207752C3752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{7C48D6EB-2424-432B-A4FD-F8B704EBD2DE}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{E64DE9C0-483E-4008-8D1B-159AE6F66073}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F380107C-89F8-4F7D-B5DF-6FB6E2F67AF2}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{ADA98FF6-6983-4F58-B4CD-ED692B13CDED}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{F9EE632C-0BDB-4D1F-82EE-0DD12263FDF4}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{D7518C62-9CCC-43BB-8C03-DC8009AC0367}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{6177F14D-325E-4428-B288-96FFB9E705EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{C1495705-DA12-453E-865C-8E36F234E2A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{B96B3B33-C234-413E-B10B-2698CD2F23F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{5406563B-E4E2-47F5-BAF4-B8787E44B574}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9A8C5A42-AE0C-4996-8B0D-8187B3936A3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{28349028-CF09-4AD5-BAAF-EA459F7A8C2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{B3333E87-2FBF-420C-BFAD-0FC53EADA025}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{76DC9CF0-CD25-4F82-B0CF-D104FA72D607}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\bin\EWSProxy.exe
FirewallRules: [{840B0353-9EB2-444C-A67C-5D86C32D3D77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{782E3D06-8A10-4DFA-9735-F0D8ED354141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{76318C2B-F4C9-432D-AB62-EC0E5142013B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{04F2A747-B5E6-4D44-8F79-49A54479EA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{781D1462-76E4-4AAE-AF77-8B0C378BAA68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{11493C8B-117C-40B5-8B29-582DE836E589}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{718043E5-F4FD-4585-B95C-215494BDA0BB}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{43DD6891-85C8-4456-B4BD-BD7E98E31D09}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A749BACB-ABC1-47A6-87CB-349878047E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [{83596A7B-A660-4FE0-9B48-D3B5EA138628}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [TCP Query User{62B1F110-543C-461A-B205-9748228351C2}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [UDP Query User{122630AD-62E9-4F13-B88C-28D3F474E66D}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [TCP Query User{E1C170C0-D3ED-429D-A4AE-A907AE1B4108}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{7120984A-0E64-430C-9D33-E3BE629729A4}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{B466B9CB-E64F-46EE-8401-C776695B1D30}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{7B258906-3465-4C3E-9AED-5C8A8C4AC136}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8CF91F74-6DAC-42C3-8B38-78237C9C3CAA}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{69309EDB-A33C-40B2-ADEF-231A106A8EF7}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{89BAF8BB-0CAF-4083-9313-237BCDB4FDE2}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{7B4D17E4-DB77-46C5-8C7C-6A0E0CB878D4}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{6D6AEBD2-0C3B-42A7-9B0B-F4D0686E2DDF}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{3B7A4431-4EA6-41DC-941D-EDAF205BB932}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{5CCD112E-0826-41AC-A96F-C97BE372F16B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{795534E5-E479-497B-97E9-349C696885E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{92B68362-3073-4FC2-8C78-D1C8A680A4B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{5C9E5335-C5A2-44DE-9F54-0F2EBE66C014}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{2164DE04-3D9C-4EEC-967C-524393BEE922}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{466E2B41-DCC0-4F96-9379-92A5E244425D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{01CB6B61-8B59-4C23-AEF4-50F5D0FE141A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{17283D23-0E99-46D3-BC0A-6FFA7B38B9A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{392D2C4C-3C12-48B8-BF5B-9D94C7C24FC4}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{67537A71-C1C9-46C4-9008-744818432D62}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C7C04817-84F1-4922-8F7F-A5F4DF7B9625}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.141.77.240:5353 22 baerenfrosch._arxcontrol._tcp.local. TXT allowed=*¦protocol=18
Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1484
Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1484
Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1453
Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1453
Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2875
Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2875
System errors:
=============
Error: (05/13/2015 11:01:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/13/2015 11:01:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.
Error: (05/12/2015 03:36:24 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/11/2015 01:09:50 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/11/2015 01:09:19 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/09/2015 10:24:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 09.05.2015 um 03:47:16 unerwartet heruntergefahren.
Error: (05/09/2015 10:24:09 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841169248
Error: (05/08/2015 10:47:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 06.05.2015 um 19:43:24 unerwartet heruntergefahren.
Error: (05/05/2015 07:42:49 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/04/2015 07:14:25 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office Sessions:
=========================
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.141.77.240:5353 22 baerenfrosch._arxcontrol._tcp.local. TXT allowed=*¦protocol=18
Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1484
Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1484
Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1453
Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1453
Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2875
Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2875
==================== Memory info ===========================
Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 19%
Total physical RAM: 11461.2 MB
Available physical RAM: 9256.71 MB
Total Pagefile: 13189.2 MB
Available Pagefile: 10462.76 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:909.38 GB) (Free:688.16 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.12 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6F653072)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2015 01
Ran by MeinAdmin (administrator) on BAERENFROSCH on 14-05-2015 00:26:05
Running from C:\Users\Leo\Desktop
Loaded Profiles: Leo & MeinAdmin (Available profiles: Admin & Leo & MeinAdmin)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-10-31] (LogMeIn, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1006 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1008 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-02] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-02] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-514103404-2733609734-414756415-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (YouTube) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Google Search) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Avira Browser Safety) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]
CHR Extension: (Gmail) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-23] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
S3 celavimushost; C:\Program Files (x86)\Steam\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-04-14] (altPUG LLC)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-10-31] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-10-31] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-04-22] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-10-31] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-06] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-04-22] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 GENERICDRV; \??\C:\Users\ADMINI~1\AppData\Local\Temp\pftDAE8.tmp\amifldrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 00:26 - 2015-05-14 00:26 - 00019185 _____ () C:\Users\Leo\Desktop\FRST.txt
2015-05-14 00:25 - 2015-05-14 00:25 - 00000000 ____D () C:\Users\Leo\Desktop\FRST-OlderVersion
2015-05-06 19:22 - 2015-05-06 19:22 - 00000875 _____ () C:\Users\Leo\AppData\Local\recently-used.xbel
2015-04-28 07:43 - 2015-04-28 07:43 - 01253126 _____ () C:\Users\Leo\Downloads\Homo neandertalensis(1).odp
2015-04-28 07:43 - 2015-04-28 07:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis(1).odp#
2015-04-28 07:42 - 2015-04-28 07:42 - 00003080 _____ () C:\Windows\System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0}
2015-04-27 15:43 - 2015-04-27 15:43 - 01203520 _____ () C:\Users\Leo\Downloads\Homo neandertalensis.odp
2015-04-27 15:43 - 2015-04-27 15:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis.odp#
2015-04-26 17:04 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Packages
2015-04-26 17:03 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP
2015-04-23 18:34 - 2015-04-23 18:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-14 16:29 - 2015-04-14 16:29 - 00000000 ____D () C:\ProgramData\Celavimus
2015-04-14 16:24 - 2015-04-14 16:24 - 00001330 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2015-04-14 16:24 - 2015-04-14 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
2015-04-14 16:21 - 2015-04-14 16:22 - 24006320 _____ ( ) C:\Users\Leo\Downloads\CEVO CSGO Client.exe
2015-04-14 15:35 - 2015-04-14 15:35 - 00000000 ____D () C:\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-14 00:26 - 2015-03-21 14:44 - 00000000 ____D () C:\FRST
2015-05-14 00:25 - 2015-03-21 14:42 - 02104832 _____ (Farbar) C:\Users\Leo\Desktop\FRST64.exe
2015-05-14 00:24 - 2014-10-01 19:18 - 01477182 _____ () C:\Windows\WindowsUpdate.log
2015-05-14 00:23 - 2014-11-01 16:04 - 00053760 ___SH () C:\Users\Leo\Desktop\Thumbs.db
2015-05-14 00:22 - 2014-10-01 20:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\ClassicShell
2015-05-14 00:09 - 2014-10-01 20:27 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1006
2015-05-14 00:06 - 2014-11-08 00:38 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Roaming\ClassicShell
2015-05-14 00:04 - 2014-10-02 15:43 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\TS3Client
2015-05-14 00:03 - 2014-11-08 00:31 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-14 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-13 23:45 - 2014-11-08 00:31 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 23:16 - 2014-10-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-13 15:25 - 2015-02-01 22:38 - 00000000 ____D () C:\Users\Leo\AppData\Local\Adobe
2015-05-13 15:23 - 2014-10-02 11:23 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Local\Adobe
2015-05-13 14:57 - 2014-10-01 20:23 - 00000000 ____D () C:\Users\Leo\Documents\Youcam
2015-05-09 22:24 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-09 03:50 - 2014-10-01 20:21 - 00000000 ____D () C:\Users\Leo
2015-05-06 19:22 - 2015-01-10 15:33 - 00000000 ____D () C:\Users\Leo\.gimp-2.8
2015-05-06 19:20 - 2014-11-05 22:54 - 00293376 ___SH () C:\Users\Leo\Downloads\Thumbs.db
2015-05-05 19:48 - 2015-02-07 14:58 - 00000000 ____D () C:\Users\Mama
2015-05-05 19:48 - 2014-10-01 19:36 - 00000000 ____D () C:\Users\peter
2015-05-05 15:04 - 2015-04-01 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 15:02 - 2015-03-01 21:05 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 15:02 - 2015-03-01 21:05 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-04 22:13 - 2014-10-02 08:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\vlc
2015-05-04 19:23 - 2014-11-11 18:44 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\Skype
2015-05-01 01:53 - 2014-11-08 00:33 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-28 07:39 - 2014-05-01 00:19 - 00800954 _____ () C:\Windows\system32\perfh007.dat
2015-04-28 07:39 - 2014-05-01 00:19 - 00174458 _____ () C:\Windows\system32\perfc007.dat
2015-04-28 07:39 - 2014-03-18 11:53 - 01921154 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 07:37 - 2013-08-22 16:46 - 00038026 _____ () C:\Windows\setupact.log
2015-04-27 14:47 - 2014-10-01 20:31 - 00000000 ____D () C:\Users\MeinAdmin
2015-04-27 13:45 - 2015-04-07 15:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 17:40 - 2015-02-07 15:05 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005
2015-04-26 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-19 20:33 - 2015-01-10 16:48 - 00000000 ____D () C:\Users\Leo\Documents\MSA
==================== Files in the root of some directories =======
2014-12-18 15:05 - 2014-12-18 15:05 - 0007626 _____ () C:\Users\MeinAdmin\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Leo\AppData\Local\Temp\avgnt.exe
C:\Users\MeinAdmin\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-05 19:42
==================== End Of Log ============================
--- --- --- |
|
14.05.2015, 06:37
| #3 |
| /// the machine /// TB-Ausbilder    | audiodg.exe - Virus? hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
14.05.2015, 16:15
| #4 |
| | audiodg.exe - Virus? sollte mein rechner neu starten wenn mbar fertig ist? mein Rechner hat sich nicht neu gessartet und ich mach grad nen 2. check aber Hier der erste: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.05.14.02
rootkit: v2015.04.21.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
MeinAdmin :: BAERENFROSCH [administrator]
14.05.2015 14:13:47
mbar-log-2015-05-14 (14-13-47).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 499280
Time elapsed: 42 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Leo\AppData\Roaming\Minecraft.exe (Trojan.Agent) -> Delete on reboot. [1f6b157e1c6e9d998b2326d9f70dd52b]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 17:08:36.0451 0x1274 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:08:36.0451 0x1274 UEFI system
17:08:44.0430 0x1274 ============================================================
17:08:44.0431 0x1274 Current date / time: 2015/05/14 17:08:44.0430
17:08:44.0431 0x1274 SystemInfo:
17:08:44.0431 0x1274
17:08:44.0431 0x1274 OS Version: 6.3.9600 ServicePack: 0.0
17:08:44.0431 0x1274 Product type: Workstation
17:08:44.0431 0x1274 ComputerName: BAERENFROSCH
17:08:44.0431 0x1274 UserName: MeinAdmin
17:08:44.0431 0x1274 Windows directory: C:\Windows
17:08:44.0431 0x1274 System windows directory: C:\Windows
17:08:44.0431 0x1274 Running under WOW64
17:08:44.0431 0x1274 Processor architecture: Intel x64
17:08:44.0431 0x1274 Number of processors: 4
17:08:44.0431 0x1274 Page size: 0x1000
17:08:44.0431 0x1274 Boot type: Normal boot
17:08:44.0431 0x1274 ============================================================
17:08:45.0750 0x1274 KLMD registered as C:\Windows\system32\drivers\50198259.sys
17:08:46.0277 0x1274 System UUID: {D041FC9F-19CA-1568-059C-36591B5101B2}
17:08:46.0863 0x1274 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:08:46.0869 0x1274 ============================================================
17:08:46.0870 0x1274 \Device\Harddisk0\DR0:
17:08:46.0870 0x1274 GPT partitions:
17:08:46.0870 0x1274 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F77E0279-F168-413B-BAE2-477675BDE672}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
17:08:46.0870 0x1274 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A7E29BA9-70B4-4B78-86E1-D18E3343A256}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
17:08:46.0870 0x1274 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E9472B92-232E-472A-9E44-BE898F31361A}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
17:08:46.0870 0x1274 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {60E84A2A-DE04-49FF-8C9D-94D5E2A16B3B}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x71AC0800
17:08:46.0870 0x1274 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CFDF3F4D-73AF-44EF-B2A9-1F9B07DE2EFA}, Name: Basic data partition, StartLBA 0x71CC8000, BlocksNum 0x2A3C000
17:08:46.0870 0x1274 MBR partitions:
17:08:46.0870 0x1274 ============================================================
17:08:46.0904 0x1274 C: <-> \Device\Harddisk0\DR0\Partition4
17:08:46.0946 0x1274 D: <-> \Device\Harddisk0\DR0\Partition5
17:08:46.0946 0x1274 ============================================================
17:08:46.0947 0x1274 Initialize success
17:08:46.0947 0x1274 ============================================================
17:11:29.0352 0x1320 ============================================================
17:11:29.0352 0x1320 Scan started
17:11:29.0352 0x1320 Mode: Manual; SigCheck; TDLFS;
17:11:29.0352 0x1320 ============================================================
17:11:29.0352 0x1320 KSN ping started
17:11:32.0320 0x1320 KSN ping finished: true
17:11:34.0096 0x1320 ================ Scan system memory ========================
17:11:34.0096 0x1320 System memory - ok
17:11:34.0097 0x1320 ================ Scan services =============================
17:11:34.0242 0x1320 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
17:11:34.0340 0x1320 1394ohci - ok
17:11:34.0372 0x1320 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys
17:11:34.0408 0x1320 3ware - ok
17:11:34.0437 0x1320 [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:11:34.0448 0x1320 Accelerometer - ok
17:11:34.0489 0x1320 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\Windows\system32\drivers\ACPI.sys
17:11:34.0525 0x1320 ACPI - ok
17:11:34.0535 0x1320 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys
17:11:34.0551 0x1320 acpiex - ok
17:11:34.0571 0x1320 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
17:11:34.0609 0x1320 acpipagr - ok
17:11:34.0618 0x1320 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
17:11:34.0678 0x1320 AcpiPmi - ok
17:11:34.0691 0x1320 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys
17:11:34.0729 0x1320 acpitime - ok
17:11:34.0783 0x1320 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
17:11:34.0825 0x1320 ADP80XX - ok
17:11:34.0863 0x1320 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:11:34.0919 0x1320 AeLookupSvc - ok
17:11:34.0968 0x1320 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\Windows\system32\drivers\afd.sys
17:11:35.0020 0x1320 AFD - ok
17:11:35.0037 0x1320 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:11:35.0053 0x1320 agp440 - ok
17:11:35.0066 0x1320 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
17:11:35.0118 0x1320 ahcache - ok
17:11:35.0145 0x1320 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\Windows\System32\alg.exe
17:11:35.0187 0x1320 ALG - ok
17:11:35.0212 0x1320 [ 6EF9DB99793BC3494EDA6C2B1DA7FA32, 5EDA9068E84070445A0585D27727D1ED74E17E87584A6661D08E394544E14E34 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:11:35.0285 0x1320 AMD External Events Utility - ok
17:11:35.0340 0x1320 AMD FUEL Service - ok
17:11:35.0373 0x1320 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
17:11:35.0434 0x1320 AmdK8 - ok
17:11:35.0917 0x1320 [ EA20992B6D899437F844F796325F42D7, A7671D1154841BE8D9B6E59C527F64D5790ACBE18F1CE033CC58C080AC7D8BC2 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:11:36.0470 0x1320 amdkmdag - ok
17:11:36.0548 0x1320 [ 3FC5DEC11E6B595EAF80537B3A7827AA, 5AEE9D8931BA9D0C2D9FAB66874501B7138CAACB5588D7D08349AE9CA0D66D35 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
17:11:36.0583 0x1320 amdkmdap - ok
17:11:36.0608 0x1320 [ C04F35935BF6274F5593B78C7B295760, 29BC36696B3D5C75DEF9C9D96D3C06E5C6D964A00B4D5CD354CB08002E085191 ] amdkmpfd C:\Windows\system32\drivers\amdkmpfd.sys
17:11:36.0626 0x1320 amdkmpfd - ok
17:11:36.0648 0x1320 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
17:11:36.0673 0x1320 AmdPPM - ok
17:11:36.0682 0x1320 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys
17:11:36.0697 0x1320 amdsata - ok
17:11:36.0731 0x1320 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
17:11:36.0853 0x1320 amdsbs - ok
17:11:36.0879 0x1320 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys
17:11:36.0893 0x1320 amdxata - ok
17:11:36.0990 0x1320 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:11:37.0024 0x1320 AntiVirMailService - ok
17:11:37.0069 0x1320 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:11:37.0090 0x1320 AntiVirSchedulerService - ok
17:11:37.0128 0x1320 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:11:37.0148 0x1320 AntiVirService - ok
17:11:37.0198 0x1320 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:11:37.0241 0x1320 AntiVirWebService - ok
17:11:37.0270 0x1320 [ 10378ADFA7F832B68616C3B8C6470DBB, 4738F81C40BF3B75612E983AC0DADCA8B4A7D3A5B3FBB5058B93D421A32979AC ] AODDriver4.3 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:11:37.0280 0x1320 AODDriver4.3 - ok
17:11:37.0319 0x1320 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll
17:11:37.0375 0x1320 AppHostSvc - ok
17:11:37.0391 0x1320 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\Windows\system32\drivers\appid.sys
17:11:37.0430 0x1320 AppID - ok
17:11:37.0455 0x1320 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:11:37.0491 0x1320 AppIDSvc - ok
17:11:37.0530 0x1320 [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo C:\Windows\System32\appinfo.dll
17:11:37.0572 0x1320 Appinfo - ok
17:11:37.0603 0x1320 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\Windows\system32\AppReadiness.dll
17:11:37.0675 0x1320 AppReadiness - ok
17:11:37.0738 0x1320 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
17:11:37.0809 0x1320 AppXSvc - ok
17:11:37.0837 0x1320 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:11:37.0854 0x1320 arcsas - ok
17:11:37.0937 0x1320 [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:11:37.0951 0x1320 aspnet_state - ok
17:11:37.0970 0x1320 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys
17:11:37.0982 0x1320 atapi - ok
17:11:38.0010 0x1320 [ 8645A198090288F4C5FD998903736216, 720B37BEE126E708E70ECA51770670E5DE389C0E48AEA191DCBCB08A8A1655F1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
17:11:38.0052 0x1320 AtiHDAudioService - ok
17:11:38.0089 0x1320 [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
17:11:38.0139 0x1320 AudioEndpointBuilder - ok
17:11:38.0185 0x1320 [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:11:38.0249 0x1320 Audiosrv - ok
17:11:38.0284 0x1320 [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:11:38.0297 0x1320 avgntflt - ok
17:11:38.0316 0x1320 [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:11:38.0329 0x1320 avipbb - ok
17:11:38.0367 0x1320 [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
17:11:38.0381 0x1320 Avira.OE.ServiceHost - ok
17:11:38.0388 0x1320 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:11:38.0474 0x1320 avkmgr - ok
17:11:38.0503 0x1320 [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:11:38.0524 0x1320 avnetflt - ok
17:11:38.0543 0x1320 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:11:38.0581 0x1320 AxInstSV - ok
17:11:38.0621 0x1320 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
17:11:38.0653 0x1320 b06bdrv - ok
17:11:38.0670 0x1320 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
17:11:38.0715 0x1320 BasicDisplay - ok
17:11:38.0738 0x1320 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
17:11:38.0801 0x1320 BasicRender - ok
17:11:38.0818 0x1320 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
17:11:38.0829 0x1320 bcmfn2 - ok
17:11:38.0875 0x1320 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\Windows\System32\bdesvc.dll
17:11:38.0916 0x1320 BDESVC - ok
17:11:38.0936 0x1320 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys
17:11:38.0978 0x1320 Beep - ok
17:11:39.0035 0x1320 [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
17:11:39.0058 0x1320 BEService - ok
17:11:39.0117 0x1320 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\Windows\System32\bfe.dll
17:11:39.0182 0x1320 BFE - ok
17:11:39.0239 0x1320 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\Windows\System32\qmgr.dll
17:11:39.0313 0x1320 BITS - ok
17:11:39.0359 0x1320 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:11:39.0382 0x1320 Bonjour Service - ok
17:11:39.0418 0x1320 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:11:39.0468 0x1320 bowser - ok
17:11:39.0504 0x1320 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
17:11:39.0553 0x1320 BrokerInfrastructure - ok
17:11:39.0592 0x1320 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\Windows\System32\browser.dll
17:11:39.0635 0x1320 Browser - ok
17:11:39.0695 0x1320 [ 0D78CF518DDED441E22663A9C8F74D57, 1704F37002EC290A0F2365E93D02B5F009AEEEECAFF3636B8220370F0DFE7125 ] BTDevManager C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
17:11:39.0712 0x1320 BTDevManager - detected UnsignedFile.Multi.Generic ( 1 )
17:11:46.0350 0x1320 BTDevManager ( UnsignedFile.Multi.Generic ) - warning
17:11:46.0393 0x1320 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
17:11:46.0444 0x1320 BthAvrcpTg - ok
17:11:46.0492 0x1320 [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\Windows\System32\drivers\BthEnum.sys
17:11:46.0538 0x1320 BthEnum - ok
17:11:46.0567 0x1320 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
17:11:46.0595 0x1320 BthHFEnum - ok
17:11:46.0611 0x1320 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
17:11:46.0639 0x1320 bthhfhid - ok
17:11:46.0671 0x1320 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
17:11:46.0721 0x1320 BthLEEnum - ok
17:11:46.0740 0x1320 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
17:11:46.0769 0x1320 BTHMODEM - ok
17:11:46.0850 0x1320 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\Windows\System32\drivers\bthpan.sys
17:11:46.0917 0x1320 BthPan - ok
17:11:47.0020 0x1320 [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
17:11:47.0082 0x1320 BTHPORT - ok
17:11:47.0125 0x1320 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\Windows\system32\bthserv.dll
17:11:47.0155 0x1320 bthserv - ok
17:11:47.0207 0x1320 [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
17:11:47.0235 0x1320 BTHUSB - ok
17:11:47.0251 0x1320 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:11:47.0281 0x1320 cdfs - ok
17:11:47.0301 0x1320 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\Windows\System32\drivers\cdrom.sys
17:11:47.0325 0x1320 cdrom - ok
17:11:47.0400 0x1320 [ 7D3B8479F17A2A40DDC40844E07E4837, A2F02564370291EFFED893B0B7CDD5EC65CA960CAD75392E8E5BB9AC5407E3F5 ] celavimushost C:\Program Files (x86)\Steam\CEVO\CSGO Client Beta\CelavimusClientHelper.exe
17:11:47.0414 0x1320 celavimushost - ok
17:11:47.0443 0x1320 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\Windows\System32\certprop.dll
17:11:47.0482 0x1320 CertPropSvc - ok
17:11:47.0496 0x1320 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys
17:11:47.0525 0x1320 circlass - ok
17:11:47.0570 0x1320 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\Windows\system32\drivers\CLFS.sys
17:11:47.0597 0x1320 CLFS - ok
17:11:47.0635 0x1320 [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
17:11:47.0647 0x1320 CLVirtualDrive - ok
17:11:47.0671 0x1320 [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys
17:11:47.0682 0x1320 clwvd - ok
17:11:47.0704 0x1320 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
17:11:47.0760 0x1320 CmBatt - ok
17:11:47.0804 0x1320 [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG C:\Windows\system32\Drivers\cng.sys
17:11:47.0841 0x1320 CNG - ok
17:11:47.0852 0x1320 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
17:11:47.0872 0x1320 CompositeBus - ok
17:11:47.0879 0x1320 COMSysApp - ok
17:11:47.0904 0x1320 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys
17:11:47.0939 0x1320 condrv - ok
17:11:47.0976 0x1320 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:11:48.0021 0x1320 CryptSvc - ok
17:11:48.0083 0x1320 [ F016D182507CD4671B6D6672CD71C54B, 392382207B76B313895D9BDF48AFDF3B0E11EDF9381059EF757817FE60BE077D ] DACoreService C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
17:11:48.0104 0x1320 DACoreService - ok
17:11:48.0117 0x1320 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys
17:11:48.0131 0x1320 dam - ok
17:11:48.0177 0x1320 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:11:48.0254 0x1320 DcomLaunch - ok
17:11:48.0304 0x1320 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\Windows\System32\defragsvc.dll
17:11:48.0354 0x1320 defragsvc - ok
17:11:48.0395 0x1320 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
17:11:48.0433 0x1320 DeviceAssociationService - ok
17:11:48.0469 0x1320 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
17:11:48.0516 0x1320 DeviceInstall - ok
17:11:48.0552 0x1320 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
17:11:48.0593 0x1320 Dfsc - ok
17:11:48.0628 0x1320 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
17:11:48.0693 0x1320 dg_ssudbus - ok
17:11:48.0743 0x1320 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:11:48.0800 0x1320 Dhcp - ok
17:11:48.0831 0x1320 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\Windows\system32\drivers\disk.sys
17:11:48.0847 0x1320 disk - ok
17:11:48.0858 0x1320 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
17:11:48.0938 0x1320 dmvsc - ok
17:11:48.0973 0x1320 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:11:49.0010 0x1320 Dnscache - ok
17:11:49.0045 0x1320 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\Windows\System32\dot3svc.dll
17:11:49.0083 0x1320 dot3svc - ok
17:11:49.0110 0x1320 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\Windows\system32\dps.dll
17:11:49.0136 0x1320 DPS - ok
17:11:49.0155 0x1320 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:11:49.0169 0x1320 drmkaud - ok
17:11:49.0197 0x1320 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
17:11:49.0234 0x1320 DsmSvc - ok
17:11:49.0313 0x1320 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:11:49.0385 0x1320 DXGKrnl - ok
17:11:49.0416 0x1320 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\Windows\System32\eapsvc.dll
17:11:49.0449 0x1320 Eaphost - ok
17:11:49.0617 0x1320 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys
17:11:49.0870 0x1320 ebdrv - ok
17:11:49.0905 0x1320 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\Windows\System32\lsass.exe
17:11:49.0920 0x1320 EFS - ok
17:11:49.0954 0x1320 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
17:11:49.0970 0x1320 EhStorClass - ok
17:11:49.0991 0x1320 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
17:11:50.0011 0x1320 EhStorTcgDrv - ok
17:11:50.0025 0x1320 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys
17:11:50.0052 0x1320 ErrDev - ok
17:11:50.0116 0x1320 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\Windows\system32\es.dll
17:11:50.0163 0x1320 EventSystem - ok
17:11:50.0198 0x1320 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys
17:11:50.0234 0x1320 exfat - ok
17:11:50.0259 0x1320 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:11:50.0280 0x1320 fastfat - ok
17:11:50.0317 0x1320 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\Windows\system32\fxssvc.exe
17:11:50.0393 0x1320 Fax - ok
17:11:50.0416 0x1320 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys
17:11:50.0436 0x1320 fdc - ok
17:11:50.0463 0x1320 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\Windows\system32\fdPHost.dll
17:11:50.0493 0x1320 fdPHost - ok
17:11:50.0515 0x1320 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\Windows\system32\fdrespub.dll
17:11:50.0553 0x1320 FDResPub - ok
17:11:50.0574 0x1320 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\Windows\system32\fhsvc.dll
17:11:50.0628 0x1320 fhsvc - ok
17:11:50.0657 0x1320 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:11:50.0673 0x1320 FileInfo - ok
17:11:50.0694 0x1320 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:11:50.0726 0x1320 Filetrace - ok
17:11:50.0741 0x1320 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
17:11:50.0767 0x1320 flpydisk - ok
17:11:50.0808 0x1320 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:11:50.0836 0x1320 FltMgr - ok
17:11:50.0906 0x1320 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\Windows\system32\FntCache.dll
17:11:50.0993 0x1320 FontCache - ok
17:11:51.0025 0x1320 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:11:51.0037 0x1320 FontCache3.0.0.0 - ok
17:11:51.0048 0x1320 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:11:51.0062 0x1320 FsDepends - ok
17:11:51.0079 0x1320 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:11:51.0091 0x1320 Fs_Rec - ok
17:11:51.0131 0x1320 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:11:51.0168 0x1320 fvevol - ok
17:11:51.0192 0x1320 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
17:11:51.0216 0x1320 FxPPM - ok
17:11:51.0224 0x1320 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:11:51.0304 0x1320 gagp30kx - ok
17:11:51.0370 0x1320 [ E6CE7A89183D1840F0FF63694292FFA2, 8907ADCF9967026CD1A9D545E2274569F840F1DFF0E407CC77B6A662267AAC4B ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
17:11:51.0385 0x1320 GamesAppIntegrationService - ok
17:11:51.0405 0x1320 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:11:51.0419 0x1320 GamesAppService - ok
17:11:51.0451 0x1320 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
17:11:51.0501 0x1320 gencounter - ok
17:11:51.0521 0x1320 GENERICDRV - ok
17:11:51.0558 0x1320 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
17:11:51.0578 0x1320 GPIOClx0101 - ok
17:11:51.0657 0x1320 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\Windows\System32\gpsvc.dll
17:11:51.0736 0x1320 gpsvc - ok
17:11:51.0784 0x1320 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:11:51.0795 0x1320 gupdate - ok
17:11:51.0802 0x1320 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:11:51.0813 0x1320 gupdatem - ok
17:11:51.0843 0x1320 [ 7797D1580D933056023B822BB5CD0FE2, 24585AAFB43862AE4B9228B513658D906550EC8A475C67182933FB233621A85D ] Hamachi C:\Windows\system32\DRIVERS\Hamdrv.sys
17:11:51.0852 0x1320 Hamachi - ok
17:11:51.0983 0x1320 [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:11:52.0062 0x1320 Hamachi2Svc - ok
17:11:52.0100 0x1320 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:11:52.0135 0x1320 HdAudAddService - ok
17:11:52.0168 0x1320 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
17:11:52.0202 0x1320 HDAudBus - ok
17:11:52.0227 0x1320 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
17:11:52.0251 0x1320 HidBatt - ok
17:11:52.0267 0x1320 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\Windows\System32\drivers\hidbth.sys
17:11:52.0290 0x1320 HidBth - ok
17:11:52.0298 0x1320 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
17:11:52.0316 0x1320 hidi2c - ok
17:11:52.0339 0x1320 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys
17:11:52.0360 0x1320 HidIr - ok
17:11:52.0390 0x1320 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\Windows\system32\hidserv.dll
17:11:52.0422 0x1320 hidserv - ok
17:11:52.0451 0x1320 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
17:11:52.0501 0x1320 HidUsb - ok
17:11:52.0515 0x1320 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\Windows\system32\kmsvc.dll
17:11:52.0544 0x1320 hkmsvc - ok
17:11:52.0592 0x1320 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:11:52.0636 0x1320 HomeGroupListener - ok
17:11:52.0673 0x1320 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:11:52.0731 0x1320 HomeGroupProvider - ok
17:11:52.0794 0x1320 [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
17:11:52.0809 0x1320 HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
17:11:52.0809 0x1320 HP DS Service ( UnsignedFile.Multi.Generic ) - warning
17:11:52.0856 0x1320 [ 64E96B86D6C5D29C89B206D6F19DABE9, FADF501FB18FEFC79DEA76BB8D7BC234E56DA714807EE7EC80D5FBF3AC4053B8 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
17:11:52.0875 0x1320 HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
17:11:52.0875 0x1320 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
17:11:52.0951 0x1320 [ 94D91D0DA8499D19F963DA69B8DB1371, 33559E64AFF9F56D9F1D8015CB1B090E947469E337CBD362EBCC96500FD6347D ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:11:52.0972 0x1320 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
17:11:52.0972 0x1320 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
17:11:52.0996 0x1320 [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:11:53.0004 0x1320 hpdskflt - ok
17:11:53.0082 0x1320 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:11:53.0123 0x1320 hpqwmiex - ok
17:11:53.0153 0x1320 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
17:11:53.0234 0x1320 HpSAMD - ok
17:11:53.0255 0x1320 [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv C:\Windows\system32\Hpservice.exe
17:11:53.0267 0x1320 hpsrv - ok
17:11:53.0312 0x1320 [ 29E334F41C4F96818DF73CB20FB49E95, 9C86C820207A67157441CF17E72BFB2B1F0947BB2E78F30F2D575B9ABD86F2A3 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
17:11:53.0335 0x1320 HPWMISVC - ok
17:11:53.0388 0x1320 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:11:53.0440 0x1320 HTTP - ok
17:11:53.0449 0x1320 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:11:53.0462 0x1320 hwpolicy - ok
17:11:53.0474 0x1320 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
17:11:53.0504 0x1320 hyperkbd - ok
17:11:53.0518 0x1320 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
17:11:53.0545 0x1320 HyperVideo - ok
17:11:53.0571 0x1320 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
17:11:53.0606 0x1320 i8042prt - ok
17:11:53.0612 0x1320 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
17:11:53.0623 0x1320 iaLPSSi_GPIO - ok
17:11:53.0632 0x1320 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
17:11:53.0672 0x1320 iaLPSSi_I2C - ok
17:11:53.0705 0x1320 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
17:11:53.0734 0x1320 iaStorAV - ok
17:11:53.0765 0x1320 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
17:11:53.0843 0x1320 iaStorV - ok
17:11:53.0850 0x1320 IEEtwCollectorService - ok
17:11:53.0915 0x1320 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\Windows\System32\ikeext.dll
17:11:53.0971 0x1320 IKEEXT - ok
17:11:54.0129 0x1320 [ 01262E2BE97708F54666E700482027DE, 7643FCFB6EBFABDD7D1A914C40FADE97DDC633C5D75BE2CADBAC61675564E5CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:11:54.0295 0x1320 IntcAzAudAddService - ok
17:11:54.0320 0x1320 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys
17:11:54.0352 0x1320 intelide - ok
17:11:54.0382 0x1320 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys
17:11:54.0397 0x1320 intelpep - ok
17:11:54.0428 0x1320 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\Windows\System32\drivers\intelppm.sys
17:11:54.0450 0x1320 intelppm - ok
17:11:54.0467 0x1320 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:11:54.0495 0x1320 IpFilterDriver - ok
17:11:54.0553 0x1320 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:11:54.0613 0x1320 iphlpsvc - ok
17:11:54.0640 0x1320 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
17:11:54.0682 0x1320 IPMIDRV - ok
17:11:54.0706 0x1320 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:11:54.0748 0x1320 IPNAT - ok
17:11:54.0762 0x1320 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:11:54.0789 0x1320 IRENUM - ok
17:11:54.0797 0x1320 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:11:54.0811 0x1320 isapnp - ok
17:11:54.0860 0x1320 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
17:11:54.0886 0x1320 iScsiPrt - ok
17:11:54.0913 0x1320 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
17:11:54.0928 0x1320 kbdclass - ok
17:11:54.0935 0x1320 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
17:11:54.0993 0x1320 kbdhid - ok
17:11:55.0021 0x1320 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
17:11:55.0089 0x1320 kdnic - ok
17:11:55.0105 0x1320 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\Windows\system32\lsass.exe
17:11:55.0120 0x1320 KeyIso - ok
17:11:55.0147 0x1320 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:11:55.0164 0x1320 KSecDD - ok
17:11:55.0190 0x1320 [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:11:55.0210 0x1320 KSecPkg - ok
17:11:55.0217 0x1320 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:11:55.0238 0x1320 ksthunk - ok
17:11:55.0275 0x1320 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:11:55.0313 0x1320 KtmRm - ok
17:11:55.0355 0x1320 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\Windows\system32\srvsvc.dll
17:11:55.0403 0x1320 LanmanServer - ok
17:11:55.0444 0x1320 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:11:55.0482 0x1320 LanmanWorkstation - ok
17:11:55.0532 0x1320 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll
17:11:55.0583 0x1320 lfsvc - ok
17:11:55.0621 0x1320 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\Windows\system32\drivers\LGBusEnum.sys
17:11:55.0631 0x1320 LGBusEnum - ok
17:11:55.0662 0x1320 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\Windows\system32\drivers\LGVirHid.sys
17:11:55.0670 0x1320 LGVirHid - ok
17:11:55.0692 0x1320 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:11:55.0721 0x1320 lltdio - ok
17:11:55.0757 0x1320 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:11:55.0782 0x1320 lltdsvc - ok
17:11:55.0797 0x1320 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:11:55.0835 0x1320 lmhosts - ok
17:11:55.0880 0x1320 [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
17:11:55.0900 0x1320 LMIGuardianSvc - ok
17:11:55.0937 0x1320 [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
17:11:55.0946 0x1320 LMIInfo - ok
17:11:55.0964 0x1320 [ 826D817BA4C19DBAB969323CE40CD817, 69608FF69020540E722DDC47B6E12A36DC1FB1583641EA2389D853E32F3F3A3A ] LMIMaint C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
17:11:55.0979 0x1320 LMIMaint - ok
17:11:56.0001 0x1320 [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr C:\Windows\system32\DRIVERS\lmimirr.sys
17:11:56.0010 0x1320 lmimirr - ok
17:11:56.0016 0x1320 LMIRfsClientNP - ok
17:11:56.0051 0x1320 [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver C:\Windows\system32\drivers\LMIRfsDriver.sys
17:11:56.0062 0x1320 LMIRfsDriver - ok
17:11:56.0098 0x1320 [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
17:11:56.0118 0x1320 LogMeIn - ok
17:11:56.0142 0x1320 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:11:56.0160 0x1320 LSI_SAS - ok
17:11:56.0175 0x1320 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
17:11:56.0191 0x1320 LSI_SAS2 - ok
17:11:56.0215 0x1320 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys
17:11:56.0263 0x1320 LSI_SAS3 - ok
17:11:56.0272 0x1320 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
17:11:56.0319 0x1320 LSI_SSS - ok
17:11:56.0370 0x1320 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\Windows\System32\lsm.dll
17:11:56.0432 0x1320 LSM - ok
17:11:56.0461 0x1320 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\Windows\system32\drivers\luafv.sys
17:11:56.0488 0x1320 luafv - ok
17:11:56.0514 0x1320 [ CF12E148C6FC151335B7D7FE03F1C7A2, 7087DF6D884AF0A57AC22D7AE9C2903913AAB4CE52D19666B6513C3D5706E43C ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
17:11:56.0524 0x1320 MBAMProtector - ok
17:11:56.0616 0x1320 [ 86701B8E4C53280AA8642AC85F8500F4, 6839F2B840410857AE7DA215A17922A7499A9B99D96032756525878E98175103 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
17:11:56.0681 0x1320 MBAMScheduler - ok
17:11:56.0737 0x1320 [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:11:56.0777 0x1320 MBAMService - ok
17:11:56.0797 0x1320 [ 7FD0FDFB97D80B21195273C4C3810FE1, E1072821AB338F45740DE6CF7BDB7C676CC67AB4BFC2ACF78773ABB424152D2C ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:11:56.0807 0x1320 MBAMWebAccessControl - ok
17:11:56.0828 0x1320 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys
17:11:56.0843 0x1320 megasas - ok
17:11:56.0888 0x1320 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys
17:11:56.0960 0x1320 megasr - ok
17:11:56.0991 0x1320 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\Windows\system32\mmcss.dll
17:11:57.0054 0x1320 MMCSS - ok
17:11:57.0082 0x1320 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys
17:11:57.0110 0x1320 Modem - ok
17:11:57.0127 0x1320 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys
17:11:57.0170 0x1320 monitor - ok
17:11:57.0178 0x1320 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\Windows\System32\drivers\mouclass.sys
17:11:57.0192 0x1320 mouclass - ok
17:11:57.0199 0x1320 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\Windows\System32\drivers\mouhid.sys
17:11:57.0224 0x1320 mouhid - ok
17:11:57.0233 0x1320 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:11:57.0249 0x1320 mountmgr - ok
17:11:57.0287 0x1320 [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:11:57.0301 0x1320 MozillaMaintenance - ok
17:11:57.0309 0x1320 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:11:57.0342 0x1320 mpsdrv - ok
17:11:57.0400 0x1320 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:11:57.0446 0x1320 MpsSvc - ok
17:11:57.0492 0x1320 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:11:57.0526 0x1320 MRxDAV - ok
17:11:57.0563 0x1320 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:11:57.0601 0x1320 mrxsmb - ok
17:11:57.0635 0x1320 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:11:57.0669 0x1320 mrxsmb10 - ok
17:11:57.0705 0x1320 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:11:57.0748 0x1320 mrxsmb20 - ok
17:11:57.0768 0x1320 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
17:11:57.0812 0x1320 MsBridge - ok
17:11:57.0828 0x1320 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\Windows\System32\msdtc.exe
17:11:57.0860 0x1320 MSDTC - ok
17:11:57.0896 0x1320 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:11:57.0922 0x1320 Msfs - ok
17:11:57.0937 0x1320 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
17:11:57.0951 0x1320 msgpiowin32 - ok
17:11:57.0971 0x1320 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:11:58.0001 0x1320 mshidkmdf - ok
17:11:58.0021 0x1320 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
17:11:58.0049 0x1320 mshidumdf - ok
17:11:58.0074 0x1320 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:11:58.0088 0x1320 msisadrv - ok
17:11:58.0117 0x1320 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:11:58.0136 0x1320 MSiSCSI - ok
17:11:58.0143 0x1320 msiserver - ok
17:11:58.0169 0x1320 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:11:58.0196 0x1320 MSKSSRV - ok
17:11:58.0212 0x1320 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
17:11:58.0247 0x1320 MsLldp - ok
17:11:58.0259 0x1320 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:11:58.0286 0x1320 MSPCLOCK - ok
17:11:58.0301 0x1320 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:11:58.0322 0x1320 MSPQM - ok
17:11:58.0363 0x1320 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:11:58.0389 0x1320 MsRPC - ok
17:11:58.0400 0x1320 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
17:11:58.0415 0x1320 mssmbios - ok
17:11:58.0429 0x1320 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:11:58.0450 0x1320 MSTEE - ok
17:11:58.0462 0x1320 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
17:11:58.0490 0x1320 MTConfig - ok
17:11:58.0499 0x1320 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\Windows\system32\Drivers\mup.sys
17:11:58.0515 0x1320 Mup - ok
17:11:58.0535 0x1320 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys
17:11:58.0575 0x1320 mvumis - ok
17:11:58.0615 0x1320 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\Windows\system32\qagentRT.dll
17:11:58.0655 0x1320 napagent - ok
17:11:58.0704 0x1320 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:11:58.0741 0x1320 NativeWifiP - ok
17:11:58.0771 0x1320 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\Windows\System32\ncasvc.dll
17:11:58.0808 0x1320 NcaSvc - ok
17:11:58.0828 0x1320 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\Windows\System32\ncbservice.dll
17:11:58.0878 0x1320 NcbService - ok
17:11:58.0896 0x1320 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
17:11:58.0946 0x1320 NcdAutoSetup - ok
17:11:59.0005 0x1320 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:11:59.0061 0x1320 NDIS - ok
17:11:59.0084 0x1320 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:11:59.0126 0x1320 NdisCap - ok
17:11:59.0148 0x1320 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
17:11:59.0193 0x1320 NdisImPlatform - ok
17:11:59.0217 0x1320 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:59.0248 0x1320 NdisTapi - ok
17:11:59.0268 0x1320 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:59.0292 0x1320 Ndisuio - ok
17:11:59.0299 0x1320 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
17:11:59.0323 0x1320 NdisVirtualBus - ok
17:11:59.0361 0x1320 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:59.0397 0x1320 NdisWan - ok
17:11:59.0407 0x1320 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:59.0432 0x1320 NdisWanLegacy - ok
17:11:59.0440 0x1320 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:11:59.0470 0x1320 NDProxy - ok
17:11:59.0492 0x1320 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\Windows\system32\drivers\Ndu.sys
17:11:59.0513 0x1320 Ndu - ok
17:11:59.0521 0x1320 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:11:59.0549 0x1320 NetBIOS - ok
17:11:59.0589 0x1320 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:11:59.0627 0x1320 NetBT - ok
17:11:59.0649 0x1320 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\Windows\system32\lsass.exe
17:11:59.0665 0x1320 Netlogon - ok
17:11:59.0707 0x1320 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\Windows\System32\netman.dll
17:11:59.0745 0x1320 Netman - ok
17:11:59.0781 0x1320 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\Windows\System32\netprofmsvc.dll
17:11:59.0832 0x1320 netprofm - ok
17:11:59.0890 0x1320 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:59.0907 0x1320 NetTcpPortSharing - ok
17:11:59.0944 0x1320 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\Windows\system32\DRIVERS\netvsc63.sys
17:11:59.0966 0x1320 netvsc - ok
17:12:00.0005 0x1320 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\Windows\System32\nlasvc.dll
17:12:00.0046 0x1320 NlaSvc - ok
17:12:00.0059 0x1320 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:12:00.0092 0x1320 Npfs - ok
17:12:00.0102 0x1320 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
17:12:00.0147 0x1320 npsvctrig - ok
17:12:00.0181 0x1320 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\Windows\system32\nsisvc.dll
17:12:00.0208 0x1320 nsi - ok
17:12:00.0226 0x1320 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:12:00.0251 0x1320 nsiproxy - ok
17:12:00.0344 0x1320 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:12:00.0432 0x1320 Ntfs - ok
17:12:00.0457 0x1320 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys
17:12:00.0472 0x1320 Null - ok
17:12:00.0504 0x1320 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:12:00.0521 0x1320 nvraid - ok
17:12:00.0532 0x1320 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:12:00.0551 0x1320 nvstor - ok
17:12:00.0561 0x1320 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:12:00.0578 0x1320 nv_agp - ok
17:12:00.0676 0x1320 [ 10432B8F54E8E0B853F63CDCE634ED11, F46AFAA7F187C88FE2FDBFA3E9FADCEBFD49476F985B90715D296A35C5AB12DF ] omniserv C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
17:12:00.0683 0x1320 omniserv - detected UnsignedFile.Multi.Generic ( 1 )
17:12:00.0684 0x1320 omniserv ( UnsignedFile.Multi.Generic ) - warning
17:12:00.0717 0x1320 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:12:00.0776 0x1320 p2pimsvc - ok
17:12:00.0812 0x1320 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\Windows\system32\p2psvc.dll
17:12:00.0864 0x1320 p2psvc - ok
17:12:00.0898 0x1320 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\Windows\System32\drivers\parport.sys
17:12:00.0929 0x1320 Parport - ok
17:12:00.0943 0x1320 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:12:00.0958 0x1320 partmgr - ok
17:12:01.0005 0x1320 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\Windows\System32\pcasvc.dll
17:12:01.0034 0x1320 PcaSvc - ok
17:12:01.0069 0x1320 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\Windows\system32\drivers\pci.sys
17:12:01.0093 0x1320 pci - ok
17:12:01.0112 0x1320 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys
17:12:01.0125 0x1320 pciide - ok
17:12:01.0149 0x1320 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:12:01.0166 0x1320 pcmcia - ok
17:12:01.0187 0x1320 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys
17:12:01.0201 0x1320 pcw - ok
17:12:01.0228 0x1320 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\Windows\system32\drivers\pdc.sys
17:12:01.0244 0x1320 pdc - ok
17:12:01.0285 0x1320 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:12:01.0319 0x1320 PEAUTH - ok
17:12:01.0416 0x1320 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:12:01.0464 0x1320 PerfHost - ok
17:12:01.0547 0x1320 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\Windows\system32\pla.dll
17:12:01.0619 0x1320 pla - ok
17:12:01.0647 0x1320 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:12:01.0665 0x1320 PlugPlay - ok
17:12:01.0686 0x1320 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:12:01.0703 0x1320 PNRPAutoReg - ok
17:12:01.0728 0x1320 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:12:01.0756 0x1320 PNRPsvc - ok
17:12:01.0792 0x1320 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:12:01.0821 0x1320 PolicyAgent - ok
17:12:01.0857 0x1320 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\Windows\system32\umpo.dll
17:12:01.0905 0x1320 Power - ok
17:12:02.0055 0x1320 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:12:02.0204 0x1320 PrintNotify - ok
17:12:02.0243 0x1320 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\Windows\System32\drivers\processr.sys
17:12:02.0270 0x1320 Processor - ok
17:12:02.0303 0x1320 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\Windows\system32\profsvc.dll
17:12:02.0337 0x1320 ProfSvc - ok
17:12:02.0355 0x1320 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:12:02.0388 0x1320 Psched - ok
17:12:02.0424 0x1320 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\Windows\system32\qwave.dll
17:12:02.0457 0x1320 QWAVE - ok
17:12:02.0474 0x1320 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:12:02.0505 0x1320 QWAVEdrv - ok
17:12:02.0515 0x1320 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:12:02.0532 0x1320 RasAcd - ok
17:12:02.0552 0x1320 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\Windows\System32\rasauto.dll
17:12:02.0573 0x1320 RasAuto - ok
17:12:02.0607 0x1320 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\Windows\System32\rasmans.dll
17:12:02.0661 0x1320 RasMan - ok
17:12:02.0689 0x1320 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:12:02.0722 0x1320 RasPppoe - ok
17:12:02.0751 0x1320 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:12:02.0817 0x1320 rdbss - ok
17:12:02.0837 0x1320 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
17:12:02.0873 0x1320 rdpbus - ok
17:12:02.0891 0x1320 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:12:02.0924 0x1320 RDPDR - ok
17:12:02.0979 0x1320 [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:12:02.0992 0x1320 RdpVideoMiniport - ok
17:12:03.0016 0x1320 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:12:03.0037 0x1320 rdyboost - ok
17:12:03.0102 0x1320 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\Windows\system32\drivers\ReFS.sys
17:12:03.0150 0x1320 ReFS - ok
17:12:03.0190 0x1320 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:12:03.0224 0x1320 RemoteAccess - ok
17:12:03.0252 0x1320 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:12:03.0283 0x1320 RemoteRegistry - ok
17:12:03.0332 0x1320 [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
17:12:03.0358 0x1320 RFCOMM - ok
17:12:03.0376 0x1320 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:12:03.0396 0x1320 RpcEptMapper - ok
17:12:03.0432 0x1320 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\Windows\system32\locator.exe
17:12:03.0454 0x1320 RpcLocator - ok
17:12:03.0499 0x1320 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\Windows\system32\rpcss.dll
17:12:03.0538 0x1320 RpcSs - ok
17:12:03.0581 0x1320 [ 6A940599A059C6C9D6E54D7A3EF356B8, 3C3B7706197CD4A43369C639BB8F4A101EC0B159ABADA91373824B06615D4411 ] RSP2STOR C:\Windows\system32\DRIVERS\RtsP2Stor.sys
17:12:03.0599 0x1320 RSP2STOR - ok
17:12:03.0614 0x1320 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:12:03.0633 0x1320 rspndr - ok
17:12:03.0694 0x1320 [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
17:12:03.0710 0x1320 RtkAudioService - ok
17:12:03.0752 0x1320 [ E0B9475F9696E502C530FFB3EE5686B3, C36D3AFEBF10F5D3C6D413005843385A0ECECB44133B68B22DE6AAF7A2C8EEBD ] RtkBtFilter C:\Windows\system32\DRIVERS\RtkBtfilter.sys
17:12:03.0779 0x1320 RtkBtFilter - ok
17:12:03.0829 0x1320 [ 7CC0D898D00675F14BA0C4BF056C1CF4, E9203DD2A201AEF206C1A4177FD564DDFC8E7468DC268BD99389626A2C6593D3 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys
17:12:03.0864 0x1320 RTL8168 - ok
17:12:04.0001 0x1320 [ 38D6D0577D7F31573886EA130B142079, 45309E70EFD467B996DA2FDBB50533E3014A7ECA992A7A6B0D39B9EA657E945F ] RTWlanE C:\Windows\system32\DRIVERS\rtwlane.sys
17:12:04.0115 0x1320 RTWlanE - ok
17:12:04.0146 0x1320 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
17:12:04.0171 0x1320 s3cap - ok
17:12:04.0194 0x1320 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\Windows\system32\lsass.exe
17:12:04.0209 0x1320 SamSs - ok
17:12:04.0228 0x1320 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:12:04.0245 0x1320 sbp2port - ok
17:12:04.0280 0x1320 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:12:04.0318 0x1320 SCardSvr - ok
17:12:04.0337 0x1320 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
17:12:04.0370 0x1320 ScDeviceEnum - ok
17:12:04.0386 0x1320 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:12:04.0406 0x1320 scfilter - ok
17:12:04.0472 0x1320 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\Windows\system32\schedsvc.dll
17:12:04.0549 0x1320 Schedule - ok
17:12:04.0589 0x1320 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:12:04.0611 0x1320 SCPolicySvc - ok
17:12:04.0642 0x1320 [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus C:\Windows\System32\drivers\sdbus.sys
17:12:04.0664 0x1320 sdbus - ok
17:12:04.0702 0x1320 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys
17:12:04.0718 0x1320 sdstor - ok
17:12:04.0735 0x1320 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:12:04.0756 0x1320 secdrv - ok
17:12:04.0777 0x1320 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\Windows\system32\seclogon.dll
17:12:04.0799 0x1320 seclogon - ok
17:12:04.0821 0x1320 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\Windows\System32\sens.dll
17:12:04.0851 0x1320 SENS - ok
17:12:04.0873 0x1320 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:12:04.0918 0x1320 SensrSvc - ok
17:12:04.0945 0x1320 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys
17:12:04.0959 0x1320 SerCx - ok
17:12:04.0970 0x1320 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
17:12:04.0988 0x1320 SerCx2 - ok
17:12:04.0996 0x1320 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\Windows\System32\drivers\serenum.sys
17:12:05.0014 0x1320 Serenum - ok
17:12:05.0031 0x1320 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\Windows\System32\drivers\serial.sys
17:12:05.0056 0x1320 Serial - ok
17:12:05.0067 0x1320 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\Windows\System32\drivers\sermouse.sys
17:12:05.0081 0x1320 sermouse - ok
17:12:05.0136 0x1320 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\Windows\system32\sessenv.dll
17:12:05.0172 0x1320 SessionEnv - ok
17:12:05.0180 0x1320 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
17:12:05.0196 0x1320 sfloppy - ok
17:12:05.0237 0x1320 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:12:05.0278 0x1320 SharedAccess - ok
17:12:05.0350 0x1320 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:12:05.0410 0x1320 ShellHWDetection - ok
17:12:05.0427 0x1320 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
17:12:05.0487 0x1320 SiSRaid2 - ok
17:12:05.0518 0x1320 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:12:05.0563 0x1320 SiSRaid4 - ok
17:12:05.0620 0x1320 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:12:05.0642 0x1320 SkypeUpdate - ok
17:12:05.0672 0x1320 [ 32B3FB238A26267D358D7159B9171505, 692470C2F8B77A5342A72DA7E384DA762DBEEEFAC25301242E23C20427DB7440 ] SmbDrv C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys
17:12:05.0683 0x1320 SmbDrv - ok
17:12:05.0696 0x1320 [ B71EF473D8B90A2C4DC76B03E382DEE6, 1224488EB9C23FAB78252A09ED2A986F5A8263EB6F236B33A54DB777426BF636 ] SmbDrvI C:\Windows\System32\drivers\Smb_driver_Intel.sys
17:12:05.0705 0x1320 SmbDrvI - ok
17:12:05.0720 0x1320 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\Windows\System32\smphost.dll
17:12:05.0770 0x1320 smphost - ok
17:12:05.0792 0x1320 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:12:05.0826 0x1320 SNMPTRAP - ok
17:12:05.0875 0x1320 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\Windows\system32\drivers\spaceport.sys
17:12:05.0905 0x1320 spaceport - ok
17:12:05.0919 0x1320 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
17:12:05.0935 0x1320 SpbCx - ok
17:12:05.0975 0x1320 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\Windows\System32\spoolsv.exe
17:12:06.0036 0x1320 Spooler - ok
17:12:06.0272 0x1320 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\Windows\system32\sppsvc.exe
17:12:06.0587 0x1320 sppsvc - ok
17:12:06.0647 0x1320 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:12:06.0694 0x1320 srv - ok
17:12:06.0730 0x1320 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:12:06.0774 0x1320 srv2 - ok
17:12:06.0818 0x1320 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:12:06.0846 0x1320 srvnet - ok
17:12:06.0874 0x1320 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:12:06.0900 0x1320 SSDPSRV - ok
17:12:06.0910 0x1320 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:12:06.0933 0x1320 SstpSvc - ok
17:12:06.0975 0x1320 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
17:12:07.0032 0x1320 ssudmdm - ok
17:12:07.0092 0x1320 [ CBEE56BA774ACACB74B9CCB40450220F, 091671C3868BB76DDE19E4A24BAB7D0F9DD11C6DD2D87EA7FF6CE1F276A8312B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:12:07.0128 0x1320 Steam Client Service - ok
17:12:07.0154 0x1320 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys
17:12:07.0169 0x1320 stexstor - ok
17:12:07.0221 0x1320 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\Windows\System32\wiaservc.dll
17:12:07.0299 0x1320 stisvc - ok
17:12:07.0335 0x1320 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys
17:12:07.0352 0x1320 storahci - ok
17:12:07.0369 0x1320 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
17:12:07.0399 0x1320 storflt - ok
17:12:07.0407 0x1320 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\Windows\system32\drivers\stornvme.sys
17:12:07.0422 0x1320 stornvme - ok
17:12:07.0461 0x1320 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\Windows\system32\storsvc.dll
17:12:07.0494 0x1320 StorSvc - ok
17:12:07.0515 0x1320 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys
17:12:07.0528 0x1320 storvsc - ok
17:12:07.0542 0x1320 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\Windows\system32\svsvc.dll
17:12:07.0576 0x1320 svsvc - ok
17:12:07.0590 0x1320 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\Windows\System32\drivers\swenum.sys
17:12:07.0603 0x1320 swenum - ok
17:12:07.0653 0x1320 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\Windows\System32\swprv.dll
17:12:07.0710 0x1320 swprv - ok
17:12:07.0752 0x1320 [ CDA92383EFB52846B7894280A559C330, 8ACE4212AD4ABD29B06950F8CABBDF1B4813A311FAE3C0A999E60E711FD236CC ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:12:07.0810 0x1320 SynTP - ok
17:12:07.0858 0x1320 [ EE9F01B61899A4576AC09EE7DD200A34, 6990E332CD11ABBB535535EC9079D87BBD4D0BE37119EBC5878A7320F2689F64 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
17:12:07.0873 0x1320 SynTPEnhService - ok
17:12:07.0933 0x1320 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\Windows\system32\sysmain.dll
17:12:08.0014 0x1320 SysMain - ok
17:12:08.0061 0x1320 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
17:12:08.0102 0x1320 SystemEventsBroker - ok
17:12:08.0135 0x1320 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
17:12:08.0156 0x1320 TabletInputService - ok
17:12:08.0178 0x1320 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:12:08.0222 0x1320 TapiSrv - ok
17:12:08.0339 0x1320 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:12:08.0446 0x1320 Tcpip - ok
17:12:08.0524 0x1320 [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:12:08.0626 0x1320 TCPIP6 - ok
17:12:08.0661 0x1320 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:12:08.0701 0x1320 tcpipreg - ok
17:12:08.0726 0x1320 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:12:08.0744 0x1320 tdx - ok
17:12:08.0767 0x1320 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys
17:12:08.0781 0x1320 terminpt - ok
17:12:08.0843 0x1320 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\Windows\System32\termsrv.dll
17:12:08.0915 0x1320 TermService - ok
17:12:08.0935 0x1320 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\Windows\system32\themeservice.dll
17:12:08.0971 0x1320 Themes - ok
17:12:08.0992 0x1320 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\Windows\system32\mmcss.dll
17:12:09.0008 0x1320 THREADORDER - ok
17:12:09.0031 0x1320 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
17:12:09.0068 0x1320 TimeBroker - ok
17:12:09.0104 0x1320 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\Windows\system32\drivers\tpm.sys
17:12:09.0124 0x1320 TPM - ok
17:12:09.0135 0x1320 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\Windows\System32\trkwks.dll
17:12:09.0156 0x1320 TrkWks - ok
17:12:09.0203 0x1320 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:12:09.0263 0x1320 TrustedInstaller - ok
17:12:09.0280 0x1320 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
17:12:09.0321 0x1320 TsUsbFlt - ok
17:12:09.0329 0x1320 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
17:12:09.0356 0x1320 TsUsbGD - ok
17:12:09.0386 0x1320 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:12:09.0410 0x1320 tunnel - ok
17:12:09.0419 0x1320 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:12:09.0435 0x1320 uagp35 - ok
17:12:09.0454 0x1320 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
17:12:09.0471 0x1320 UASPStor - ok
17:12:09.0492 0x1320 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
17:12:09.0515 0x1320 UCX01000 - ok
17:12:09.0538 0x1320 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:12:09.0579 0x1320 udfs - ok
17:12:09.0596 0x1320 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\Windows\System32\drivers\UEFI.sys
17:12:09.0610 0x1320 UEFI - ok
17:12:09.0646 0x1320 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:12:09.0681 0x1320 UI0Detect - ok
17:12:09.0715 0x1320 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:12:09.0750 0x1320 uliagpkx - ok
17:12:09.0774 0x1320 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys
17:12:09.0799 0x1320 umbus - ok
17:12:09.0805 0x1320 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys
17:12:09.0828 0x1320 UmPass - ok
17:12:09.0865 0x1320 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\Windows\System32\umrdp.dll
17:12:09.0897 0x1320 UmRdpService - ok
17:12:09.0923 0x1320 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\Windows\System32\upnphost.dll
17:12:09.0971 0x1320 upnphost - ok
17:12:10.0007 0x1320 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
17:12:10.0025 0x1320 usbccgp - ok
17:12:10.0060 0x1320 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\Windows\System32\drivers\usbcir.sys
17:12:10.0089 0x1320 usbcir - ok
17:12:10.0119 0x1320 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\Windows\System32\drivers\usbehci.sys
17:12:10.0134 0x1320 usbehci - ok
17:12:10.0168 0x1320 [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
17:12:10.0178 0x1320 usbfilter - ok
17:12:10.0226 0x1320 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\Windows\System32\drivers\usbhub.sys
17:12:10.0256 0x1320 usbhub - ok
17:12:10.0292 0x1320 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
17:12:10.0325 0x1320 USBHUB3 - ok
17:12:10.0373 0x1320 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\Windows\System32\drivers\usbohci.sys
17:12:10.0428 0x1320 usbohci - ok
17:12:10.0451 0x1320 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys
17:12:10.0494 0x1320 usbprint - ok
17:12:10.0523 0x1320 [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:12:10.0550 0x1320 usbscan - ok
17:12:10.0590 0x1320 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
17:12:10.0609 0x1320 USBSTOR - ok
17:12:10.0648 0x1320 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
17:12:10.0670 0x1320 usbuhci - ok
17:12:10.0703 0x1320 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
17:12:10.0727 0x1320 usbvideo - ok
17:12:10.0745 0x1320 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
17:12:10.0771 0x1320 USBXHCI - ok
17:12:10.0784 0x1320 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\Windows\system32\lsass.exe
17:12:10.0799 0x1320 VaultSvc - ok
17:12:10.0806 0x1320 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
17:12:10.0820 0x1320 vdrvroot - ok
17:12:10.0876 0x1320 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\Windows\System32\vds.exe
17:12:10.0941 0x1320 vds - ok
17:12:10.0961 0x1320 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
17:12:10.0981 0x1320 VerifierExt - ok
17:12:11.0012 0x1320 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
17:12:11.0049 0x1320 vhdmp - ok
17:12:11.0086 0x1320 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys
17:12:11.0099 0x1320 viaide - ok
17:12:11.0108 0x1320 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\Windows\system32\drivers\vmbus.sys
17:12:11.0124 0x1320 vmbus - ok
17:12:11.0130 0x1320 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
17:12:11.0160 0x1320 VMBusHID - ok
17:12:11.0206 0x1320 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
17:12:11.0237 0x1320 vmicguestinterface - ok
17:12:11.0256 0x1320 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
17:12:11.0287 0x1320 vmicheartbeat - ok
17:12:11.0307 0x1320 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
17:12:11.0337 0x1320 vmickvpexchange - ok
17:12:11.0356 0x1320 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\Windows\System32\ICSvc.dll
17:12:11.0386 0x1320 vmicrdv - ok
17:12:11.0404 0x1320 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\Windows\System32\ICSvc.dll
17:12:11.0435 0x1320 vmicshutdown - ok
17:12:11.0453 0x1320 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\Windows\System32\ICSvc.dll
17:12:11.0484 0x1320 vmictimesync - ok
17:12:11.0502 0x1320 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\Windows\System32\ICSvc.dll
17:12:11.0533 0x1320 vmicvss - ok
17:12:11.0549 0x1320 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:12:11.0567 0x1320 volmgr - ok
17:12:11.0596 0x1320 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:12:11.0623 0x1320 volmgrx - ok
17:12:11.0661 0x1320 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:12:11.0688 0x1320 volsnap - ok
17:12:11.0705 0x1320 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\Windows\System32\drivers\vpci.sys
17:12:11.0750 0x1320 vpci - ok
17:12:11.0768 0x1320 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:12:11.0786 0x1320 vsmraid - ok
17:12:11.0867 0x1320 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\Windows\system32\vssvc.exe
17:12:11.0937 0x1320 VSS - ok
17:12:11.0975 0x1320 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
17:12:11.0999 0x1320 VSTXRAID - ok
17:12:12.0027 0x1320 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
17:12:12.0075 0x1320 vwifibus - ok
17:12:12.0107 0x1320 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:12:12.0170 0x1320 vwififlt - ok
17:12:12.0190 0x1320 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
17:12:12.0205 0x1320 vwifimp - ok
17:12:12.0237 0x1320 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\Windows\system32\w32time.dll
17:12:12.0270 0x1320 W32Time - ok
17:12:12.0317 0x1320 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\Windows\system32\inetsrv\w3logsvc.dll
17:12:12.0344 0x1320 w3logsvc - ok
17:12:12.0360 0x1320 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys
17:12:12.0375 0x1320 WacomPen - ok
17:12:12.0408 0x1320 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll
17:12:12.0450 0x1320 WAS - ok
17:12:12.0528 0x1320 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\Windows\system32\wbengine.exe
17:12:12.0605 0x1320 wbengine - ok
17:12:12.0641 0x1320 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:12:12.0720 0x1320 WbioSrvc - ok
17:12:12.0753 0x1320 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
17:12:12.0784 0x1320 Wcmsvc - ok
17:12:12.0823 0x1320 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:12:12.0868 0x1320 wcncsvc - ok
17:12:12.0882 0x1320 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:12:12.0924 0x1320 WcsPlugInService - ok
17:12:12.0960 0x1320 [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
17:12:12.0974 0x1320 WdBoot - ok
17:12:13.0034 0x1320 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:12:13.0073 0x1320 Wdf01000 - ok
17:12:13.0096 0x1320 [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
17:12:13.0121 0x1320 WdFilter - ok
17:12:13.0141 0x1320 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:12:13.0176 0x1320 WdiServiceHost - ok
17:12:13.0195 0x1320 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:12:13.0220 0x1320 WdiSystemHost - ok
17:12:13.0253 0x1320 [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
17:12:13.0271 0x1320 WdNisDrv - ok
17:12:13.0296 0x1320 WdNisSvc - ok
17:12:13.0331 0x1320 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\Windows\System32\webclnt.dll
17:12:13.0361 0x1320 WebClient - ok
17:12:13.0397 0x1320 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\Windows\system32\wecsvc.dll
17:12:13.0430 0x1320 Wecsvc - ok
17:12:13.0452 0x1320 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
17:12:13.0474 0x1320 WEPHOSTSVC - ok
17:12:13.0496 0x1320 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:12:13.0554 0x1320 wercplsupport - ok
17:12:13.0588 0x1320 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\Windows\System32\WerSvc.dll
17:12:13.0623 0x1320 WerSvc - ok
17:12:13.0646 0x1320 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
17:12:13.0664 0x1320 WFPLWFS - ok
17:12:13.0683 0x1320 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\Windows\System32\wiarpc.dll
17:12:13.0714 0x1320 WiaRpc - ok
17:12:13.0744 0x1320 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:12:13.0758 0x1320 WIMMount - ok
17:12:13.0762 0x1320 WinDefend - ok
17:12:13.0827 0x1320 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
17:12:13.0876 0x1320 WinHttpAutoProxySvc - ok
17:12:13.0928 0x1320 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:12:13.0952 0x1320 Winmgmt - ok
17:12:14.0071 0x1320 [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM C:\Windows\system32\WsmSvc.dll
17:12:14.0185 0x1320 WinRM - ok
17:12:14.0245 0x1320 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
17:12:14.0266 0x1320 WinUsb - ok
17:12:14.0289 0x1320 [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
17:12:14.0299 0x1320 WirelessButtonDriver - ok
17:12:14.0376 0x1320 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\Windows\System32\wlansvc.dll
17:12:14.0440 0x1320 WlanSvc - ok
17:12:14.0515 0x1320 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\Windows\system32\wlidsvc.dll
17:12:14.0577 0x1320 wlidsvc - ok
17:12:14.0604 0x1320 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
17:12:14.0625 0x1320 WmiAcpi - ok
17:12:14.0665 0x1320 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:12:14.0698 0x1320 wmiApSrv - ok
17:12:14.0719 0x1320 WMPNetworkSvc - ok
17:12:14.0747 0x1320 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys
17:12:14.0765 0x1320 Wof - ok
17:12:14.0854 0x1320 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
17:12:14.0929 0x1320 workfolderssvc - ok
17:12:14.0971 0x1320 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
17:12:14.0986 0x1320 wpcfltr - ok
17:12:15.0004 0x1320 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:12:15.0045 0x1320 WPCSvc - ok
17:12:15.0077 0x1320 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:12:15.0129 0x1320 WPDBusEnum - ok
17:12:15.0149 0x1320 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
17:12:15.0164 0x1320 WpdUpFltr - ok
17:12:15.0185 0x1320 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:12:15.0202 0x1320 ws2ifsl - ok
17:12:15.0229 0x1320 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\Windows\System32\wscsvc.dll
17:12:15.0280 0x1320 wscsvc - ok
17:12:15.0287 0x1320 WSearch - ok
17:12:15.0440 0x1320 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\Windows\System32\WSService.dll
17:12:15.0589 0x1320 WSService - ok
17:12:15.0756 0x1320 [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv C:\Windows\system32\wuaueng.dll
17:12:15.0902 0x1320 wuauserv - ok
17:12:15.0942 0x1320 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:12:15.0966 0x1320 WudfPf - ok
17:12:15.0989 0x1320 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
17:12:16.0018 0x1320 WUDFRd - ok
17:12:16.0032 0x1320 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:16.0050 0x1320 WUDFSensorLP - ok
17:12:16.0071 0x1320 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:12:16.0103 0x1320 wudfsvc - ok
17:12:16.0116 0x1320 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:16.0135 0x1320 WUDFWpdFs - ok
17:12:16.0145 0x1320 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:16.0165 0x1320 WUDFWpdMtp - ok
17:12:16.0208 0x1320 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\Windows\System32\wwansvc.dll
17:12:16.0257 0x1320 WwanSvc - ok
17:12:16.0277 0x1320 ================ Scan global ===============================
17:12:16.0324 0x1320 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
17:12:16.0359 0x1320 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
17:12:16.0390 0x1320 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
17:12:16.0433 0x1320 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
17:12:16.0445 0x1320 [ Global ] - ok
17:12:16.0446 0x1320 ================ Scan MBR ==================================
17:12:16.0461 0x1320 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:12:16.0529 0x1320 \Device\Harddisk0\DR0 - ok
17:12:16.0529 0x1320 ================ Scan VBR ==================================
17:12:16.0559 0x1320 [ E59F3C308AE24486B4C866AC3F32289F ] \Device\Harddisk0\DR0\Partition1
17:12:16.0620 0x1320 \Device\Harddisk0\DR0\Partition1 - ok
17:12:16.0635 0x1320 [ D01C23EFB4D4D71D7752BECAD848E919 ] \Device\Harddisk0\DR0\Partition2
17:12:16.0688 0x1320 \Device\Harddisk0\DR0\Partition2 - ok
17:12:16.0705 0x1320 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:12:16.0705 0x1320 \Device\Harddisk0\DR0\Partition3 - ok
17:12:16.0717 0x1320 [ B5035D7C94789A8C3D5F6DF8DC09D77A ] \Device\Harddisk0\DR0\Partition4
17:12:16.0775 0x1320 \Device\Harddisk0\DR0\Partition4 - ok
17:12:16.0799 0x1320 [ 813A5B5623EA381FA8E922520CB2ABE6 ] \Device\Harddisk0\DR0\Partition5
17:12:16.0808 0x1320 \Device\Harddisk0\DR0\Partition5 - ok
17:12:16.0810 0x1320 ================ Scan generic autorun ======================
17:12:17.0099 0x1320 [ 074B2C777090821E020B404AF5BF97AD, 26DF9B3A153B2BCB6ED4DBB66CC9429790854095439119A618B05ECEBFB31F12 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:12:17.0323 0x1320 RTHDVCPL - ok
17:12:17.0542 0x1320 [ C816DCF1FC09408479911B4474AF7934, 95ECBE44BDBD12273D9DF525F547474332A5DFA6513E251E94817E778F03D4B6 ] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
17:12:17.0661 0x1320 SimplePass - ok
17:12:17.0705 0x1320 [ CDC545E900FF17A62BD245ED2321F2B1, C0FD9C56E19C871ED596F404D835FC58C387D6AC0BEEFF0B1628CD25CAB7A260 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
17:12:17.0726 0x1320 OPBHOBroker - ok
17:12:17.0744 0x1320 [ A4CDDC0981126AC07600668C8F6CF993, D99D10A54FE555076A3B9BDD74C0C7DE3C79140C770BA7F61AEA3213DFE8D9BC ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
17:12:17.0765 0x1320 OPBHOBrokerDesktop - ok
17:12:17.0766 0x1320 SynTPEnh - ok
17:12:17.0812 0x1320 [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
17:12:17.0842 0x1320 Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
17:12:17.0842 0x1320 Classic Start Menu ( UnsignedFile.Multi.Generic ) - warning
17:12:17.0900 0x1320 [ 223A96BAC91792E1A954BFEB49FBE02C, 56582B1E48EB9AAE8C3AA0BCFB3B8DCBBA6AE26138BBE801DA2404A527DF5636 ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
17:12:17.0909 0x1320 LogMeIn GUI - ok
17:12:18.0382 0x1320 [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:12:18.0742 0x1320 Launch LCore - ok
17:12:18.0882 0x1320 [ 1E41BAC800ABEF1DA2C42EB843D0077D, FBD05FF7442E4880183E736E1D000011FD791EDDED796AC8234CF4D4A6905636 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:12:18.0913 0x1320 StartCCC - ok
17:12:18.0975 0x1320 [ 396A498982C926020B0D4429806FAD1E, 8BF3BB687E43DBC3AF8B2E7F1BBE429AD007E11C9C8E8A82B9ABC809A7DBE28F ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
17:12:18.0987 0x1320 AccelerometerSysTrayApplet - ok
17:12:19.0028 0x1320 [ 5190AEE2BF02180D8D0D661E90E712ED, E1B9C70A0E2F92C461CC409E14D9DCEAF3528E80A7743465810D4610A8F884C9 ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
17:12:19.0051 0x1320 HPMessageService - ok
17:12:19.0129 0x1320 [ 8913FE8D1CE9834A2422AC57F91DF782, DD4D04F839DCB2918166219D9793AC392AF0B8DB35C63154FE046E99B8E06406 ] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
17:12:19.0146 0x1320 StatusAlerts - ok
17:12:19.0223 0x1320 [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:12:19.0252 0x1320 avgnt - ok
17:12:19.0448 0x1320 [ F4A755E3A99F4F2324FC2138D30F01B4, EFA955082404977B13754E0DA9CAFF304CA9B87C8B0F2C7166A55ECDF1482DB4 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
17:12:19.0606 0x1320 LogMeIn Hamachi Ui - ok
17:12:19.0641 0x1320 [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
17:12:19.0654 0x1320 Avira Systray - ok
17:12:19.0686 0x1320 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
17:12:19.0715 0x1320 Pokki - ok
17:12:19.0724 0x1320 [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
17:12:19.0751 0x1320 Pokki - ok
17:12:19.0772 0x1320 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x40000 ( disabled : updated )
17:12:19.0773 0x1320 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
17:12:19.0777 0x1320 Win FW state via NFP2: enabled
17:12:19.0777 0x1320 ============================================================
17:12:19.0777 0x1320 Scan finished
17:12:19.0777 0x1320 ============================================================
17:12:19.0790 0x11c4 Detected object count: 6
17:12:19.0791 0x11c4 Actual detected object count: 6
17:14:01.0494 0x11c4 BTDevManager ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0494 0x11c4 BTDevManager ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:14:01.0495 0x11c4 HP DS Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0495 0x11c4 HP DS Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:14:01.0497 0x11c4 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0497 0x11c4 HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:14:01.0499 0x11c4 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0499 0x11c4 HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:14:01.0501 0x11c4 omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0501 0x11c4 omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:14:01.0503 0x11c4 Classic Start Menu ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0503 0x11c4 Classic Start Menu ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:14:45.0216 0x0b38 Deinitialize success
|
|
14.05.2015, 21:02
| #5 |
| /// the machine /// TB-Ausbilder | audiodg.exe - Virus? Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.05.2015, 22:30
| #6 |
| | audiodg.exe - Virus? ADW Cleaner: Code:
ATTFilter # AdwCleaner v4.204 - Bericht erstellt 14/05/2015 um 23:14:33
# Aktualisiert 12/05/2015 von Xplode
# Datenbank : 2015-05-12.2 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : MeinAdmin - BAERENFROSCH
# Gestarted von : C:\Users\Leo\Desktop\AdwCleaner_4.204.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Users\Mama\AppData\Local\pokki
Ordner Gelöscht : C:\Users\peter\AppData\Local\pokki
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17416
-\\ Google Chrome v42.0.2311.152
*************************
AdwCleaner[R0].txt - [818 Bytes] - [21/03/2015 17:51:01]
AdwCleaner[R1].txt - [876 Bytes] - [21/03/2015 18:11:21]
AdwCleaner[R2].txt - [942 Bytes] - [21/03/2015 18:31:49]
AdwCleaner[R3].txt - [1000 Bytes] - [21/03/2015 18:37:11]
AdwCleaner[R4].txt - [1484 Bytes] - [22/03/2015 15:20:26]
AdwCleaner[R5].txt - [1344 Bytes] - [14/05/2015 23:12:57]
AdwCleaner[S0].txt - [936 Bytes] - [21/03/2015 18:19:12]
AdwCleaner[S1].txt - [1061 Bytes] - [21/03/2015 18:42:39]
AdwCleaner[S2].txt - [1545 Bytes] - [22/03/2015 15:34:24]
AdwCleaner[S3].txt - [1266 Bytes] - [14/05/2015 23:14:33]
########## EOF - \AdwCleaner\AdwCleaner[S3].txt - [1325 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.1 (05.14.2015:1)
OS: Windows 8.1 x64
Ran by MeinAdmin on 14.05.2015 at 23:26:00,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1725350855-1927001909-1276192757-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2881027173-1356110710-2079407161-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1002
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1006
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1008
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-979327490-4025052932-4217923707-500
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.05.2015 at 23:28:24,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
15.05.2015, 18:52
| #7 |
| /// the machine /// TB-Ausbilder | audiodg.exe - Virus?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.05.2015, 22:06
| #8 |
| | audiodg.exe - Virus? ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4da2362f5529fa4cab3f13d837903bec
# engine=23882
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-16 08:55:08
# local_time=2015-05-16 10:55:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15836209 56691001 0 0
# scanned=351654
# found=0
# cleaned=0
# scan_time=7926
Code:
ATTFilter Results of screen317's Security Check version 1.001
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Windows Defender
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java version 32-bit out of Date!
Adobe Flash Player 17.0.0.188
Mozilla Firefox (37.0.2)
Google Chrome (42.0.2311.135)
Google Chrome (42.0.2311.152)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by MeinAdmin at 2015-05-16 23:04:23
Running from C:\Users\Leo\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Admin (S-1-5-21-514103404-2733609734-414756415-1002 - Administrator - Enabled) => C:\Users\peter
Administrator (S-1-5-21-514103404-2733609734-414756415-500 - Administrator - Disabled)
Gast (S-1-5-21-514103404-2733609734-414756415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514103404-2733609734-414756415-1009 - Limited - Enabled)
Leo (S-1-5-21-514103404-2733609734-414756415-1006 - Limited - Enabled) => C:\Users\Leo
Mama (S-1-5-21-514103404-2733609734-414756415-1005 - Administrator - Enabled)
MeinAdmin (S-1-5-21-514103404-2733609734-414756415-1008 - Administrator - Enabled) => C:\Users\MeinAdmin
Robert (S-1-5-21-514103404-2733609734-414756415-1007 - Administrator - Enabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version: - RED DUCK Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{0B448829-3672-18EA-4117-C1240D4CF140}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3906 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Notes de-DE (HKLM-x32\...\{C438C1D0-A46C-4BFA-AF07-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Hours of Titanfall (HKLM-x32\...\Steam App 292060) (Version: - Geoff Keighley)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GeoGebra 5 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\GeoGebra 5) (Version: 5.0.67.0 - International GeoGebra Institute)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version: - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HIT (HKLM-x32\...\Steam App 336670) (Version: - Shifty Chair Games)
Hitman: Contracts (HKLM-x32\...\Steam App 247430) (Version: - IO Interactive)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Color LaserJet Pro MFP M176 (HKLM-x32\...\{7ef5f914-a8e1-4f35-8b91-5f5a3ea16c55}) (Version: 8.0.13192.913 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM176DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM176LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM176 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.3.2.2 (HKLM-x32\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{F93EE340-3735-4032-8B74-0A3E489017A0}) (Version: 4.1.4670 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
Paintball2 Alpha build 40 (HKLM-x32\...\Paintball2) (Version: Alpha build 40 - Digital Paint)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Pokki) (Version: 0.269.7.574 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.8 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version: - Nicalis, Inc.)
Toribash (HKLM-x32\...\Steam App 248570) (Version: - Nabi Studios)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
27-04-2015 13:57:36 Geplanter Prüfpunkt
05-05-2015 19:56:03 Geplanter Prüfpunkt
14-05-2015 14:56:07 Malwarebytes Anti-Rootkit Restore Point
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {316007E6-D02E-481B-80AE-AAF221232C23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {4DEC0FF5-02D7-4A5D-A92F-C760D3A73FEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {65FBCC2B-DA0F-4EF7-9565-308A73C8CBEA} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005 No Task File <==== ATTENTION
Task: {6657947E-2D48-4AE1-BF4E-CF4D6105712B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {8756A64C-A489-4B77-9DA1-402404CC1DD2} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1008 No Task File <==== ATTENTION
Task: {B284AD28-073B-4655-94C7-C0C257C067AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {B84A40CB-13A5-40E8-8476-DE10AB0D9D27} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {D3045CA2-FE90-4C31-B9DB-7B062034F6B9} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-500 No Task File <==== ATTENTION
Task: {D3CCAA93-6012-4DC7-8DD8-61855EC97C88} - System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/abandoninstall?page=tsProgressBar
Task: {DD3A2C72-2298-436B-848C-94FA11EE34ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {E0405F4E-B265-486A-94EE-48320F5A7984} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1002 No Task File <==== ATTENTION
Task: {E8BC3766-ADA2-4E7D-BC00-7201889A3FE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EF9A97A4-4FCB-4D9F-9B50-B63DAF391E2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {F32F1211-375B-484F-8FE8-D44401E98193} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-03-01 18:38 - 2014-03-01 18:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-04-06 22:38 - 2014-04-06 22:38 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-10 21:21 - 2014-03-05 18:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-03-01 18:41 - 2014-03-01 18:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\fl_core.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_asr.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_base.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_pron.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_platform.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\sdxg.dll
2014-06-10 21:46 - 2013-02-01 11:15 - 00027136 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\WASAPIResamplingStreamCOMServer.dll
2015-04-06 18:37 - 2015-03-16 10:59 - 00023496 _____ () C:\Users\Leo\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\peter\OneDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, the associated entry will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\sony.com -> sony.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.178.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{534EAE76-5BD5-4C7F-92A2-CF7BCD016932}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B8F5F911-67A9-499F-930D-2C04450BEE01}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F43B38F-58AD-45A3-BB95-ACEF24BD7F10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0EF8A23A-6CD0-47F1-811F-FCB12B5158DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2027DDBC-8D98-4416-82CA-5BA362FB91F9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{AEDD7A15-184A-47B8-AE85-01C85E89A19E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{300161F6-4599-49E6-867E-FA5F87FA4A15}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F73BD28F-DE8B-407A-B685-9410EF5E304A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F5A63762-0D2A-40EE-8DF5-DDD7C2220ED6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{3D08EED6-E6B8-4516-B6AA-DDC431911A64}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F3F10151-8FA3-4127-BCDF-16E83B19A176}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{42AE9A0D-04AE-4AF6-83D5-84AEBBBC3DF2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3239697B-80F4-4047-AAA0-AF431D6F1A8D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BB78B2B8-B7F5-49BF-99BB-AFA56D744B82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5EEF03FE-3D0F-4C6C-A008-E1D850923B6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BC94677-9600-4ECB-AC94-F1EB5E326F7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{80ED146F-F349-4B24-8BA7-FE231D5533E4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CB74F533-638D-49C4-81B3-73D94B16E39E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{8A0C432F-0477-4A51-8F15-8CA5A2457D18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{C30E76F1-A545-4017-8629-FEBA58680BD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A8A82F7B-7232-4E8E-8A16-0FE738363E2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B529881D-9A12-49A9-832B-F76932049145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{95E50C90-5652-4602-B3B4-E44E2C38800D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{67BC7081-9238-4C08-9DB4-97D4CDB3B95A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{EFA5C98D-50A1-48EA-A3EE-60FB61771471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{FFB45D2E-CA82-4940-ADF6-9A290167E293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{65DC87C8-56B6-41F0-9F25-B1C2885C669A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{26476AE8-5B9A-47C2-BEBA-B12ED08B37ED}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{6E0137E5-4DA1-4AD9-95FE-B64C94FF40BF}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{53D139FB-CBB7-4DF2-933A-8CF9F2F0102F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{10C3AA12-62C8-411E-9D84-770DA4CE9B82}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BD59F42F-4452-4D6E-BE89-A0DFAC4BAA5B}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{AF0F5FFF-7703-4BBA-BE93-5AD784E8D25D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{2D838EE3-8C8E-4750-8F85-1C57411D4D87}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{2EB8CBBE-7691-4AA8-838B-4AF9CAFE8966}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{6E22E814-9FAD-4222-872D-F85DEC1CACE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9777A85D-795E-4613-92FD-91458A068297}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9115C681-FFBB-422D-8AFC-8020F5E4DC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{D9F1C8C8-E9EC-4A2F-A26E-3081F55B1E5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{B143437E-45BC-4953-AFA2-2F9D8EA6863D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E73E896C-BDAA-479B-B4F4-F5FEC79C8563}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{2F814522-A797-4090-B4F8-815A75FE6439}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CC481BB3-3A1B-4AE4-BE30-E028FB09A3EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AB41F4F6-C6C1-425E-8D07-8DA1A1926C2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{A1510135-637C-491A-A874-B4C30BA7E9C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{49C50CDE-9068-43C7-9B8F-D0F614BDA5EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{76700D58-87E8-4E43-B368-9648DE627B9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{23651672-6196-46B3-B0DA-4461B6B65B1F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D3669514-03FE-401F-85A4-28AD41525A58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{802C2036-075F-4EF8-A3CB-F210CCD239F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2FEB3C83-84E2-4C44-94BD-3EBBBA4A3366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2DB46667-8550-4783-825A-BD44B7C6717D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{B4685F03-ABF5-4743-A43A-396664AE607D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{411F0DEF-B8C9-430A-97E4-A03261456C5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{55354E14-020D-4709-B53B-6207752C3752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{7C48D6EB-2424-432B-A4FD-F8B704EBD2DE}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{E64DE9C0-483E-4008-8D1B-159AE6F66073}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F380107C-89F8-4F7D-B5DF-6FB6E2F67AF2}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{ADA98FF6-6983-4F58-B4CD-ED692B13CDED}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{F9EE632C-0BDB-4D1F-82EE-0DD12263FDF4}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{D7518C62-9CCC-43BB-8C03-DC8009AC0367}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{6177F14D-325E-4428-B288-96FFB9E705EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{C1495705-DA12-453E-865C-8E36F234E2A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{B96B3B33-C234-413E-B10B-2698CD2F23F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{5406563B-E4E2-47F5-BAF4-B8787E44B574}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9A8C5A42-AE0C-4996-8B0D-8187B3936A3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{28349028-CF09-4AD5-BAAF-EA459F7A8C2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{B3333E87-2FBF-420C-BFAD-0FC53EADA025}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{76DC9CF0-CD25-4F82-B0CF-D104FA72D607}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\bin\EWSProxy.exe
FirewallRules: [{840B0353-9EB2-444C-A67C-5D86C32D3D77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{782E3D06-8A10-4DFA-9735-F0D8ED354141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{76318C2B-F4C9-432D-AB62-EC0E5142013B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{04F2A747-B5E6-4D44-8F79-49A54479EA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{781D1462-76E4-4AAE-AF77-8B0C378BAA68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{11493C8B-117C-40B5-8B29-582DE836E589}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{718043E5-F4FD-4585-B95C-215494BDA0BB}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{43DD6891-85C8-4456-B4BD-BD7E98E31D09}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A749BACB-ABC1-47A6-87CB-349878047E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [{83596A7B-A660-4FE0-9B48-D3B5EA138628}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [TCP Query User{62B1F110-543C-461A-B205-9748228351C2}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [UDP Query User{122630AD-62E9-4F13-B88C-28D3F474E66D}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [TCP Query User{E1C170C0-D3ED-429D-A4AE-A907AE1B4108}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{7120984A-0E64-430C-9D33-E3BE629729A4}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{B466B9CB-E64F-46EE-8401-C776695B1D30}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{7B258906-3465-4C3E-9AED-5C8A8C4AC136}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8CF91F74-6DAC-42C3-8B38-78237C9C3CAA}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{69309EDB-A33C-40B2-ADEF-231A106A8EF7}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{89BAF8BB-0CAF-4083-9313-237BCDB4FDE2}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{7B4D17E4-DB77-46C5-8C7C-6A0E0CB878D4}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{6D6AEBD2-0C3B-42A7-9B0B-F4D0686E2DDF}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{3B7A4431-4EA6-41DC-941D-EDAF205BB932}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{5CCD112E-0826-41AC-A96F-C97BE372F16B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{795534E5-E479-497B-97E9-349C696885E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{92B68362-3073-4FC2-8C78-D1C8A680A4B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{5C9E5335-C5A2-44DE-9F54-0F2EBE66C014}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{2164DE04-3D9C-4EEC-967C-524393BEE922}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{466E2B41-DCC0-4F96-9379-92A5E244425D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{01CB6B61-8B59-4C23-AEF4-50F5D0FE141A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{17283D23-0E99-46D3-BC0A-6FFA7B38B9A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{392D2C4C-3C12-48B8-BF5B-9D94C7C24FC4}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{67537A71-C1C9-46C4-9008-744818432D62}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7A657FF2-F19C-446B-915C-A561E8B1F99C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/16/2015 10:58:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (05/16/2015 08:39:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (05/16/2015 08:39:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (05/14/2015 11:08:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.75.80.38 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 318
Startzeit: 01d08e5a34d2aea4
Endzeit: 4294967295
Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe
Berichts-ID: 645f36e3-fa7d-11e4-82a8-6cc21761c6c8
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/14/2015 02:56:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-514103404-2733609734-414756415-1005.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {2a68f54a-c96f-4354-8be4-5498a9591516}
Error: (05/14/2015 02:15:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (05/14/2015 02:15:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.
System errors:
=============
Error: (05/16/2015 10:58:25 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/15/2015 00:26:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Error: (05/15/2015 00:26:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Error: (05/15/2015 00:26:10 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.
Modulpfad: C:\Windows\system32\Rtlihvs.dll
Error: (05/14/2015 11:55:11 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (05/14/2015 11:54:41 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (05/14/2015 11:26:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/14/2015 11:26:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (05/14/2015 11:26:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (05/14/2015 11:26:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office Sessions:
=========================
Error: (05/16/2015 10:58:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (05/16/2015 08:39:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe
Error: (05/16/2015 08:39:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe
Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe
Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe
Error: (05/14/2015 11:08:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.75.80.3831801d08e5a34d2aea44294967295C:\Program Files (x86)\Steam\Steam.exe645f36e3-fa7d-11e4-82a8-6cc21761c6c8
Error: (05/14/2015 02:56:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-514103404-2733609734-414756415-1005.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
Vorgang:
OnIdentify-Ereignis
Generatordaten werden gesammelt
Kontext:
Ausführungskontext: Shadow Copy Optimization Writer
Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
Generatorname: Shadow Copy Optimization Writer
Generatorinstanz-ID: {2a68f54a-c96f-4354-8be4-5498a9591516}
Error: (05/14/2015 02:15:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(1).exe
Error: (05/14/2015 02:15:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu.exe
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.
==================== Memory info ===========================
Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics
Percentage of memory in use: 21%
Total physical RAM: 11461.2 MB
Available physical RAM: 9013.27 MB
Total Pagefile: 13189.2 MB
Available Pagefile: 10062.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:909.38 GB) (Free:685.41 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.12 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6F653072)
Partition: GPT Partition Type.
==================== End Of Log ============================
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by MeinAdmin (administrator) on BAERENFROSCH on 16-05-2015 23:03:32
Running from C:\Users\Leo\Desktop
Loaded Profiles: Leo & MeinAdmin (Available profiles: Admin & Leo & MeinAdmin)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-10-31] (LogMeIn, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-514103404-2733609734-414756415-1008\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S3].txt [1403 2015-05-14] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1006 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1008 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-02] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-02] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-514103404-2733609734-414756415-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
Chrome:
=======
CHR Profile: C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (YouTube) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Google Search) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Avira Browser Safety) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]
CHR Extension: (Gmail) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-23] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
S3 celavimushost; C:\Program Files (x86)\Steam\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-04-14] (altPUG LLC)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-10-31] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-10-31] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-04-22] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-10-31] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-06] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-04-22] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 GENERICDRV; \??\C:\Users\ADMINI~1\AppData\Local\Temp\pftDAE8.tmp\amifldrv64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-16 23:03 - 2015-05-16 23:03 - 00018985 _____ () C:\Users\Leo\Desktop\FRST.txt
2015-05-16 23:01 - 2015-05-16 23:01 - 00852630 _____ () C:\Users\Leo\Desktop\SecurityCheck.exe
2015-05-16 20:43 - 2015-05-16 20:43 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1006
2015-05-16 20:39 - 2015-05-16 20:39 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-16 20:36 - 2015-05-16 20:37 - 02347384 _____ (ESET) C:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe
2015-05-14 23:28 - 2015-05-14 23:28 - 00001660 _____ () C:\Users\MeinAdmin\Desktop\JRT.txt
2015-05-14 23:26 - 2015-05-14 23:26 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BAERENFROSCH-Windows-8.1-(64-bit).dat
2015-05-14 23:26 - 2015-05-14 23:26 - 00000000 ____D () C:\RegBackup
2015-05-14 23:24 - 2015-05-14 23:24 - 02721175 _____ (Thisisu) C:\Users\Leo\Desktop\JRT.exe
2015-05-14 23:12 - 2015-05-14 23:12 - 02209792 _____ () C:\Users\Leo\Desktop\AdwCleaner_4.204.exe
2015-05-14 16:26 - 2015-05-14 16:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Leo\Desktop\tdsskiller.exe
2015-05-14 15:25 - 2015-05-14 16:20 - 00000000 ____D () C:\Users\Leo\Desktop\mbar
2015-05-14 14:58 - 2015-05-14 14:58 - 00000380 _____ () C:\Users\Leo\Desktop\zfzf.txt
2015-05-14 14:12 - 2015-05-14 16:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-14 14:11 - 2015-05-14 15:21 - 00000000 ____D () C:\Users\Leo\Downloads\mbar
2015-05-14 14:09 - 2015-05-14 14:10 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Leo\Downloads\mbar-1.09.1.1004(1).exe
2015-05-14 14:08 - 2015-05-14 14:09 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Leo\Desktop\mbar-1.09.1.1004.exe
2015-05-14 00:27 - 2015-05-14 00:27 - 00000504 _____ () C:\Users\Leo\Documents\Events.txt
2015-05-14 00:25 - 2015-05-16 23:03 - 00000000 ____D () C:\Users\Leo\Desktop\FRST-OlderVersion
2015-05-06 19:22 - 2015-05-06 19:22 - 00000875 _____ () C:\Users\Leo\AppData\Local\recently-used.xbel
2015-04-28 07:43 - 2015-04-28 07:43 - 01253126 _____ () C:\Users\Leo\Downloads\Homo neandertalensis(1).odp
2015-04-28 07:43 - 2015-04-28 07:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis(1).odp#
2015-04-28 07:42 - 2015-04-28 07:42 - 00003080 _____ () C:\Windows\System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0}
2015-04-27 15:43 - 2015-04-27 15:43 - 01203520 _____ () C:\Users\Leo\Downloads\Homo neandertalensis.odp
2015-04-27 15:43 - 2015-04-27 15:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis.odp#
2015-04-26 17:04 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Packages
2015-04-26 17:03 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP
2015-04-23 18:34 - 2015-04-23 18:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-05-16 23:03 - 2015-03-21 14:44 - 00000000 ____D () C:\FRST
2015-05-16 23:03 - 2015-03-21 14:42 - 02107392 _____ (Farbar) C:\Users\Leo\Desktop\FRST64.exe
2015-05-16 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-16 22:59 - 2014-10-01 20:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\ClassicShell
2015-05-16 22:45 - 2014-11-08 00:31 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 21:09 - 2014-10-01 19:18 - 01677404 _____ () C:\Windows\WindowsUpdate.log
2015-05-16 20:35 - 2014-10-01 20:23 - 00000000 ____D () C:\Users\Leo\Documents\Youcam
2015-05-16 20:33 - 2014-11-08 00:31 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-15 03:31 - 2014-10-02 15:43 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\TS3Client
2015-05-15 02:53 - 2014-10-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-15 00:27 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-15 00:26 - 2014-06-10 21:25 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-05-14 23:17 - 2014-03-18 11:44 - 00329334 _____ () C:\Windows\PFRO.log
2015-05-14 23:16 - 2015-03-21 17:50 - 00000000 ____D () C:\AdwCleaner
2015-05-14 23:16 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-14 15:36 - 2015-03-29 23:08 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-14 15:31 - 2015-03-29 23:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-14 04:47 - 2014-11-08 00:33 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-14 02:15 - 2014-11-05 22:54 - 00328192 ___SH () C:\Users\Leo\Downloads\Thumbs.db
2015-05-14 00:29 - 2015-03-21 14:37 - 00000504 _____ () C:\Users\Leo\Desktop\Events.txt
2015-05-14 00:23 - 2014-11-01 16:04 - 00053760 ___SH () C:\Users\Leo\Desktop\Thumbs.db
2015-05-14 00:06 - 2014-11-08 00:38 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Roaming\ClassicShell
2015-05-13 15:25 - 2015-02-01 22:38 - 00000000 ____D () C:\Users\Leo\AppData\Local\Adobe
2015-05-13 15:23 - 2014-10-02 11:23 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Local\Adobe
2015-05-09 03:50 - 2014-10-01 20:21 - 00000000 ____D () C:\Users\Leo
2015-05-06 19:22 - 2015-01-10 15:33 - 00000000 ____D () C:\Users\Leo\.gimp-2.8
2015-05-05 19:48 - 2015-02-07 14:58 - 00000000 ____D () C:\Users\Mama
2015-05-05 19:48 - 2014-10-01 19:36 - 00000000 ____D () C:\Users\peter
2015-05-05 15:04 - 2015-04-01 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 15:02 - 2015-03-01 21:05 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 15:02 - 2015-03-01 21:05 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-04 22:13 - 2014-10-02 08:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\vlc
2015-05-04 19:23 - 2014-11-11 18:44 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\Skype
2015-04-28 07:39 - 2014-05-01 00:19 - 00800954 _____ () C:\Windows\system32\perfh007.dat
2015-04-28 07:39 - 2014-05-01 00:19 - 00174458 _____ () C:\Windows\system32\perfc007.dat
2015-04-28 07:39 - 2014-03-18 11:53 - 01921154 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 07:37 - 2013-08-22 16:46 - 00038026 _____ () C:\Windows\setupact.log
2015-04-27 14:47 - 2014-10-01 20:31 - 00000000 ____D () C:\Users\MeinAdmin
2015-04-27 13:45 - 2015-04-07 15:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-19 20:33 - 2015-01-10 16:48 - 00000000 ____D () C:\Users\Leo\Documents\MSA
==================== Files in the root of some directories =======
2014-12-18 15:05 - 2014-12-18 15:05 - 0007626 _____ () C:\Users\MeinAdmin\AppData\Local\Resmon.ResmonCfg
Some content of TEMP:
====================
C:\Users\Leo\AppData\Local\Temp\avgnt.exe
C:\Users\MeinAdmin\AppData\Local\Temp\avgnt.exe
C:\Users\MeinAdmin\AppData\Local\Temp\Quarantine.exe
C:\Users\MeinAdmin\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-05-14 16:20
==================== End Of Log ============================
--- --- --- |
|
17.05.2015, 11:44
| #9 |
| /// the machine /// TB-Ausbilder | audiodg.exe - Virus? Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {65FBCC2B-DA0F-4EF7-9565-308A73C8CBEA} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005 No Task File <==== ATTENTION
Task: {8756A64C-A489-4B77-9DA1-402404CC1DD2} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1008 No Task File <==== ATTENTION
Task: {D3045CA2-FE90-4C31-B9DB-7B062034F6B9} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-500 No Task File <==== ATTENTION
Task: {E0405F4E-B265-486A-94EE-48320F5A7984} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1002 No Task File <==== ATTENTION
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
 Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu audiodg.exe - Virus? |
| admin, antivirus, avira, code, cpu, desktop, error, failed, files, free, information, interne, internet, laufen, namens, programm, system, teamspeak, transfer, update, update.exe, updaten, version, virus, virus? |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
