unregelmäßige Pingschwankungen - ist ein Hintergrund-Programm dran schuld?

pcsagtnein · 05.06.2015, 18:22

Sehr geehrte Community,

ich bin schon seit längerer Zeit verzweifelt auf der Suche nach Lösungsansätzen zu meinem Problem und hoffe dass Ihr mir vielleicht helfen könnt.

Ich habe vor ungefähr 3 Monaten folgendes Problem feststellen müssen: Nach dem Start des PCs und Verbindung mit der Fritzbox per Wlan treten unregelmäßig wiederkommende Pingschwankungen auf. Das merke ich z. B., wenn ich im Teamspeak auf meine Verbindungsinformationen schaue, bei denen urplötzlich der Ping von ca. 30 auf bis zu 1000 (!) heraufsteigt und da etwa 4-5 Sekunden verbleibt. Danach normalisiert sich das Ganze wieder bis zur nächsten Spitze. Besonders "nervend" ist das in Online-Games, wie WoT, wenn man einfach mal für 5 Sekunden nichts machen kann.
Ich vermute, dass ein Programm regelmäßig im Hintergrund werkelt und auf das Internet zugreift, was die Schwankungen vielleicht auslösen könnte. Ich weiß aber nicht, wie ich das rausfiltern kann. Ansonsten würde ich noch mein WLan Adapter unter Verdacht stellen (werde die Tage mal mit Kabel probieren, ob es immer noch Schwankungen gibt).

Bitte sagt mir, was ihr noch an Logs, Daten etc. braucht, um mir vielleicht wenigstens ein Stück weit helfen zu können.

Liebe Grüße und vielen Dank im Voraus!

PCSagtNein aka Chris

schrauber · 05.06.2015, 18:36

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

pcsagtnein · 07.06.2015, 12:34

Hallo schrauber! Vielen Dank für deine schnelle Antwort. Hier ist FRST

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by Heimanwender (administrator) on CP-PC-ASUS on 07-06-2015 13:32:26
Running from C:\Users\Heimanwender\Downloads
Loaded Profiles: Heimanwender (Available Profiles: Heimanwender)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Tesline-Service SRL) C:\Program Files (x86)\Rohos\agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
() C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Windows\SysWOW64\AsHookDevice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Spotify Ltd) C:\Users\Heimanwender\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
(Thermaltake) C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS Level 10 M\L10mMonitor.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avast Software s.r.o.) D:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(TeamSpeak Systems GmbH) D:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466648 2015-06-05] (Realtek Semiconductor)
HKLM\...\Run: [Cm108Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm108.dll,CMICtrlWnd
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM-x32\...\Run: [RunAIShell] => C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe [232064 2009-12-23] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [Tt eSPORTS Level 10 M Gaming Mouse] => C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS Level 10 M\L10mMonitor.exe [120200 2012-07-26] (Thermaltake)
HKLM-x32\...\Run: [AvastUI.exe] => d:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-25] (Avast Software s.r.o.)
HKLM-x32\...\Run: [spup] => C:\Users\Heimanwender\AppData\Roaming\ShinyProfile\spup.exe [197664 2013-07-10] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCInstallQueue] => rundll32 netman.dll,ProcessQueue
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-29] (Piriform Ltd)
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINOE.EXE /EPT "EPLTarget\P0000000000000000" /M "XP-620 Series"
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Run: [Spotify Web Helper] => C:\Users\Heimanwender\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-05-30] (Spotify Ltd)
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Run: [Google Update] => C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-26] (Google Inc.)
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {5119da46-2844-11e2-a5e2-f46d049e16f1} - F:\AutoRun.exe
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {5119da5c-2844-11e2-a5e2-f46d049e16f1} - F:\AutoRun.exe
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {5119da88-2844-11e2-a5e2-f46d049e16f1} - F:\AutoRun.exe
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {5119dabb-2844-11e2-a5e2-f46d049e16f1} - F:\AutoRun.exe
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {5119dace-2844-11e2-a5e2-f46d049e16f1} - F:\AutoRun.exe
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {5119dadd-2844-11e2-a5e2-f46d049e16f1} - F:\AutoRun.exe
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {930bc327-beab-11e1-9bd0-f46d049e16f1} - G:\setup\rsrc\Autorun.exe
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\MountPoints2: {caaddce2-c9c9-11e0-b7dc-806e6f6e6963} - E:\Opendisc.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => "C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe" -autorun
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2013-07-22]
ShortcutTarget: DSL-Manager.lnk -> D:\Program Files (x86)\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk [2013-07-22]
ShortcutTarget: DSL-Manager.lnk -> D:\Program Files (x86)\DSL-Manager\DslMgr.exe (No File)
Startup: C:\Users\Heimanwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013-03-31]
ShortcutTarget: Dropbox.lnk -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Heimanwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk [2014-01-24]
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll [2013-06-11] ()
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll [2015-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => d:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-25] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\FileSyncShell.dll [2015-03-14] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
BootExecute: autoche
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKU\S-1-5-21-2428131109-3131180398-271353260-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> d:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-29] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: No Name -> {4DF4AC8C-FFA8-40FF-91F0-EB8389314B78} ->  No File
BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-25] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> d:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-29] (Avast Software s.r.o.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: No Name -> {C8B7D03D-30D7-493A-95E5-6547E2FAC2FE} ->  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-25] (Oracle Corporation)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - Bitdefender Wallet  - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{D93CE0B7-EFDD-4E06-8972-0A12DBAD83D5}: [NameServer] 192.168.1.2,192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default
FF SearchEngineOrder.1: Google
FF Homepage: https://www.google.de/|https://bildungsportal.sachsen.de/opal/dmz/
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-22] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> d:\Program Files\VideoLAN\VLC\npvlc.dll [2012-10-19] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-22] ()
FF Plugin-x32: @canon.com/EPPEX -> d:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2009-09-06] (CANON INC.)
FF Plugin-x32: @esn/esnlaunch,version=1.140.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-04-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll No File
FF Plugin HKU\S-1-5-21-2428131109-3131180398-271353260-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2428131109-3131180398-271353260-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-2428131109-3131180398-271353260-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-04-18] ()
FF Extension: 8 Ultimo - C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default\Extensions\{2b6788a0-0ccd-11e1-be50-0800200c9a66} [2012-07-13]
FF Extension: NASA Night Launch - C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default\Extensions\nasanightlaunch@example.com.xpi [2012-06-26]
FF Extension: SmallringFX DARKBlue - C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default\Extensions\{0471d3b0-a403-11df-981c-0800200c9a66}.xpi [2012-06-26]
FF Extension: NoScript - C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-05]
FF Extension: ReloadEvery - C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2014-06-26]
FF Extension: Password Exporter - C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2014-11-29]
FF Extension: Adblock Plus - C:\Users\Heimanwender\AppData\Roaming\Mozilla\Firefox\Profiles\vb0dv3c2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-21]
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff
FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox
FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2014-07-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - d:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - d:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-29]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome: 
=======
CHR Profile: C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-22]
CHR Extension: (Google Docs) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-22]
CHR Extension: (Google Drive) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-22]
CHR Extension: (YouTube) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-22]
CHR Extension: (Google Search) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-22]
CHR Extension: (Avast SafePrice) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2015-04-04]
CHR Extension: (Google Sheets) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-22]
CHR Extension: (Bookmark Manager) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Avast Online Security) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-03-29]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-04]
CHR Extension: (Google Wallet) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-22]
CHR Extension: (Citavi Picker) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohgndokldibnndfnjnagojmheejlengn [2015-01-22]
CHR Extension: (Gmail) - C:\Users\Heimanwender\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - d:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - d:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [obcjlnjgjjgghcedkcohaeboelbblehc] - C:\Program Files (x86)\1clickmoviedownloader.com\clickmoviedownloader10.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - D:\Program Files (x86)\Citavi 4\Pickers\Chrome\ChromePicker.crx [2014-02-07]
CHR HKLM-x32\...\Chrome\Extension: [pailhpppfllmijejfccffanaigjphjnb] - C:\Users\Heimanwender\AppData\LocalLow\FoxTab\CHROME\FoxTab.crx [Not Found]
StartMenuInternet: Google Chrome - C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe

Opera: 
=======
OPR Extension: (AdBlock) - C:\Users\Heimanwender\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2014-08-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe [918144 2010-11-03] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [915584 2010-12-02] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe [586880 2010-10-21] ()
R2 avast! Antivirus; d:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-25] (Avast Software s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [441216 2015-05-07] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S4 MBAMScheduler; d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-15] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation)
S3 Origin Client Service; D:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-05] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-15] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-02] ()
R2 Rohos Disk; C:\Program Files (x86)\Rohos\agent.exe [805176 2011-10-26] (Tesline-Service SRL)
S4 SWAS_Core; C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe [1449984 2008-04-15] () [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ASInsHelp; C:\Windows\SysWow64\drivers\AsInsHelp64.sys [11832 2008-01-04] ()
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-25] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-25] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-25] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-05-25] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-25] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-25] ()
S3 CM_VENDER_CMD; C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys [17104 2014-07-31] (Windows (R) Win 7 DDK provider)
S3 CorsairAudioFilter; C:\Windows\System32\DRIVERS\corsveng2kamd64.sys [109912 2014-02-03] (Corsair Components, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-20] (Disc Soft Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-27] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2015-06-05] (NVIDIA Corporation)
R2 RHDISK_AMD64; C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS [31408 2009-07-24] (Tesline-Service SRL)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [File not signed]
S3 cpuz135; \??\C:\Users\HEIMAN~1\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 ew_usbenumfilter; system32\DRIVERS\ew_usbenumfilter.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 huawei_ext_ctrl; system32\DRIVERS\ew_juextctrl.sys [X]
S3 huawei_wwanecm; system32\DRIVERS\ew_juwwanecm.sys [X]
S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [X]
S3 taphss6; system32\DRIVERS\taphss6.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 WinRing0_1_2_0; \??\C:\Windows\TEMP\tmpE76B.tmp [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 13:32 - 2015-06-07 13:32 - 00035158 _____ C:\Users\Heimanwender\Downloads\FRST.txt
2015-06-07 13:32 - 2015-06-07 13:32 - 00000000 ____D C:\FRST
2015-06-07 13:31 - 2015-06-07 13:31 - 02108928 _____ (Farbar) C:\Users\Heimanwender\Downloads\FRST64.exe
2015-06-05 20:36 - 2015-06-05 20:36 - 00000689 _____ C:\Users\Heimanwender\Desktop\World of Tanks 0.9.8.1 ProMod.lnk
2015-06-05 13:07 - 2015-06-05 13:07 - 02202040 _____ (Odem Mortis ) C:\Users\Heimanwender\Downloads\OMC_ModPack_Installer (2).exe
2015-06-05 12:28 - 2015-06-05 12:28 - 22224144 _____ (Xirrus) C:\Users\Heimanwender\Downloads\WiFiInspector-Setup-1-2-1-4.exe
2015-06-05 12:19 - 2015-06-05 12:20 - 00003259 _____ C:\Users\Heimanwender\meineping2.txt
2015-06-05 12:17 - 2015-06-05 12:18 - 00003255 _____ C:\Users\Heimanwender\meineping.txt
2015-06-05 11:34 - 2015-06-05 11:34 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-05 11:34 - 2015-06-05 11:34 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-05 11:34 - 2015-06-05 11:34 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-05 11:34 - 2015-06-05 11:34 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 42718864 _____ C:\Windows\system32\nvcompiler.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 30478992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 16145176 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 14455296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 10972304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-05 11:33 - 2015-06-05 11:33 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 01050256 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 00176064 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-05 11:33 - 2015-06-05 11:33 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 05706688 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 04464344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-06-05 11:32 - 2015-06-05 11:32 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 02847448 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 02532568 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 02048372 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-06-05 11:32 - 2015-06-05 11:32 - 01739992 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 01365768 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-06-05 11:32 - 2015-06-05 11:32 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-06-05 11:32 - 2015-06-05 11:32 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-06-05 11:30 - 2015-06-05 11:30 - 00659456 _____ (Speed Guide Inc.) C:\Users\Heimanwender\Downloads\TCPOptimizer_v308.exe
2015-06-05 11:12 - 2015-06-07 13:25 - 00003478 _____ C:\Windows\setupact.log
2015-06-05 11:12 - 2015-06-05 11:12 - 00000000 _____ C:\Windows\setuperr.log
2015-06-02 11:08 - 2015-06-02 11:08 - 00000000 ____D C:\Users\Heimanwender\AppData\Local\GWX
2015-06-01 19:48 - 2015-06-01 19:48 - 02202040 _____ (Odem Mortis ) C:\Users\Heimanwender\Downloads\OMC_ModPack_Installer (1).exe
2015-05-30 20:31 - 2015-05-30 20:31 - 02202048 _____ (Odem Mortis ) C:\Users\Heimanwender\Downloads\OMC_ModPack_Installer.exe
2015-05-30 19:48 - 2015-05-30 19:48 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Wargaming.net
2015-05-30 19:46 - 2015-05-30 19:46 - 00000000 ____D C:\Users\Heimanwender\Downloads\post-188170-0-25163600-1430788365
2015-05-30 19:33 - 2015-05-30 19:34 - 02931293 _____ C:\Users\Heimanwender\Downloads\ProMod9.8.1.zip
2015-05-30 19:21 - 2015-05-30 19:21 - 03660310 _____ C:\Users\Heimanwender\Downloads\post-188170-0-25163600-1430788365.zip
2015-05-30 18:45 - 2015-05-30 18:45 - 02202048 _____ (Odem Mortis ) C:\Users\Heimanwender\Downloads\OMC_ModPack_Installer (5).exe
2015-05-30 16:40 - 2015-05-30 17:14 - 00000000 ____D C:\Users\Heimanwender\Desktop\Neuer Ordner (2)
2015-05-28 10:54 - 2015-05-28 10:54 - 00000000 ____D C:\Users\Heimanwender\AppData\Local\by_dimabal100000
2015-05-28 10:32 - 2015-05-28 10:43 - 66122240 _____ (by dimabal100000) C:\Users\Heimanwender\Downloads\0.9.8-Svatekl2-ModPack-v7.0.exe
2015-05-28 10:10 - 2015-05-28 10:10 - 25573571 _____ (diclovit ) C:\Users\Heimanwender\Downloads\dmp_9.8.0_setup.exe
2015-05-25 18:52 - 2015-05-25 18:52 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-05-25 18:52 - 2015-05-25 18:52 - 00043112 _____ (Avast Software s.r.o.) C:\Windows\avastSS.scr
2015-05-15 10:53 - 2015-05-15 10:53 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-05-15 10:53 - 2015-05-15 10:53 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-05-13 01:20 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 01:20 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 00:36 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 00:36 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 00:36 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 00:36 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 00:36 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 00:36 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 00:36 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 00:36 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 00:36 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 00:36 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 00:36 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 00:36 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 00:36 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 00:36 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 00:36 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 00:36 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 00:36 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 00:36 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 00:36 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 00:36 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 00:36 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 00:36 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 00:36 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 00:36 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 00:36 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 00:36 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 00:36 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 00:36 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 00:36 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 00:36 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 00:36 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 00:36 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 00:36 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 00:36 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 00:36 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 00:36 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 00:36 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 00:36 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 00:36 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 00:36 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 00:36 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 00:36 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 00:36 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 00:36 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 00:36 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 00:36 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 00:36 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 00:36 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 00:36 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 00:36 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 00:36 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 00:36 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 00:36 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 00:36 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 00:36 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 00:36 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 00:36 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 00:36 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 00:36 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 00:36 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 00:36 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 00:36 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 00:36 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 00:36 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 00:35 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 00:35 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 00:35 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 00:35 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 00:35 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 00:35 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 00:35 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 00:35 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 00:35 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 00:35 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 00:35 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 00:35 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 00:35 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 00:35 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 00:35 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 00:35 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 00:35 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 00:35 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 00:35 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 00:35 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 00:35 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 00:35 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 00:35 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 00:35 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 00:35 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 00:35 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 00:35 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 00:35 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 00:35 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 00:35 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 00:35 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 00:35 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 00:35 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 00:35 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 00:35 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 00:35 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 00:35 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 00:35 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 00:35 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 00:35 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 00:35 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 00:35 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 00:35 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 00:35 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 00:35 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 00:35 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 00:35 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 00:35 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 00:35 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 00:35 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 00:35 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 00:35 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-09 13:06 - 2015-06-06 17:34 - 00018576 _____ C:\Windows\PFRO.log
2015-05-08 15:42 - 2015-05-08 17:09 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\DVDVideoSoft
2015-05-08 15:40 - 2015-05-08 15:41 - 36088824 _____ (DVDVideoSoft Ltd. ) C:\Users\Heimanwender\Downloads\FreeYouTubeToMP3Converter_3.12.59.505.exe
2015-05-08 15:36 - 2015-05-08 15:36 - 00003975 _____ C:\Users\Heimanwender\Downloads\youtube2mp3 (2).crx
2015-05-08 15:35 - 2015-05-08 15:35 - 00021354 _____ C:\Users\Heimanwender\Downloads\youtube2mp3 (1).crx
2015-05-08 15:34 - 2015-05-08 15:34 - 00021244 _____ C:\Users\Heimanwender\Downloads\youtube2mp3004.zip
2015-05-08 15:34 - 2015-05-08 15:34 - 00021244 _____ C:\Users\Heimanwender\Downloads\youtube2mp3004 (1).zip
2015-05-08 12:53 - 2015-05-08 12:53 - 03736400 _____ C:\Users\Heimanwender\ts3_recording_15_05_08_12_53_13.wav
2015-05-08 12:09 - 2015-05-08 12:09 - 00394754 _____ C:\Users\Heimanwender\Downloads\soundboard-1.0b5-win64.ts3_plugin
2015-05-08 12:01 - 2015-05-09 17:12 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-08 12:01 - 2015-05-09 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-08 12:01 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-08 12:01 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-08 12:00 - 2015-05-09 13:07 - 00000791 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-05-08 12:00 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-08 11:49 - 2015-05-08 11:49 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 03182104 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-05-08 11:49 - 2015-05-08 11:49 - 01559744 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-05-08 11:49 - 2015-05-08 11:49 - 00168816 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 13:31 - 2011-03-15 23:23 - 00715142 _____ C:\Windows\system32\perfh007.dat
2015-06-07 13:31 - 2011-03-15 23:23 - 00155122 _____ C:\Windows\system32\perfc007.dat
2015-06-07 13:31 - 2009-07-14 07:13 - 01662648 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 13:30 - 2015-02-27 23:14 - 00002892 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Heimanwender)
2015-06-07 13:29 - 2014-01-25 12:27 - 01359982 _____ C:\Windows\WindowsUpdate.log
2015-06-07 13:29 - 2013-12-15 21:03 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-07 13:29 - 2013-03-31 18:48 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Dropbox
2015-06-07 13:25 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 23:24 - 2013-12-15 21:03 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-06 23:01 - 2012-11-08 18:59 - 00000000 ____D C:\Users\Heimanwender\AppData\Local\Spotify
2015-06-06 23:01 - 2012-11-08 18:58 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Spotify
2015-06-06 22:52 - 2012-07-28 12:48 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 22:52 - 2012-06-26 15:39 - 00001148 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000UA.job
2015-06-06 21:43 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-06 21:43 - 2009-07-14 06:45 - 00024400 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-06 17:34 - 2015-04-26 18:42 - 05228528 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-06 17:34 - 2015-03-29 13:22 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-06-06 17:34 - 2013-08-14 15:08 - 00000000 ____D C:\Program Files (x86)\OpenAL
2015-06-05 20:24 - 2015-02-12 20:35 - 00155136 _____ C:\Windows\SysWOW64\unrar.dll
2015-06-05 20:24 - 2015-02-12 20:35 - 00034308 _____ C:\Windows\SysWOW64\bassmod.dll
2015-06-05 19:45 - 2013-03-31 18:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008
2015-06-05 19:44 - 2013-03-31 18:47 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-06-05 19:44 - 2013-03-31 18:46 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-06-05 19:44 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-06-05 19:43 - 2015-04-26 13:37 - 00165120 _____ C:\Users\Heimanwender\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-05 19:41 - 2013-05-11 17:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avid
2015-06-05 19:41 - 2013-05-11 17:21 - 00000000 ____D C:\Program Files (x86)\Avid
2015-06-05 19:40 - 2012-12-21 20:06 - 00000000 ____D C:\Users\Heimanwender\AppData\Local\CrashDumps
2015-06-05 19:36 - 2012-10-25 18:23 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Origin
2015-06-05 19:35 - 2012-10-25 18:23 - 00000000 ____D C:\ProgramData\Origin
2015-06-05 19:33 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-05 19:32 - 2014-01-27 16:20 - 00000000 ____D C:\ProgramData\eLicenser
2015-06-05 19:32 - 2012-07-31 13:58 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bohemia Interactive
2015-06-05 19:30 - 2014-03-19 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppInventor Setup
2015-06-05 14:21 - 2015-02-27 23:14 - 00000000 ____D C:\ProgramData\ProductData
2015-06-05 13:49 - 2015-04-02 19:32 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2015-06-05 12:19 - 2011-08-19 15:55 - 00000000 ____D C:\Users\Heimanwender
2015-06-05 11:52 - 2012-06-26 15:39 - 00001096 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000Core.job
2015-06-05 11:34 - 2015-02-23 13:32 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-06-05 11:34 - 2013-10-01 13:55 - 00034976 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2015-06-05 11:33 - 2014-06-21 13:25 - 15858728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-05 11:33 - 2014-06-21 13:25 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-05 11:33 - 2013-10-01 13:55 - 00031710 _____ C:\Windows\system32\nvinfo.pb
2015-06-05 11:33 - 2012-10-10 22:23 - 17540416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-06-05 11:33 - 2012-10-10 22:23 - 03363224 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-06-05 11:33 - 2012-10-10 22:23 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-05 11:33 - 2011-08-19 19:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-05 11:33 - 2011-08-19 15:55 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-05 11:33 - 2011-04-14 02:47 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-06-05 11:12 - 2012-07-19 19:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-05 00:16 - 2014-07-13 21:07 - 00000000 ____D C:\Users\Heimanwender\Documents\Citavi 4
2015-06-04 22:00 - 2013-02-14 22:01 - 00000000 ____D C:\Users\Heimanwender\Documents\Outlook-Dateien
2015-05-30 17:10 - 2013-11-17 16:31 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Notepad++
2015-05-26 22:49 - 2012-12-01 15:39 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Audacity
2015-05-25 18:52 - 2015-03-29 13:22 - 01047320 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSnx.sys
2015-05-25 18:52 - 2015-03-29 13:22 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswSP.sys
2015-05-25 18:52 - 2015-03-29 13:22 - 00272248 _____ C:\Windows\system32\Drivers\aswVmm.sys
2015-05-25 18:52 - 2015-03-29 13:22 - 00137288 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswStm.sys
2015-05-25 18:52 - 2015-03-29 13:22 - 00093528 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswRdr2.sys
2015-05-25 18:52 - 2015-03-29 13:22 - 00089944 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-05-25 18:52 - 2015-03-29 13:22 - 00065736 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2015-05-25 18:52 - 2015-03-29 13:22 - 00029168 _____ C:\Windows\system32\Drivers\aswHwid.sys
2015-05-22 21:45 - 2012-07-28 12:48 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-22 21:45 - 2012-06-21 10:44 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-22 21:45 - 2012-06-21 10:44 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-20 21:28 - 2015-04-04 15:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 21:28 - 2015-04-04 15:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-17 12:09 - 2013-12-21 00:30 - 00000000 ____D C:\Users\Heimanwender\AppData\Local\Arma 3
2015-05-16 12:19 - 2013-12-15 21:03 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-16 12:19 - 2013-12-15 21:03 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 11:50 - 2013-09-16 14:12 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2015-05-16 11:47 - 2012-06-26 15:39 - 00004136 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000UA
2015-05-16 11:47 - 2012-06-26 15:39 - 00003740 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000Core
2015-05-15 23:51 - 2015-03-05 17:27 - 00000000 ____D C:\Users\Heimanwender\Desktop\Neuer Ordner
2015-05-15 11:32 - 2015-03-31 15:41 - 00001168 _____ C:\Users\Heimanwender\Desktop\Bewerbung.txt
2015-05-15 10:54 - 2013-03-07 23:33 - 00016097 _____ C:\Windows\system32\RaCoInst.log
2015-05-13 18:58 - 2013-03-14 19:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-13 18:58 - 2013-03-14 19:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 18:58 - 2010-11-21 09:17 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 18:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 01:28 - 2012-08-29 19:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-13 01:26 - 2013-08-31 10:07 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 01:22 - 2012-06-20 23:51 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 01:20 - 2013-03-14 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-12 11:39 - 2013-03-31 19:00 - 00001044 _____ C:\Users\Heimanwender\Desktop\Dropbox.lnk
2015-05-12 11:39 - 2013-03-31 18:49 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-12 05:30 - 2011-03-16 13:14 - 06872392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-12 05:30 - 2011-03-16 13:14 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-12 05:30 - 2011-03-16 13:14 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-12 05:30 - 2011-03-16 13:14 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-12 05:30 - 2011-03-16 13:14 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-12 05:30 - 2011-03-16 13:13 - 03490448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-11 19:01 - 2012-08-01 18:10 - 04391871 _____ C:\Windows\system32\nvcoproc.bin
2015-05-08 12:04 - 2012-09-29 15:31 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-05-08 12:01 - 2013-01-23 22:14 - 00000000 ____D C:\Users\Heimanwender\AppData\Roaming\Malwarebytes
2015-05-08 00:19 - 2014-08-12 20:20 - 00000000 ____D C:\Users\Heimanwender\AppData\Local\Arma 3 Launcher
2015-05-08 00:18 - 2013-10-01 13:22 - 00000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories =======

2013-05-11 17:25 - 2013-05-11 17:25 - 0000604 ____H () C:\Program Files (x86)\_Z2
2014-12-24 13:54 - 2014-12-24 13:54 - 2328526 _____ () C:\Users\Heimanwender\AppData\Roaming\18.wav
2014-12-23 13:39 - 2014-12-23 13:40 - 1358326 _____ () C:\Users\Heimanwender\AppData\Roaming\22.wav
2014-03-29 14:52 - 2014-03-29 14:52 - 0000132 _____ () C:\Users\Heimanwender\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2013-02-19 20:46 - 2014-11-29 15:12 - 0000626 _____ () C:\Users\Heimanwender\AppData\Roaming\All CPU MeterV3_Settings.ini
2013-05-11 17:25 - 2013-05-11 17:25 - 0231336 _____ () C:\Users\Heimanwender\AppData\Roaming\AvidLicenseControl_Install.log
2013-01-24 20:18 - 2014-12-24 14:46 - 0000491 _____ () C:\Users\Heimanwender\AppData\Roaming\burnaware.ini
2013-08-13 16:14 - 2013-08-13 16:15 - 0000284 _____ () C:\Users\Heimanwender\AppData\Roaming\GPU MeterV2_Settings.ini
2013-05-08 19:50 - 2013-05-15 20:33 - 0000000 _____ () C:\Users\Heimanwender\AppData\Roaming\Importer
2013-05-08 19:50 - 2013-05-15 20:33 - 0000000 _____ () C:\Users\Heimanwender\AppData\Roaming\Installer Plugin
2014-10-30 14:09 - 2014-10-30 20:14 - 0000099 _____ () C:\Users\Heimanwender\AppData\Roaming\LauncherSettings_live.cfg
2013-08-13 16:17 - 2013-11-10 17:26 - 0000989 _____ () C:\Users\Heimanwender\AppData\Roaming\Network Meter_Settings.ini
2013-08-13 16:26 - 2014-11-25 22:18 - 0000025 _____ () C:\Users\Heimanwender\AppData\Roaming\Network Meter_Usage.ini
2014-11-05 23:41 - 2014-11-05 23:41 - 0000206 _____ () C:\Users\Heimanwender\AppData\Roaming\SpotifyRecorderSettings.ini
2014-10-30 13:23 - 2014-10-30 18:12 - 0008145 _____ () C:\Users\Heimanwender\AppData\Roaming\TheHunterSettings_live.bin
2014-10-30 13:21 - 2014-10-30 13:21 - 0000040 _____ () C:\Users\Heimanwender\AppData\Roaming\TheHunterSettings_steam_live.cfg
2013-11-19 22:15 - 2014-04-12 17:24 - 0000600 _____ () C:\Users\Heimanwender\AppData\Roaming\winscp.rnd
2012-07-29 16:03 - 2014-12-26 22:47 - 0008192 _____ () C:\Users\Heimanwender\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-11-20 15:49 - 2013-12-16 00:22 - 0000173 _____ () C:\Users\Heimanwender\AppData\Local\msmathematics.qat.Heimanwender
2013-06-28 21:45 - 2014-11-05 23:39 - 0001510 _____ () C:\Users\Heimanwender\AppData\Local\RecConfig.xml
2015-05-01 18:13 - 2015-05-01 18:13 - 0000855 _____ () C:\Users\Heimanwender\AppData\Local\recently-used.xbel
2013-08-13 16:23 - 2015-05-07 21:12 - 0007643 _____ () C:\Users\Heimanwender\AppData\Local\Resmon.ResmonCfg
2014-07-13 17:25 - 2014-07-13 17:35 - 0124446 _____ () C:\ProgramData\1405265111.1724.bin
2014-07-13 17:25 - 2014-07-13 17:32 - 0029003 _____ () C:\ProgramData\1405265111.3560.bin
2014-07-13 17:25 - 2014-07-13 17:35 - 0122928 _____ () C:\ProgramData\1405265111.3564.bin
2014-07-13 17:35 - 2014-07-13 17:35 - 0086024 _____ () C:\ProgramData\1405265111.5004.bin
2014-07-13 17:27 - 2014-07-13 17:27 - 0002247 _____ () C:\ProgramData\1405265111.5404.bin
2014-07-13 17:25 - 2014-07-13 17:25 - 0002959 _____ () C:\ProgramData\1405265111.7648.bin
2014-07-13 17:25 - 2014-07-13 17:27 - 0017817 _____ () C:\ProgramData\1405265111.7656.bin
2014-07-13 17:25 - 2014-07-13 17:25 - 0017948 _____ () C:\ProgramData\1405265111.7660.bin
2014-07-13 17:25 - 2014-07-13 17:27 - 0001090 _____ () C:\ProgramData\1405265111.7664.bin
2014-07-13 17:25 - 2014-07-13 17:27 - 0001090 _____ () C:\ProgramData\1405265111.7668.bin
2014-07-13 17:25 - 2014-07-13 17:35 - 0129886 _____ () C:\ProgramData\1405265111.7744.bin
2014-07-13 17:25 - 2014-07-13 17:25 - 0009471 _____ () C:\ProgramData\1405265111.7752.bin
2014-07-13 17:27 - 2014-07-13 17:27 - 0001451 _____ () C:\ProgramData\1405265111.8184.bin
2014-07-13 17:45 - 2014-07-13 17:45 - 0493164 _____ () C:\ProgramData\1405266148.bdinstall.bin
2014-12-14 16:29 - 2014-12-14 16:29 - 0260304 _____ () C:\ProgramData\1418567333.bdinstall.bin
2015-02-27 23:20 - 2015-02-27 23:20 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2013-05-15 20:33 - 2013-05-15 20:33 - 0000000 _____ () C:\ProgramData\Images
2013-05-15 20:33 - 2013-05-15 20:33 - 0000000 _____ () C:\ProgramData\InkjetPrinter
2013-05-08 19:50 - 2013-05-15 20:33 - 0000000 ____H () C:\ProgramData\PKP_DLes.DAT
2013-05-08 19:50 - 2013-05-15 20:33 - 0000000 ____H () C:\ProgramData\PKP_DLet.DAT
2013-05-08 19:50 - 2013-05-15 20:33 - 0000000 ____H () C:\ProgramData\PKP_DLev.DAT

Files to move or delete:
====================
C:\Users\Heimanwender\IP_Log_Data.js
C:\Users\Heimanwender\Network_Meter_Data.js


Some files in TEMP:
====================
C:\Users\Heimanwender\AppData\Local\Temp\drm_dyndata_7380015.dll
C:\Users\Heimanwender\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpofk2v8.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 17:14

==================== End of log ============================

pcsagtnein · 07.06.2015, 12:36

Und der zweite Teil:
[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015
Ran by Heimanwender at 2015-06-07 13:32:50
Running from C:\Users\Heimanwender\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2428131109-3131180398-271353260-500 - Administrator - Disabled)
fbwuser (S-1-5-21-2428131109-3131180398-271353260-1010 - Limited - Enabled)
Gast (S-1-5-21-2428131109-3131180398-271353260-501 - Limited - Enabled)
Heimanwender (S-1-5-21-2428131109-3131180398-271353260-1000 - Administrator - Enabled) => C:\Users\Heimanwender
HomeGroupUser$ (S-1-5-21-2428131109-3131180398-271353260-1004 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 1.2.0 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.14) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.14 - Adobe Systems Incorporated)
AI Manager (HKLM-x32\...\{4AF95DE2-B54D-4C3F-9494-FD3B558E2C2D}) (Version: 1.09.06 - ASUSTeK Computer Inc.)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 1.01.13 - ASUSTeK)
ARMA 2 Operation Arrowhead Uninstall (HKLM-x32\...\ARMA 2 Operation Arrowhead) (Version:  - )
ArmA 2 Uninstall (HKLM-x32\...\ArmA 2) (Version:  - )
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.0.0 - Asmedia Technology)
Assassin's Creed Brotherhood (HKLM-x32\...\{BE4BA698-8533-4F77-9559-C7F3F78C0B05}) (Version: 1.00 - Ubisoft)
Assassin's Creed Revelations 1.03 (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.03 - Ubisoft)
ASUS Backup Wizard (HKLM-x32\...\{124C9BD0-8C52-40AB-8238-0605703B1C28}) (Version: 1.00.10 - ASUSTeK Computer Inc.)
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AxCrypt 1.7.2931.0 (HKLM\...\{E191812E-F3A0-4F87-98D9-DCD03321278D}) (Version: 1.7.2931.0 - Axantum Software AB)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.4.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Battlestations: Pacific (HKLM-x32\...\{BBAB6D5D-1DD4-4D46-B5D9-121DCAB17DEC}) (Version: 1.00.0000 - Eidos plc)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye) (Version:  - )
BigMacroTool 1.5 (HKLM-x32\...\{620CAD2D-0757-43A9-AA5F-C8D48A1E4D85}_is1) (Version:  - TLProd)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
BurnAware Free 5.5 (HKLM-x32\...\BurnAware Free_is1) (Version:  - Burnaware Technologies)
BurnAware Professional 6.0 (HKLM-x32\...\BurnAware Professional_is1) (Version:  - Burnaware)
Call of Duty(R) 4 - Modern Warfare(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) 4 - Modern Warfare(TM) 1.7 Patch (x32 Version:  - ) Hidden
Camtasia Studio 8 (HKLM-x32\...\{CB2B4C2B-0805-4E06-873D-CECB046A5BE8}) (Version: 8.0.2.964 - TechSmith Corporation)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )
Canon MP640 series Benutzerregistrierung (HKLM-x32\...\Canon MP640 series Benutzerregistrierung) (Version:  - )
Canon MP640 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP640_series) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
Citavi 4 (HKLM-x32\...\{CC0A85B2-734A-45B3-B678-05F6A6499AC7}) (Version: 4.3.0.15 - Swiss Academic Software)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{15D44296-62E0-4979-BFF5-1E09ABFE49E0}) (Version: 0.9.84 - Dotjosh Studios)
Driver Booster 2.2 (HKLM-x32\...\Driver Booster_is1) (Version: 2.2 - IObit)
Dropbox (HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
FormatFactory 3.3.5.0 (HKLM-x32\...\FormatFactory) (Version: 3.3.5.0 - Format Factory)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Calendar Sync (HKLM-x32\...\Google Calendar Sync) (Version:  - )
Google Chrome (HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GRID (HKLM-x32\...\Steam App 12750) (Version:  - Codemasters Studios)
Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM-x32\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Interaktive Sprachreise - English Grammatiktrainer (HKLM-x32\...\GTE_15_676828) (Version:  - digital publishing AG)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Lazarus 1.2.2 (HKLM\...\lazarus_is1) (Version: 1.2.2 - Lazarus Team)
Logitech G430 Driver (HKLM-x32\...\G430_Driver) (Version: 8.53.0.2 - Logitech)
Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)
MAGIX Content und Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Goya burnR (MSI) (HKLM-x32\...\MAGIX_{AA525B80-D6F8-4F6A-BF28-42365E6C16C0}) (Version: 4.3.1.6 - MAGIX AG)
MAGIX Goya burnR (MSI) (Version: 4.3.1.6 - MAGIX AG) Hidden
MAGIX Music Maker 2013 (HKLM-x32\...\MAGIX_{387F10FD-D62F-45AA-A7BA-9F3BF3B98187}) (Version: 19.0.1.36 - MAGIX AG)
MAGIX Music Maker 2013 (Synthesizer and effects) (HKLM-x32\...\MAGIX_{47B2BDC9-4493-4B63-8974-6BF02CC9CA7B}) (Version: 1.0.0.0 - MAGIX AG)
MAGIX Music Maker 2013 (Synthesizer and effects) (Version: 1.0.0.0 - MAGIX AG) Hidden
MAGIX Music Maker 2013 (Version: 19.0.1.36 - MAGIX AG) Hidden
MAGIX Music Maker 2013 Soundpools (Version: 1.0.0.0 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Max Payne 3 (HKLM-x32\...\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}) (Version: 1.0.0.0 - Rockstar Games)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F97E3841-CA9D-4964-9D64-26066241D26F}) (Version: 3.3.24.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
Mp3tag v2.54 (HKLM-x32\...\Mp3tag) (Version: v2.54 - Florian Heidenreich)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.10000.1.0 - Nero AG)
Nikon File Uploader 2 (HKLM-x32\...\{D1E7142C-6BC3-49EB-A71A-E5D7ADAC7599}) (Version: 2.0.2 - Nikon)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.1 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4518 - Electronic Arts, Inc.)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFTK Builder 3.5.3 (HKLM-x32\...\PDFTK Builder_is1) (Version:  - )
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
phase-6 2.3.3 (HKLM-x32\...\phase-6) (Version: 2.3.3 - phase-6)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Ralink RT2860 Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.1 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{7236672F-6430-439E-9B27-27EDEAF1D676}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7512 - Realtek Semiconductor Corp.)
Recorder for Spotify Version 2.0 (HKLM-x32\...\{0C442480-E6A6-4931-8C86-074B9D83A893}_is1) (Version: 2.0 - Manuel)
Rock- und Poplexikon (HKLM-x32\...\InstallShield_{63DDC707-020E-43C7-BD22-909CCF31E51E}) (Version: 1.00.0000 - Systhema)
Rock- und Poplexikon (x32 Version: 1.00.0000 - Systhema) Hidden
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rohos Mini Drive 1.9 (HKLM-x32\...\Rohos_Rohos22_is1) (Version:  - Tesline-Service srl)
Samsung Easy Color Manager (HKLM-x32\...\Samsung Easy Color Manager) (Version: 4.00.06.00 (07.07.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.06.50 (16.12.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.05.51.00(19.06.2014) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.70.5.0 - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.03.05.22 - Samsung Electronics Co., Ltd.) Hidden
Samsung Universal Print Driver 2 (HKLM-x32\...\Samsung Universal Print Driver 2) (Version: 2.50.05.00 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
SPEEDLINK MEDUSA NX 7.1 (HKLM\...\C-Media CM108 Like Sound Driver) (Version:  - )
Spotify (HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SyncThru Web Admin Service (HKLM-x32\...\{41F630B6-3A1C-40E0-8AD6-83C39C5B99E3}) (Version:  - )
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Telegram Desktop Version 0.7.17 (HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 0.7.17 - Telegram Messenger LLP)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version:  - Ubisoft Toronto)
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Trials Evolution Gold Edition (HKLM-x32\...\Steam App 220160) (Version:  - Redlynx Ltd)
Tt eSPORTS Level 10 M (HKLM-x32\...\{F1D9C0F0-EA26-46E3-8FFB-9644462E8615}) (Version: 1.0.0 - Tt eSPORTS)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Vegas Pro 11.0 (HKLM-x32\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Vita 2 (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita Rock Drums (Version: 1.0.0.0 - MAGIX AG) Hidden
Vita String Ensemble (Version: 1.0.0.0 - MAGIX AG) Hidden
VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN)
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Winamp Icon Pack (HKLM-x32\...\Winamp Icon Pack) (Version: 2.0 - Paweł Porwisz)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen (HKLM-x32\...\{C32CE55C-12BA-4951-8797-0967FDEF556F}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinSCP 5.1.7 (HKLM-x32\...\winscp3_is1) (Version: 5.1.7 - Martin Prikryl)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\17.3.4726.0226\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2428131109-3131180398-271353260-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Heimanwender\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

19-05-2015 13:22:38 Windows Update
20-05-2015 21:28:14 Windows Update
22-05-2015 21:44:15 Driver Booster : Adobe AIR
25-05-2015 18:52:22 avast! antivirus system restore point
26-05-2015 10:45:10 Windows Update
29-05-2015 14:48:31 Windows Update
02-06-2015 20:07:22 Windows Update
05-06-2015 11:32:06 Driver Booster : NVIDIA GeForce GTX 560 Ti
05-06-2015 12:28:57 Installed Xirrus Wi-Fi Inspector
05-06-2015 12:35:53 Removed Xirrus Wi-Fi Inspector
05-06-2015 19:32:16 Removed pptPlex from Microsoft Office Labs
05-06-2015 19:33:06 Microsoft Office File Validation Add-In wird entfernt
05-06-2015 19:33:31 Removed Mirror's Edge™
05-06-2015 19:36:15 Removed Microsoft Mathematics
05-06-2015 19:39:48 Octava SD4 wird entfernt
05-06-2015 19:40:18 No23Live wird entfernt
05-06-2015 19:40:53 Removed NetSpeedMonitor 2.5.4.0 x64
05-06-2015 19:41:03 Removed Avid License Control.
05-06-2015 19:41:15 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
05-06-2015 19:41:28 Entfernte Microsoft SQL Server 2008 Browser
05-06-2015 19:42:03 Entfernte Microsoft SQL Server VSS Writer
05-06-2015 19:42:15 Entfernte Microsoft SQL Server 2008 Native Client
05-06-2015 19:42:33 Entfernte Microsoft SQL Server 2008 R2 Management Objects
05-06-2015 19:42:49 Entfernte Microsoft SQL Server System CLR Types
05-06-2015 19:46:59 Microsoft Visual C++ 2005 Redistributable (x64) wird entfernt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-23 19:03 - 2015-01-22 13:48 - 00003838 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 activation.cloud.techsmith.com 
127.0.0.1 activate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com

There are 64 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01D40D6F-E468-4296-9088-71A31C8D4830} - System32\Tasks\Driver Booster SkipUAC (Heimanwender) => D:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-02-05] (IObit)
Task: {05090992-BBE1-4270-A42E-ECA7AC69EFA3} - System32\Tasks\Google Updater and Installer => C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {0F5C5BF4-4D02-4273-9A91-A32AC56CF6F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {0FA97304-1BDB-4934-9EF3-A8167D9FA145} - System32\Tasks\{B182F83E-D528-47E8-9144-D1CFA03EAE30} => pcalua.exe -a C:\Users\Heimanwender\AppData\Local\Temp\Temp1_ARMA2_OA_Build_96584.zip\ARMA2_OA_Build_96584.exe
Task: {1EA12561-F3F7-4BB6-8C13-2B8C983C196B} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-04-10] (Oracle Corporation)
Task: {265B1B84-94DC-4F83-9166-8BF966BE781B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {2BEACCC9-92F2-4BDC-869A-D57F7ED4F0FE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000Core => C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {2EAAF795-390C-4719-AAD9-9CB1F3292099} - System32\Tasks\{C993C11E-7117-47AC-A939-E6622FB9297F} => F:\TubeBox341_Setup.exe
Task: {3573395B-2830-48FF-AE4D-2D4BF356F618} - System32\Tasks\{0772C565-9512-48D2-961D-8E3D8616AD47} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {466F7057-EDE2-4D47-9577-723C464085E7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-29] (Piriform Ltd)
Task: {5BDE86DE-897C-4890-A217-32FC99516ABF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {64E11F89-6A28-47E4-B3E7-840AC8F65BEE} - System32\Tasks\{8A559A82-0722-45FA-AD42-67E5033072DB} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {77C65617-B1EF-4F26-9721-05D1CD526057} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-12-15] (Google Inc.)
Task: {845B7B92-65B1-4EBB-860E-2F42111B4D4C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000UA => C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-26] (Google Inc.)
Task: {8B3CB51C-94DB-4967-85D7-28FE17976C26} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {907AA91E-33EB-4782-8FF4-8701DE02FCDC} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {92644775-CD1A-472A-8342-B1DD9042A553} - System32\Tasks\Driver Booster Update => D:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-02-05] (IObit)
Task: {97D91E25-0FC5-45F1-A4D6-F6AD2D96A3B0} - System32\Tasks\avast! Emergency Update => d:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-05-25] (Avast Software s.r.o.)
Task: {9CB6ED6F-04C8-4DA1-B66F-46B3D6B02624} - System32\Tasks\{AC58AA2F-F5DD-436E-89E6-7C885D46E0FF} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9E8E7DCE-4DD1-45B9-8BE9-72365C73B794} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {A8BA3C50-0ACF-4754-9DB5-70A3B923862C} - System32\Tasks\{41387282-C4D6-40BF-898F-8D575D15F09B} => pcalua.exe -a D:\Downloads\Programme\Sicherheit_und_Cleaner\Audials_Tunebite-Setup_10.2.exe -d D:\Downloads\Programme\Sicherheit_und_Cleaner
Task: {AA510B9E-EE64-4770-A98D-016C129F24D8} - System32\Tasks\{85B304DB-87AF-4A7C-ACBA-CCE2B52A1B90} => F:\TubeBox341_Setup.exe
Task: {AF0F279C-D698-493E-AD18-ADCFABF50626} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\MpCmdRun.exe
Task: {B21A1222-D716-4FD7-A4EA-9A6E9DFA2535} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {C4B93AC0-10D8-437B-9998-74451616F301} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-22] (Adobe Systems Incorporated)
Task: {C8023CB9-EFE4-4DF8-B408-7FC01A952FCD} - System32\Tasks\{A894B339-CB33-4457-8C53-CE6BCFDB956D} => F:\TubeBox341_Setup.exe
Task: {CD10EC32-8D8A-43C4-8FD1-4D4A00B3DE1F} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CE0FFD47-03E3-470B-A23E-F1079472955B} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {D479BE8F-F8E8-454F-A2E4-BBFD7394CF09} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2010-11-27] (ASUSTeK Computer Inc.)
Task: {DD604E76-B86F-4362-98C9-9958A1B41411} - System32\Tasks\{761500D9-E315-46EC-AF5F-C9832F26AD75} => pcalua.exe -a "D:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\InstallHook.exe" -d "D:\Program Files\TeamSpeak 3 Client\plugins\ts3overlay\" -c ts3overlay_hook_win32.dll 10000
Task: {E8860830-7328-4582-813A-2C3601356371} - System32\Tasks\{B4959AEA-9E10-43C8-BE4B-886EBFFF37B5} => pcalua.exe -a C:\Users\Heimanwender\AppData\Local\Temp\Temp1_ProMod.zip\ProMod.exe
Task: {EAA18274-3CEA-4942-AD52-5E9C15247A7A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {EE8C2731-438D-4AF8-96EA-6A91C76AE8EE} - System32\Tasks\Driver Booster Scan => D:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-02-04] (IObit)
Task: {FB9F967B-966B-47EE-83FF-EF4F06215ACB} - System32\Tasks\ASUS\AsBackupWizard_Run => C:\Program Files (x86)\ASUS\\AsBackupWizard\\AsRunBkWizardHelper.exe [2010-04-24] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverToolkit Autorun.job => C:\Program Files (x86)\DriverToolkit\DriverToolkit.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000Core.job => C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2428131109-3131180398-271353260-1000UA.job => C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-08-01 18:10 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-10-24 18:57 - 2014-04-16 10:22 - 00029184 _____ () C:\Windows\System32\usp01l.dll
2011-04-14 02:53 - 2010-11-03 19:30 - 00918144 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
2011-04-14 02:53 - 2010-12-02 04:15 - 00915584 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
2011-04-14 02:53 - 2010-10-21 11:52 - 00586880 _____ () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
2012-06-27 17:40 - 2014-08-02 13:26 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-06-11 23:58 - 2013-06-11 23:58 - 03316080 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_v_1_1_0_x64.dll
2014-07-28 20:29 - 2014-07-28 20:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-28 20:32 - 2014-07-28 20:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-28 20:29 - 2014-07-28 20:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-28 20:31 - 2014-07-28 20:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2012-03-09 10:58 - 2012-03-09 10:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 10:58 - 2012-03-09 10:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-03-13 20:12 - 2014-03-13 20:12 - 00173568 _____ () D:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-03-13 20:12 - 2014-03-13 20:12 - 01080832 _____ () D:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-13 20:12 - 2014-03-13 20:12 - 00833024 _____ () D:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-07-30 16:13 - 2014-08-07 10:57 - 00102344 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2012-07-30 16:13 - 2014-08-07 10:57 - 00108488 _____ () D:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-03-13 20:12 - 2014-03-13 20:12 - 00030208 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-13 20:12 - 2014-03-13 20:12 - 00233984 _____ () D:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-06-25 18:31 - 2014-08-07 10:57 - 00265160 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\lua_plugin.dll
2015-04-02 18:44 - 2015-05-08 12:09 - 00486912 _____ () D:\Program Files\TeamSpeak 3 Client\plugins\soundboard.dll
2015-05-25 18:52 - 2015-05-25 18:52 - 00104400 _____ () d:\Program Files\AVAST Software\Avast\log.dll
2015-05-25 18:52 - 2015-05-25 18:52 - 00081728 _____ () d:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-06-07 13:26 - 2015-06-07 13:26 - 02952192 _____ () d:\Program Files\AVAST Software\Avast\defs\15060700\algo.dll
2011-04-14 02:53 - 2015-06-07 13:25 - 00020992 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\PEbiosinterface32.dll
2011-04-14 02:53 - 2010-06-29 12:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.13\ATKEX.dll
2014-04-17 15:21 - 2012-07-26 13:35 - 02733568 _____ () C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS Level 10 M\L10MOsd.dll
2015-03-29 13:21 - 2015-03-29 13:21 - 40540672 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2015-05-25 18:52 - 2015-05-25 18:52 - 00104400 _____ () D:\Program Files\AVAST Software\Avast\log.dll
2015-05-25 18:52 - 2015-05-25 18:52 - 00081728 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-05-26 10:52 - 2015-05-22 22:22 - 01281864 _____ () C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 10:52 - 2015-05-22 22:22 - 00080712 _____ () C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\43.0.2357.81\libegl.dll
2015-05-26 10:52 - 2015-05-22 22:22 - 14982472 _____ () C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:JW6m2KBm2FCg5rrIj9HCScBc
AlternateDataStreams: C:\Program Files\Common Files\System:SofsBKE0v8ihMLEYXrVPiFH0PHKtV
AlternateDataStreams: C:\ProgramData\Microsoft:8qQKF1dPrGktEeVO4fXx2vdLLbGu
AlternateDataStreams: C:\ProgramData\Microsoft:sk2D9QCziRSAUxNQHa
AlternateDataStreams: C:\ProgramData\TEMP:BC359956

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2428131109-3131180398-271353260-1000\Software\Classes\.exe: exefile =>  <===== ATTENTION!
HKU\S-1-5-21-2428131109-3131180398-271353260-1000\Software\Classes\exefile:  <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-2428131109-3131180398-271353260-1000\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2428131109-3131180398-271353260-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Heimanwender\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: c2cautoupdatesvc => 2
MSCONFIG\Services: c2cpnrsvc => 2
MSCONFIG\Services: EpsonCustomerParticipation => 2
MSCONFIG\Services: EpsonScanSvc => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SWAS_Core => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TabletInputService => 3
MSCONFIG\Services: TapiSrv => 3
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Google Calendar Sync.lnk => C:\Windows\pss\Google Calendar Sync.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^phase-6 Reminder.lnk => C:\Windows\pss\phase-6 Reminder.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => 
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EADM => "D:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Google Update => "C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: H2O => 
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => 
MSCONFIG\startupreg: mobilegeni daemon => 
MSCONFIG\startupreg: NBAgent => 
MSCONFIG\startupreg: OneDrive => "C:\Users\Heimanwender\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
MSCONFIG\startupreg: Overwolf => 
MSCONFIG\startupreg: Rohos => C:\Program Files (x86)\Rohos\agent.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WinampAgent => "D:\Program Files (x86)\Winamp\winampa.exe"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{62E694A1-FFC1-47BA-9A20-FC714A28B8B1}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{57D69867-4779-4DEE-9137-0334BD964F53}] => (Allow) LPort=2869
FirewallRules: [{D6B16F27-95A3-40BA-8FF4-30D7CEC57FFB}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{3D2306B8-8B4B-469E-8FB9-850E1CAF0111}D:\spiele\bsp.exe] => (Allow) D:\spiele\bsp.exe
FirewallRules: [UDP Query User{4183A426-85F4-434D-AF86-43A2CC001626}D:\spiele\bsp.exe] => (Allow) D:\spiele\bsp.exe
FirewallRules: [{87651E53-053C-4729-8264-520214E4C3A5}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{9F0548D5-0E3B-4402-9078-A67DE5276790}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBSP.exe
FirewallRules: [{80193449-DD3F-49D2-9D9A-86EF69058FC4}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{FC296EAD-E5B8-4A83-B032-7C9D4D3D5C8A}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{2C1319A6-CEC0-42CA-AAA8-7CE46E05296B}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{C7312F0E-9B91-4E3E-B3E5-1D3097B84899}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\AssassinsCreedBrotherhood.exe
FirewallRules: [{6EC5B9CA-4712-4B80-A1FE-B5AD3437BA0E}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{9C64048F-0E31-4964-93F7-3ABD62711D0E}] => (Allow) D:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\UPlayBrowser.exe
FirewallRules: [{DE9FE91C-A812-4779-B5D0-85DEC05BCA41}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{23374AD2-4D90-4357-AF7E-C6064E3046D7}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{05178F5D-F897-4124-B69E-2B490D592CB2}] => (Allow) D:\Spiele\ACRSP.exe
FirewallRules: [{A0FCBA3D-1583-43F0-AF1F-5870AB83706E}] => (Allow) D:\Spiele\ACRSP.exe
FirewallRules: [{2C4257B2-71BE-4739-AAF2-732047400AA3}] => (Allow) D:\Spiele\AssassinsCreedRevelations.exe
FirewallRules: [{448A8E00-768F-4DFA-95F3-35D921185F6C}] => (Allow) D:\Spiele\AssassinsCreedRevelations.exe
FirewallRules: [{99B94FF2-F218-4A82-AF15-5124672B1F94}] => (Allow) D:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [{E5E9B63E-CCED-4F0A-84B1-2D367AE955C7}] => (Allow) D:\Program Files (x86)\Rockstar Games\Max Payne 3\PlayMaxPayne3.exe
FirewallRules: [TCP Query User{68308FD6-A775-4CF9-9437-5483C605C07D}D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{87D5E0A7-14B5-4BF4-84D9-47C9ECC448A4}D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [{4C017E49-4AAE-4C01-A1F0-ED7E397925B2}] => (Allow) D:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{B55F9623-1741-4B11-9192-DF78895F6379}] => (Allow) D:\Program Files\Bohemia Interactive\ArmA 2\arma2.exe
FirewallRules: [{A70DBA55-54C6-40A7-BCF8-7042A8EECAC7}] => (Allow) D:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe
FirewallRules: [{D60AFC1A-1A35-4D4D-8B79-FFBF7A35345F}] => (Allow) D:\Program Files\Bohemia Interactive\ArmA 2\arma2OA.exe
FirewallRules: [{446F4939-0622-46B0-BD7F-725BB826F338}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{A1D33D1E-905E-4AE2-ADFF-61C9C1F0777C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{41C249E2-B26C-4876-AF48-1A45AC979539}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe] => (Allow) D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{15CCAF1A-4BA3-42F1-AA5C-D6A3B6987E9B}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe] => (Allow) D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [{DE1F8FA7-106C-483A-A87A-13E58BC41DB4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{BF678CC5-B03A-4065-8CB8-C18BDC130059}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{5AF4FBA1-ABD8-4E9F-9C1F-1D7B81B44A08}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Allow) D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [{84601D2A-E5C9-4259-9B63-7C4680E004A9}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A89B1D59-F3A4-4EF3-90B0-C5AE0909B8F8}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1EF1117E-CE21-4C97-BA54-3397C43DD7D3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C6C2B40F-B9B4-4188-98B0-283625C31A5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{8035BC5E-48C6-4836-B608-BE7018DD131F}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Block) D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [UDP Query User{EB467FF8-53AC-4293-AC5A-17C79B436FC0}D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe] => (Block) D:\program files (x86)\electronic arts\crytek\crysis 2\bin32\crysis2.exe
FirewallRules: [{482CCC15-5EA1-4F9B-884D-E5A1AEC1CFEE}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EB18F2C5-BD1A-4D72-8C27-FAE7E93A7AFE}] => (Allow) D:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{DA73350D-3FC3-484B-A265-257DEC6FA5B4}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe] => (Allow) D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [UDP Query User{B9D02E5D-A9EC-46CE-B26F-C53597C6B0E0}D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe] => (Allow) D:\program files\bohemia interactive\arma 2\expansion\beta\arma2oa.exe
FirewallRules: [{49F4E776-AEE3-49D7-9944-53A71BDF55C6}] => (Allow) C:\Users\Heimanwender\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{BDCACAEF-BC73-4098-9AC3-E9FB5FFD5A6F}] => (Allow) C:\Users\Heimanwender\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{2F0B368F-89C0-4896-98C3-338391F408D5}] => (Allow) D:\Program Files (x86)\BF3\Battlefield 3\bf3.exe
FirewallRules: [{C20C0DD8-552B-4B72-89F2-5A2BEC2F392F}] => (Allow) D:\Program Files (x86)\BF3\Battlefield 3\bf3.exe
FirewallRules: [{8504D805-5B86-4517-9263-1EE258E49DAA}] => (Allow) D:\Program Files (x86)\Origin\Origin.exe
FirewallRules: [{737FDBC2-8871-434F-806C-08FCE37FA283}] => (Allow) D:\Spiele\ACRMP.exe
FirewallRules: [{BF78F346-D81F-4A8C-ADE6-C4E37CEF43D2}] => (Allow) C:\Users\Heimanwender\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{D3D8EC4B-BBE5-40BC-8426-EA163D3420AB}] => (Allow) C:\Users\Heimanwender\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [TCP Query User{65189B0E-108C-44E7-B976-33BBFD5B61F0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{13F0B6EE-AC0D-4C39-9FCD-5897848134A8}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{5B26FA27-768A-42B7-9E29-9898B453912A}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{22EAA948-DDAB-46DE-9300-86B1E5ABE3FF}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{3DB60A02-D41B-4C24-BAA6-411DAD88E788}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{5F3BAE6A-9D93-46BC-BE38-01DF0C39E2D5}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{093965C0-1318-43D4-82A3-70F4D2162065}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{367C2DA3-5022-445F-940A-6F2EB2769BE3}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [TCP Query User{5BE89389-39E6-4FF5-BD08-6165A85F206D}D:\downloads\spiele\blobby-1.0rc3\blobby.exe] => (Allow) D:\downloads\spiele\blobby-1.0rc3\blobby.exe
FirewallRules: [UDP Query User{A16DD37D-9F2F-4BAF-B660-A1AF7A31C0FB}D:\downloads\spiele\blobby-1.0rc3\blobby.exe] => (Allow) D:\downloads\spiele\blobby-1.0rc3\blobby.exe
FirewallRules: [{383D0F07-CD36-4712-9F70-C2C73298B397}] => (Block) D:\downloads\spiele\blobby-1.0rc3\blobby.exe
FirewallRules: [{FE38352B-22CE-4554-9B58-95BDBDB4C886}] => (Block) D:\downloads\spiele\blobby-1.0rc3\blobby.exe
FirewallRules: [TCP Query User{4C316FAC-D025-4C87-83A4-B51EAA1DFCAF}D:\spiele\hairy_harry\harry-1.2.0\harry.exe] => (Allow) D:\spiele\hairy_harry\harry-1.2.0\harry.exe
FirewallRules: [UDP Query User{1BF98EBB-65C1-4AD4-B7CC-C31DE524B1EC}D:\spiele\hairy_harry\harry-1.2.0\harry.exe] => (Allow) D:\spiele\hairy_harry\harry-1.2.0\harry.exe
FirewallRules: [{94BAF0CC-6183-4CFB-810F-7D52354B1B94}] => (Block) D:\spiele\hairy_harry\harry-1.2.0\harry.exe
FirewallRules: [{F640BFAB-B2C1-4A87-84F4-3463C9E039CD}] => (Block) D:\spiele\hairy_harry\harry-1.2.0\harry.exe
FirewallRules: [{BF4D7DF0-49BB-42A5-A066-96199AF9FAE6}] => (Allow) C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AEE69A56-416D-4217-8BD2-2AA4A12D17E7}] => (Allow) C:\Users\Heimanwender\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{68F12E30-CFC1-4BAB-83D0-80487F1A1679}D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [UDP Query User{9B589F56-C0D3-49A7-B4BA-621A8B18855B}D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe] => (Allow) D:\program files (x86)\rockstar games\max payne 3\maxpayne3.exe
FirewallRules: [TCP Query User{627A6694-E2EE-4932-8192-450A9028E3A2}D:\program files\bohemia interactive\arma 2\arma2oa.exe] => (Allow) D:\program files\bohemia interactive\arma 2\arma2oa.exe
FirewallRules: [UDP Query User{394A4FED-89A9-4A5A-9012-5717EF735095}D:\program files\bohemia interactive\arma 2\arma2oa.exe] => (Allow) D:\program files\bohemia interactive\arma 2\arma2oa.exe
FirewallRules: [TCP Query User{4026D9BB-CE07-4340-9F9B-76365E0DEF3A}D:\downloads\programme\kommunikation\ts_server\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\downloads\programme\kommunikation\ts_server\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [UDP Query User{82D2CF37-1906-40A2-99EB-16E54F710BC4}D:\downloads\programme\kommunikation\ts_server\teamspeak3-server_win64\ts3server_win64.exe] => (Allow) D:\downloads\programme\kommunikation\ts_server\teamspeak3-server_win64\ts3server_win64.exe
FirewallRules: [{49C7CADE-42BB-4DAD-94D9-6E5F2006DBD0}] => (Allow) D:\Program Files (x86)\BF3\Battlefield 1942\BF1942.exe
FirewallRules: [{A6128F40-5CA0-4EEA-BD2B-397A40A9DA12}] => (Allow) D:\Program Files (x86)\BF3\Battlefield 1942\BF1942.exe
FirewallRules: [{C0BC5BB3-4A0E-4092-A077-ED6C7B3C8D43}] => (Allow) D:\Program Files (x86)\No23Live\No23Live.exe
FirewallRules: [{470342FA-B146-44A5-9F34-77E6700B8DDE}] => (Allow) D:\Program Files (x86)\No23Live\No23Live.exe
FirewallRules: [{514585EA-AB43-4970-BA2C-9E610C98D68D}] => (Allow) D:\Program Files (x86)\BF3\Dead Space 3\deadspace3.exe
FirewallRules: [{57B0221A-ADA2-4EAC-952B-FD1A44698EC8}] => (Allow) D:\Program Files (x86)\BF3\Dead Space 3\deadspace3.exe
FirewallRules: [{7FF48C6F-78D3-468A-8CF3-55C4D992CD13}] => (Allow) D:\Program Files (x86)\BF3\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [{4C9C3B63-0290-4C1D-9166-970E0B1F0177}] => (Allow) D:\Program Files (x86)\BF3\Mirrors Edge\Binaries\MirrorsEdge.exe
FirewallRules: [TCP Query User{A7DF8F7D-4886-4DCA-865A-EF28A5DADFA3}D:\program files (x86)\bf3\medal of honor\mp\mohmpgame.exe] => (Allow) D:\program files (x86)\bf3\medal of honor\mp\mohmpgame.exe
FirewallRules: [UDP Query User{48B8E203-FC7E-4974-A5E3-4D15245047E0}D:\program files (x86)\bf3\medal of honor\mp\mohmpgame.exe] => (Allow) D:\program files (x86)\bf3\medal of honor\mp\mohmpgame.exe
FirewallRules: [TCP Query User{15DFD223-A342-4E77-ABB9-683A2EE967DA}D:\program files (x86)\bf3\medal of honor\binaries\moh.exe] => (Allow) D:\program files (x86)\bf3\medal of honor\binaries\moh.exe
FirewallRules: [UDP Query User{922E513A-B628-4FC6-B486-BF243A6C851A}D:\program files (x86)\bf3\medal of honor\binaries\moh.exe] => (Allow) D:\program files (x86)\bf3\medal of honor\binaries\moh.exe
FirewallRules: [{9B4CBE19-481A-41CF-951D-F61FBB321C30}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EE98B6AC-61C3-4F6D-8248-A8E31128EEB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{10A16946-8095-48A6-8473-ADCA243C1A57}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C310985D-1811-4F11-A8F1-901E55D29058}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{3DD93F4A-EA87-41E6-897A-622D96EEA9C8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{685937D2-16E0-4CDB-88D1-00135E156B8D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{E2E0F257-27D7-4BF1-8AB0-2966696D26C0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Grid\grid.exe
FirewallRules: [{21F82058-7550-46F1-B9E5-8CD059B2D1BA}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Grid\grid.exe
FirewallRules: [{E1031D45-FBCF-4806-9DE1-24CC181A79AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{1362F4EC-4F80-48BD-8BB7-E3A6082BE0B2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{20551D48-2232-497A-BCE2-361F49494F8C}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{69663C09-ED10-4456-A0D7-E3AC21CBDD18}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\Benchmark.bat
FirewallRules: [{32F7CCE8-70C4-4D8D-8BBE-E36D3E0134D9}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{06050D05-381C-4DC0-A4B6-9069A8F5572B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{0EE61153-C621-402C-B1A4-64809C04C6F0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{B29DDAFB-CFBB-4BF0-9C4C-D754F33F40D1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{2C77379C-E6A5-4502-8D33-BE0CAE1C4EEC}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{F6826306-9E48-4B5E-937E-DF251A3F495D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{AF36FFE7-9881-411E-8BAD-88D24E8A62FD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{66BE739D-8E12-4877-A576-BCF6ED84690E}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{D0F19116-D490-49CB-A800-63100D51B823}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{66FA0FD5-D5F2-4362-AC5B-98EC6D26DD7D}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{07B03D2B-2A02-417E-B57E-77D91F6E5083}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{756C2156-7A58-44DD-B9D6-F2D893F79FE0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\rust.exe
FirewallRules: [{18E5F6A0-BCFC-4EF0-A4D8-5D9D095E38E0}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [{45257ECE-759A-4B76-8532-0BA8DE407D64}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\rustlauncher.exe
FirewallRules: [TCP Query User{53745E29-FEB5-49FE-905F-42D31D567391}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe
FirewallRules: [UDP Query User{6F9CDD90-3D2E-4FE9-8CB9-28A16B7D285A}D:\program files (x86)\winamp\winamp.exe] => (Allow) D:\program files (x86)\winamp\winamp.exe
FirewallRules: [TCP Query User{D016A6CB-E773-4AA4-B4D0-52DB06E76E98}D:\program files (x86)\java\bin\javaw.exe] => (Allow) D:\program files (x86)\java\bin\javaw.exe
FirewallRules: [UDP Query User{8D25A877-A192-435C-9CFD-2C853AA7E1F2}D:\program files (x86)\java\bin\javaw.exe] => (Allow) D:\program files (x86)\java\bin\javaw.exe
FirewallRules: [TCP Query User{3371C214-2299-4F21-968E-D29031C4407C}D:\downloads\ai_pictures\withsix-play.exe] => (Allow) D:\downloads\ai_pictures\withsix-play.exe
FirewallRules: [UDP Query User{44761455-A183-431D-8D2D-79CDE5A2296E}D:\downloads\ai_pictures\withsix-play.exe] => (Allow) D:\downloads\ai_pictures\withsix-play.exe
FirewallRules: [{3F9B6B4C-C53F-46CB-B139-F1E8785E2146}] => (Allow) D:\Program Files (x86)\BF3\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{6B98C428-5735-4022-A681-643EB599D068}] => (Allow) D:\Program Files (x86)\BF3\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{19631DF0-D3A8-4C38-ACB9-BCE7AF30145C}] => (Allow) D:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{53DB5E20-9B9C-40BC-9C62-B7F03CBB6AA3}] => (Allow) D:\Program Files\Ubisoft\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{D899BA76-69AF-4F3F-9619-031C73777E82}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{DD871AF5-D9F9-4D85-9F75-82BCD7412BE1}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\TrialsPC\datapack\trialsFMX.exe
FirewallRules: [{F9E5F1A5-B9D3-4065-86B6-F4BE82BFE828}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{FF1F28C9-2DC5-40D3-A7D5-945FE09D20D5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33193053-3C83-4E40-B13D-8F142CACC37C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{C90A5126-A4A2-4B91-A041-486C2795C672}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{0CBAB607-3FF6-4C53-9AA2-B344FEFD206A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DE4D1100-8B49-4221-9CF6-59DF0C93CCD8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{C314075A-39B0-44E5-AF03-B07A30DFEF5A}D:\program files (x86)\steam\steamapps\common\nether\game\binaries\win64\nether.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\nether\game\binaries\win64\nether.exe
FirewallRules: [UDP Query User{DB3AB947-C37C-403B-B256-0F67A759A6D1}D:\program files (x86)\steam\steamapps\common\nether\game\binaries\win64\nether.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\nether\game\binaries\win64\nether.exe
FirewallRules: [TCP Query User{CB2A8447-EE69-4555-AED1-81CE9591777A}D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [UDP Query User{70624C17-E7FA-4738-B060-089AA2DF6DEF}D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\total war rome ii\rome2.exe
FirewallRules: [{554ABD3F-7A16-4B80-91AF-B6482E822296}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{B37674D4-02E9-488E-9800-237C3E382DC2}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\Blacklist_Launcher.exe
FirewallRules: [{57BA8D8C-2F17-4E3A-8C58-1E7D4B167891}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{C5F4EAE7-892A-4338-B9C5-08471FFC765A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{46D9BEF9-1832-4267-9D57-11DE4B1134C8}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{B9CBAF1A-E265-4ACE-A224-3A03D9664638}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{A8F67BFD-091C-43BB-BF63-8DCEED098332}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{724E62AC-AF80-43E4-9A48-0F0C81B56085}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Tom Clancy's Splinter Cell Blacklist\src\SYSTEM\gu.exe
FirewallRules: [{FFB9D6BE-E275-47EB-88E4-9CE7C8770E80}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{0717C121-9590-4328-BC12-2BD426476C37}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\legacy\rust.exe
FirewallRules: [{B1C6A41D-F900-40A8-8889-18A9F555C52B}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{1A4DF5BE-9049-4A6F-AF5F-E9B0B4CB0E34}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\rust\experimental\Rust.exe
FirewallRules: [{308F936A-EBC4-447F-B9F4-0F59AE89DA58}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{4DFB09BD-0071-40A0-9BED-19EB5635D032}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{4482FB13-04FA-4058-AEBA-309A301880F8}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4BA154EC-972D-4B59-8709-2AD67EA6041B}] => (Allow) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4009481D-2131-4E33-A3AA-65B75D6680F2}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{7668C605-3A92-4A11-9465-ACBE091F1E2C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
FirewallRules: [{2D994777-7971-4A17-BB51-FFEA7B84D8D4}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{3FA5A2AF-F47F-41C0-A89A-0ADB338A097F}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
FirewallRules: [{AE4425EA-77A8-44F8-88BA-3FDFF3D9D73B}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{0795298F-CF2D-47B0-8DF6-731757F5E80A}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{973F4484-AF6F-4810-9E22-817C9F97D868}] => (Allow) C:\Users\Heimanwender\AppData\Local\Temp\Ins7D3B\Setup.exe
FirewallRules: [{1B5646E3-38E4-4FD5-989A-99FF840CCBD6}] => (Allow) C:\Users\Heimanwender\AppData\Local\Temp\Ins7D3B\Setup.exe
FirewallRules: [{58C7C2D3-E2B8-491D-8D92-468964A855A2}] => (Allow) C:\Users\Heimanwender\AppData\Local\Temp\Ins7D3B\Setup.exe
FirewallRules: [{63160E34-3BF9-4A5A-8BF6-372742BED980}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Print Driver 2\PrinterSelector\SUPDApp.exe
FirewallRules: [{3EE284B1-41F1-4D30-A603-F1B55EDCDBBD}] => (Allow) C:\Program Files (x86)\Samsung Easy Color Manager\Samsung Easy Color Manager.exe
FirewallRules: [{FA11E97C-ACB8-4CE6-ADFF-C987E9BAB73D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{15091167-8D14-4B94-8E46-A81281972266}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{E0854170-4885-4EBF-8E07-EDB480809407}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{40B0C363-42B7-4B46-923C-93EC2ADD80DF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDS.Application.exe
FirewallRules: [{BF3A5F53-A145-4BBF-BD18-47E572851D80}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{271E4B84-442B-44B8-84D4-8F6EFF79A261}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\OrderSupplies.exe
FirewallRules: [{302E8493-0E44-4C94-9E1D-8D5F4C6933A9}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{44AFA49D-4541-48E8-9E2A-A278830EF0A0}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\IDSAlert.exe
FirewallRules: [{FFC34E9D-A71C-492E-B304-656B97C1778F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{7109073F-3067-4B1C-937B-DDC972DABE7E}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\uninstall.exe
FirewallRules: [{9B5F3D66-3772-49E5-A615-8A6674800486}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{3C07BC7A-E1A3-409B-B4DF-EAB38AAA84BC}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\CDAS2PC.exe
FirewallRules: [{B618BF32-1C78-4568-BE74-BA981F6E59F6}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{6EA39607-D1D8-4DC0-A252-A39D13DD0631}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\ScanProcess.exe
FirewallRules: [{0C3522D3-AC21-472D-8F77-0A695773C15F}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{FEC398FA-6557-44CF-B99A-108F2BCD1F95}] => (Allow) C:\Program Files (x86)\Samsung\Easy Printer Manager\CDAS2PC\Scan2PCNotify.exe
FirewallRules: [{2B05E111-0597-4032-B8DB-961499E77E61}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{04E3BBB3-F7C2-43D9-A4F5-C71BCB999C2A}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe
FirewallRules: [{7E3B0C24-BC5F-47C7-828E-6F814EE8F9BB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{AB20FF89-9B7C-4982-BB1A-399404910BAD}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{011C486A-35A5-4681-A3A5-0497662DA7B0}] => (Allow) D:\Program Files (x86)\BF3\Titanfall\Titanfall.exe
FirewallRules: [{0510E50E-8848-4728-9B16-F8CC2946E3B4}] => (Allow) D:\Program Files (x86)\BF3\Titanfall\Titanfall.exe
FirewallRules: [{1ECCC477-B3AD-436C-9903-99ABCE8356AE}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{33A33CA3-EF76-41CC-A4BD-EEDC29AF062A}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{53136895-79D3-4D75-B680-53825B7BDDA3}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{2B99E443-3ADB-4640-9FE4-E83E25963AFB}] => (Allow) D:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [TCP Query User{8B07F12B-19C0-4758-96FB-24075C15ED22}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{4F56F175-6841-4354-B529-B3BA3758F5BE}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{F64DA9E9-C74B-4435-B66F-BBCBBB952852}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D93635C5-97EC-4673-8E85-5E68D6BB9A71}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{34832037-FB30-402C-B474-7B431F82E7CD}] => (Allow) C:\Users\Heimanwender\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{A9EB8D1D-4F65-4FD0-BA28-0E669F5CF118}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7F310DC3-AEB6-494D-8AB6-76C580C54EE3}] => (Allow) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{ED0CF591-B4D2-4B95-8785-39990B0EF90D}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{C7EDA616-7889-43E8-9463-62006B212EE7}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{78A53B9C-238E-4497-916E-46288EC545F4}] => (Allow) C:\Users\Heimanwender\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{1AE88B62-1AE4-4EE8-904D-9ADD91252D84}] => (Allow) C:\Users\Heimanwender\AppData\Local\Temp\WZSE0.TMP\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [TCP Query User{D962E582-8D0A-4582-83D8-37F507350218}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{182ACB6A-7A01-4F85-82F0-CF2BEC651EA0}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{0ECF6A02-B2EC-4836-A29E-6E81DF0926F5}C:\users\heimanwender\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\heimanwender\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{EB835971-816E-428C-9EFE-B2EA76CEB55F}C:\users\heimanwender\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\heimanwender\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{4FBB40EA-663D-44AD-B99C-3E56B2E9C99F}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{00B7D36A-D354-4F91-891D-56D760403606}D:\games\world_of_tanks\worldoftanks.exe] => (Allow) D:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{C126D4CF-203F-4419-87B3-3350A6E70F92}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{A1BCA0E7-4A58-4FEE-843E-E5516C786AC3}D:\games\world_of_tanks\wotlauncher.exe] => (Allow) D:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{6742F610-9617-47E8-97FA-8825F7D0F293}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [{67277F15-3C84-4D07-9BA9-36AAC16255AF}] => (Allow) C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe
FirewallRules: [TCP Query User{5AF5185C-E688-4B03-9372-791D834CA88D}C:\users\heimanwender\desktop\tacticplanner\tacticplanner.exe] => (Block) C:\users\heimanwender\desktop\tacticplanner\tacticplanner.exe
FirewallRules: [UDP Query User{8EEA63A9-0D7C-4EC0-BE79-BE4A087A5404}C:\users\heimanwender\desktop\tacticplanner\tacticplanner.exe] => (Block) C:\users\heimanwender\desktop\tacticplanner\tacticplanner.exe
FirewallRules: [TCP Query User{7238359F-5864-41BC-A33A-BB74A0CEC936}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{C47A3C51-7F96-4291-AAC5-81E30407E4CD}D:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) D:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{3259E45F-4895-41E8-BD2D-C5E95B21D06A}D:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) D:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{29DB5AF8-A52C-484A-994F-EF4D6F824456}D:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) D:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{8B011309-9DDA-48BB-9665-D8C5EFF73170}D:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{D5FF06B4-83FF-4A29-AEF3-FA273ECEA0FE}D:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) D:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [{D2F5DE75-7A1A-4D0C-A9F6-3116A74BB564}] => (Allow) D:\Program Files (x86)\BF3\Titanfall\Titanfall.exe
FirewallRules: [{8F0218AC-3780-41A5-BDFB-F5990EC277DB}] => (Allow) D:\Program Files (x86)\BF3\Titanfall\Titanfall.exe
FirewallRules: [{B8D42D2A-D973-40F4-99B8-D8610CE011A7}] => (Allow) C:\Users\Heimanwender\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: asmthub3
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (06/07/2015 01:25:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 05:34:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 07:40:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: No23Live.exe, Version: 1.0.4.20, Zeitstempel: 0x4cdd7484
Name des fehlerhaften Moduls: No23Live.exe, Version: 1.0.4.20, Zeitstempel: 0x4cdd7484
Ausnahmecode: 0xc0000417
Fehleroffset: 0x00085d0f
ID des fehlerhaften Prozesses: 0x270
Startzeit der fehlerhaften Anwendung: 0xNo23Live.exe0
Pfad der fehlerhaften Anwendung: No23Live.exe1
Pfad des fehlerhaften Moduls: No23Live.exe2
Berichtskennung: No23Live.exe3

Error: (06/05/2015 06:48:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 11:44:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 11:12:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 08:46:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 07:44:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 10:48:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 10:33:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/07/2015 01:26:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/07/2015 01:25:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/06/2015 10:54:04 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: Die Dateisystemstruktur auf dem Datenträger ist beschädigt und unbrauchbar.
Führen Sie auf dem Volume "WIN7" den Befehl "chkdsk" aus.

Error: (06/06/2015 05:35:36 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/06/2015 05:34:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/05/2015 06:49:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (06/05/2015 06:49:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTLOKALER DIENSTS-1-5-19LocalHost (unter Verwendung von LRPC)

Error: (06/05/2015 06:48:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (06/05/2015 00:43:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/05/2015 11:45:42 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)


Microsoft Office:
=========================
Error: (06/07/2015 01:25:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 05:34:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 07:40:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: No23Live.exe1.0.4.204cdd7484No23Live.exe1.0.4.204cdd7484c000041700085d0f27001d09fb6a9d5be86C:\ProgramData\Caphyon\Advanced Installer\{6A1482E0-7119-4A66-BBF1-FFD95A6BA16C}\No23Live.exeC:\ProgramData\Caphyon\Advanced Installer\{6A1482E0-7119-4A66-BBF1-FFD95A6BA16C}\No23Live.exee8fb6a05-0ba9-11e5-a25e-f46d049e16f1

Error: (06/05/2015 06:48:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 11:44:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 11:12:14 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 08:46:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/04/2015 07:44:45 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 10:48:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/03/2015 10:33:34 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2013-10-20 16:17:29.841
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HEIMAN~1\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-10-20 16:17:29.809
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HEIMAN~1\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-09 19:56:44.381
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-09 19:56:44.335
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-09 19:54:41.476
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-07-09 19:54:41.428
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\vrtaucbl.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-11 17:20:59.967
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HEIMAN~1\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-05-11 17:20:59.925
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\HEIMAN~1\AppData\Local\Temp\ListOpenedFileDrv_64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-19 19:27:12.872
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-02-19 19:27:12.841
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\FsUsbExDisk.Sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
Percentage of memory in use: 28%
Total physical RAM: 12269.22 MB
Available physical RAM: 8770.75 MB
Total Pagefile: 16363.43 MB
Available Pagefile: 12586.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (WIN7) (Fixed) (Total:90.88 GB) (Free:5.33 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:115.71 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 1779F73F)
Partition 1: (Not Active) - (Size=28.4 GB) - (Type=1B)
Partition 2: (Active) - (Size=90.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1BBF9FB3)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of log ============================

--- --- ---

schrauber · 08.06.2015, 06:13

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

pcsagtnein · 08.06.2015, 18:51

"Scanning finished - no malware found!"

schrauber · 09.06.2015, 10:17

und TDSSKiller?

pcsagtnein · 09.06.2015, 21:33

Hallo Schrauber,
Da wurde auch nichts gefunden. Unter Report steht das hier:

Code:

ATTFilter

22:30:30.0258 0x10e4  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:30:42.0896 0x10e4  ============================================================
22:30:42.0896 0x10e4  Current date / time: 2015/06/09 22:30:42.0896
22:30:42.0896 0x10e4  SystemInfo:
22:30:42.0896 0x10e4  
22:30:42.0896 0x10e4  OS Version: 6.1.7601 ServicePack: 1.0
22:30:42.0896 0x10e4  Product type: Workstation
22:30:42.0896 0x10e4  ComputerName: CP-PC-ASUS
22:30:42.0896 0x10e4  UserName: Heimanwender
22:30:42.0896 0x10e4  Windows directory: C:\Windows
22:30:42.0896 0x10e4  System windows directory: C:\Windows
22:30:42.0896 0x10e4  Running under WOW64
22:30:42.0896 0x10e4  Processor architecture: Intel x64
22:30:42.0896 0x10e4  Number of processors: 8
22:30:42.0896 0x10e4  Page size: 0x1000
22:30:42.0896 0x10e4  Boot type: Normal boot
22:30:42.0896 0x10e4  ============================================================
22:30:42.0992 0x10e4  KLMD registered as C:\Windows\system32\drivers\50541886.sys
22:30:43.0034 0x10e4  System UUID: {D3493DF9-2EDB-5752-B3C2-CCD617D62833}
22:30:43.0263 0x10e4  Drive \Device\Harddisk0\DR0 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:30:43.0282 0x10e4  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:30:43.0288 0x10e4  ============================================================
22:30:43.0288 0x10e4  \Device\Harddisk0\DR0:
22:30:43.0288 0x10e4  MBR partitions:
22:30:43.0288 0x10e4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x38B8800, BlocksNum 0xB5C3800
22:30:43.0288 0x10e4  \Device\Harddisk1\DR1:
22:30:43.0288 0x10e4  MBR partitions:
22:30:43.0288 0x10e4  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
22:30:43.0288 0x10e4  ============================================================
22:30:43.0290 0x10e4  C: <-> \Device\Harddisk0\DR0\Partition1
22:30:43.0307 0x10e4  D: <-> \Device\Harddisk1\DR1\Partition1
22:30:43.0307 0x10e4  ============================================================
22:30:43.0307 0x10e4  Initialize success
22:30:43.0307 0x10e4  ============================================================
22:31:15.0825 0x0e54  ============================================================
22:31:15.0825 0x0e54  Scan started
22:31:15.0825 0x0e54  Mode: Manual; SigCheck; TDLFS; 
22:31:15.0825 0x0e54  ============================================================
22:31:15.0825 0x0e54  KSN ping started
22:31:18.0220 0x0e54  KSN ping finished: true
22:31:18.0835 0x0e54  ================ Scan system memory ========================
22:31:18.0835 0x0e54  System memory - ok
22:31:18.0835 0x0e54  ================ Scan services =============================
22:31:18.0860 0x0e54  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:31:18.0898 0x0e54  1394ohci - ok
22:31:18.0909 0x0e54  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:31:18.0922 0x0e54  ACPI - ok
22:31:18.0925 0x0e54  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:31:18.0935 0x0e54  AcpiPmi - ok
22:31:18.0942 0x0e54  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:31:18.0950 0x0e54  AdobeARMservice - ok
22:31:18.0967 0x0e54  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:31:18.0978 0x0e54  AdobeFlashPlayerUpdateSvc - ok
22:31:18.0988 0x0e54  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
22:31:19.0004 0x0e54  adp94xx - ok
22:31:19.0013 0x0e54  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
22:31:19.0026 0x0e54  adpahci - ok
22:31:19.0032 0x0e54  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
22:31:19.0042 0x0e54  adpu320 - ok
22:31:19.0046 0x0e54  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:31:19.0056 0x0e54  AeLookupSvc - ok
22:31:19.0066 0x0e54  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
22:31:19.0084 0x0e54  AFD - ok
22:31:19.0087 0x0e54  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
22:31:19.0095 0x0e54  agp440 - ok
22:31:19.0098 0x0e54  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
22:31:19.0109 0x0e54  ALG - ok
22:31:19.0111 0x0e54  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:31:19.0118 0x0e54  aliide - ok
22:31:19.0121 0x0e54  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:31:19.0128 0x0e54  amdide - ok
22:31:19.0131 0x0e54  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
22:31:19.0141 0x0e54  AmdK8 - ok
22:31:19.0144 0x0e54  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
22:31:19.0153 0x0e54  AmdPPM - ok
22:31:19.0157 0x0e54  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:31:19.0166 0x0e54  amdsata - ok
22:31:19.0172 0x0e54  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
22:31:19.0182 0x0e54  amdsbs - ok
22:31:19.0184 0x0e54  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:31:19.0191 0x0e54  amdxata - ok
22:31:19.0195 0x0e54  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
22:31:19.0204 0x0e54  AppID - ok
22:31:19.0207 0x0e54  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:31:19.0215 0x0e54  AppIDSvc - ok
22:31:19.0218 0x0e54  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
22:31:19.0227 0x0e54  Appinfo - ok
22:31:19.0232 0x0e54  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
22:31:19.0241 0x0e54  arc - ok
22:31:19.0244 0x0e54  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
22:31:19.0253 0x0e54  arcsas - ok
22:31:19.0270 0x0e54  [ FB03A917C1294D3E6D671F24722E1BA3, C4E2C236E5086F0A7D5E20E426EA7A86B4A38797610188C79151201AD27C0DF4 ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.13\atkexComSvc.exe
22:31:19.0295 0x0e54  asComSvc - ok
22:31:19.0312 0x0e54  [ A63173897EA1A73A75D0E65036DE5B15, 07A83172B525DFC895056612F542420F4DF3C6192624C5B3141C726501163912 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
22:31:19.0333 0x0e54  asHmComSvc - ok
22:31:19.0337 0x0e54  [ EDAA17CE771C696655B6585F7CAD2100, 31F4C6A367AE384E97516CB24F9FCCAA4AA12AEF410CB0D06665EB8C3BBDC3EF ] ASInsHelp       C:\Windows\SysWow64\drivers\AsInsHelp64.sys
22:31:19.0343 0x0e54  ASInsHelp - ok
22:31:19.0346 0x0e54  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
22:31:19.0351 0x0e54  AsIO - ok
22:31:19.0356 0x0e54  [ 954950D11ADA98AC1B7EE3C770E4622C, D6D4700D7359AB84FB362305FBF2389B4EF51B4190EC2E0D4C7FEF80A06A0D0B ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
22:31:19.0366 0x0e54  asmthub3 - ok
22:31:19.0376 0x0e54  [ 7ACF4E1A93BF0C365754C2FECE12F1CA, 471B9FE093594FCE6B8BE6E12C28112FB22DCDC45CBE46F6099D2B4BE60D655C ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
22:31:19.0389 0x0e54  asmtxhci - ok
22:31:19.0398 0x0e54  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:31:19.0407 0x0e54  aspnet_state - ok
22:31:19.0419 0x0e54  [ 5C31DFB196CB3A488A041881634D86D2, 419ABEED7FB7CEBBA264802D2F727D18F999CEDA566A0830C38A69AC1680F3EA ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.11\AsSysCtrlService.exe
22:31:19.0435 0x0e54  AsSysCtrlService - ok
22:31:19.0438 0x0e54  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
22:31:19.0443 0x0e54  AsUpIO - ok
22:31:19.0446 0x0e54  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
22:31:19.0454 0x0e54  aswHwid - ok
22:31:19.0457 0x0e54  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
22:31:19.0465 0x0e54  aswMonFlt - ok
22:31:19.0468 0x0e54  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
22:31:19.0476 0x0e54  aswRdr - ok
22:31:19.0479 0x0e54  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
22:31:19.0486 0x0e54  aswRvrt - ok
22:31:19.0506 0x0e54  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
22:31:19.0529 0x0e54  aswSnx - ok
22:31:19.0539 0x0e54  [ B1368BE5F6BA529E0886F4DA2361BD2D, B95F430B4E4EFE9D257870722AA8F0507FB96FBE3AAB12068C662CCB6A180FE2 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
22:31:19.0552 0x0e54  aswSP - ok
22:31:19.0557 0x0e54  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
22:31:19.0566 0x0e54  aswStm - ok
22:31:19.0572 0x0e54  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
22:31:19.0584 0x0e54  aswVmm - ok
22:31:19.0586 0x0e54  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:31:19.0609 0x0e54  AsyncMac - ok
22:31:19.0612 0x0e54  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:31:19.0619 0x0e54  atapi - ok
22:31:19.0633 0x0e54  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:31:19.0654 0x0e54  AudioEndpointBuilder - ok
22:31:19.0668 0x0e54  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
22:31:19.0688 0x0e54  AudioSrv - ok
22:31:19.0865 0x0e54  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus d:\Program Files\AVAST Software\Avast\AvastSvc.exe
22:31:19.0877 0x0e54  avast! Antivirus - ok
22:31:19.0881 0x0e54  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:31:19.0895 0x0e54  AxInstSV - ok
22:31:19.0905 0x0e54  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
22:31:19.0922 0x0e54  b06bdrv - ok
22:31:19.0929 0x0e54  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
22:31:19.0943 0x0e54  b57nd60a - ok
22:31:19.0948 0x0e54  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
22:31:19.0958 0x0e54  BDESVC - ok
22:31:19.0960 0x0e54  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:31:19.0982 0x0e54  Beep - ok
22:31:19.0992 0x0e54  [ 9B6D239CE446D1B99122708F26714B21, 75508121470381BC9A81359B47B998C47893470E59D1135B4CCD5EE6396E04D8 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
22:31:20.0007 0x0e54  BEService - ok
22:31:20.0022 0x0e54  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
22:31:20.0044 0x0e54  BFE - ok
22:31:20.0064 0x0e54  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
22:31:20.0103 0x0e54  BITS - ok
22:31:20.0107 0x0e54  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
22:31:20.0116 0x0e54  blbdrive - ok
22:31:20.0120 0x0e54  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:31:20.0129 0x0e54  bowser - ok
22:31:20.0132 0x0e54  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
22:31:20.0142 0x0e54  BrFiltLo - ok
22:31:20.0145 0x0e54  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
22:31:20.0155 0x0e54  BrFiltUp - ok
22:31:20.0159 0x0e54  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
22:31:20.0170 0x0e54  Browser - ok
22:31:20.0177 0x0e54  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:31:20.0190 0x0e54  Brserid - ok
22:31:20.0193 0x0e54  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:31:20.0203 0x0e54  BrSerWdm - ok
22:31:20.0206 0x0e54  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:31:20.0215 0x0e54  BrUsbMdm - ok
22:31:20.0218 0x0e54  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:31:20.0226 0x0e54  BrUsbSer - ok
22:31:20.0230 0x0e54  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
22:31:20.0240 0x0e54  BTHMODEM - ok
22:31:20.0245 0x0e54  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
22:31:20.0269 0x0e54  bthserv - ok
22:31:20.0272 0x0e54  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:31:20.0296 0x0e54  cdfs - ok
22:31:20.0301 0x0e54  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:31:20.0312 0x0e54  cdrom - ok
22:31:20.0315 0x0e54  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:31:20.0338 0x0e54  CertPropSvc - ok
22:31:20.0341 0x0e54  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
22:31:20.0352 0x0e54  circlass - ok
22:31:20.0360 0x0e54  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
22:31:20.0374 0x0e54  CLFS - ok
22:31:20.0379 0x0e54  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:31:20.0387 0x0e54  clr_optimization_v2.0.50727_32 - ok
22:31:20.0391 0x0e54  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:31:20.0399 0x0e54  clr_optimization_v2.0.50727_64 - ok
22:31:20.0406 0x0e54  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:31:20.0415 0x0e54  clr_optimization_v4.0.30319_32 - ok
22:31:20.0421 0x0e54  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:31:20.0431 0x0e54  clr_optimization_v4.0.30319_64 - ok
22:31:20.0433 0x0e54  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
22:31:20.0442 0x0e54  CmBatt - ok
22:31:20.0445 0x0e54  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:31:20.0451 0x0e54  cmdide - ok
22:31:20.0455 0x0e54  [ 84FC81FF9F291A0FC8D10933C1748F66, 46B6C64659A24C1D4917963FECEC2D6AED516C047762F0B4E67651CF8241A7D8 ] CM_VENDER_CMD   C:\Program Files\Common Files\Logitech\G430Install\CMVC64.sys
22:31:20.0461 0x0e54  CM_VENDER_CMD - ok
22:31:20.0471 0x0e54  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
22:31:20.0490 0x0e54  CNG - ok
22:31:20.0493 0x0e54  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
22:31:20.0500 0x0e54  Compbatt - ok
22:31:20.0503 0x0e54  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:31:20.0513 0x0e54  CompositeBus - ok
22:31:20.0515 0x0e54  COMSysApp - ok
22:31:20.0519 0x0e54  [ BC4B916C2C9D8F023C5679D671DED8E9, 6772778F93AC10D2589B569B1B69A0F8B8580186D09056E623A257D2E9C67471 ] CorsairAudioFilter C:\Windows\system32\DRIVERS\corsveng2kamd64.sys
22:31:20.0527 0x0e54  CorsairAudioFilter - ok
22:31:20.0539 0x0e54  cpuz135 - ok
22:31:20.0542 0x0e54  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
22:31:20.0549 0x0e54  crcdisk - ok
22:31:20.0555 0x0e54  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:31:20.0567 0x0e54  CryptSvc - ok
22:31:20.0578 0x0e54  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:31:20.0610 0x0e54  DcomLaunch - ok
22:31:20.0617 0x0e54  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
22:31:20.0645 0x0e54  defragsvc - ok
22:31:20.0662 0x0e54  [ 0A403702CB00432AC818523CD416BF67, 715DF68750AA949DB199A6B037E9B20BF039DC72E5A9F5F946AB4D786CD844C3 ] Device Handle Service C:\Windows\SysWOW64\AsHookDevice.exe
22:31:20.0671 0x0e54  Device Handle Service - ok
22:31:20.0675 0x0e54  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:31:20.0698 0x0e54  DfsC - ok
22:31:20.0701 0x0e54  dgderdrv - ok
22:31:20.0704 0x0e54  DgiVecp - ok
22:31:20.0711 0x0e54  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:31:20.0726 0x0e54  Dhcp - ok
22:31:20.0749 0x0e54  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:31:20.0778 0x0e54  DiagTrack - ok
22:31:20.0782 0x0e54  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
22:31:20.0805 0x0e54  discache - ok
22:31:20.0809 0x0e54  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
22:31:20.0817 0x0e54  Disk - ok
22:31:20.0822 0x0e54  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:31:20.0834 0x0e54  Dnscache - ok
22:31:20.0840 0x0e54  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:31:20.0867 0x0e54  dot3svc - ok
22:31:20.0872 0x0e54  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
22:31:20.0897 0x0e54  DPS - ok
22:31:20.0899 0x0e54  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:31:20.0908 0x0e54  drmkaud - ok
22:31:20.0915 0x0e54  [ 6A0E850DDCB136AA3D2FB7234382DF12, C01863E95F45E1B74AC65C9CD12C8DC769299218255B3C94E3EBF58C4D79FEF3 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:31:20.0926 0x0e54  dtsoftbus01 - ok
22:31:20.0944 0x0e54  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:31:20.0967 0x0e54  DXGKrnl - ok
22:31:20.0972 0x0e54  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
22:31:20.0996 0x0e54  EapHost - ok
22:31:21.0052 0x0e54  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
22:31:21.0124 0x0e54  ebdrv - ok
22:31:21.0130 0x0e54  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS             C:\Windows\System32\lsass.exe
22:31:21.0140 0x0e54  EFS - ok
22:31:21.0154 0x0e54  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:31:21.0177 0x0e54  ehRecvr - ok
22:31:21.0181 0x0e54  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
22:31:21.0192 0x0e54  ehSched - ok
22:31:21.0203 0x0e54  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
22:31:21.0220 0x0e54  elxstor - ok
22:31:21.0223 0x0e54  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:31:21.0233 0x0e54  ErrDev - ok
22:31:21.0237 0x0e54  [ 932C05033053ADA2404FD836C9AB2C70, 39E3C40DDDCA475F55CD6A044E8CF35A1C25A776B79204CBF76D0DD5D89568D8 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
22:31:21.0244 0x0e54  EuMusDesignVirtualAudioCableWdm - ok
22:31:21.0253 0x0e54  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
22:31:21.0283 0x0e54  EventSystem - ok
22:31:21.0286 0x0e54  ew_hwusbdev - ok
22:31:21.0289 0x0e54  ew_usbenumfilter - ok
22:31:21.0295 0x0e54  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:31:21.0320 0x0e54  exfat - ok
22:31:21.0326 0x0e54  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:31:21.0351 0x0e54  fastfat - ok
22:31:21.0365 0x0e54  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
22:31:21.0387 0x0e54  Fax - ok
22:31:21.0390 0x0e54  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
22:31:21.0399 0x0e54  fdc - ok
22:31:21.0401 0x0e54  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
22:31:21.0424 0x0e54  fdPHost - ok
22:31:21.0427 0x0e54  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:31:21.0451 0x0e54  FDResPub - ok
22:31:21.0454 0x0e54  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:31:21.0462 0x0e54  FileInfo - ok
22:31:21.0465 0x0e54  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:31:21.0489 0x0e54  Filetrace - ok
22:31:21.0492 0x0e54  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
22:31:21.0501 0x0e54  flpydisk - ok
22:31:21.0507 0x0e54  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:31:21.0519 0x0e54  FltMgr - ok
22:31:21.0541 0x0e54  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
22:31:21.0573 0x0e54  FontCache - ok
22:31:21.0578 0x0e54  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:31:21.0586 0x0e54  FontCache3.0.0.0 - ok
22:31:21.0589 0x0e54  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:31:21.0597 0x0e54  FsDepends - ok
22:31:21.0599 0x0e54  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
22:31:21.0604 0x0e54  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
22:31:24.0025 0x0e54  Detect skipped due to KSN trusted
22:31:24.0025 0x0e54  FsUsbExDisk - ok
22:31:24.0028 0x0e54  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:31:24.0036 0x0e54  Fs_Rec - ok
22:31:24.0042 0x0e54  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:31:24.0055 0x0e54  fvevol - ok
22:31:24.0059 0x0e54  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
22:31:24.0067 0x0e54  gagp30kx - ok
22:31:24.0082 0x0e54  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:31:24.0119 0x0e54  gpsvc - ok
22:31:24.0126 0x0e54  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:24.0133 0x0e54  gupdate - ok
22:31:24.0137 0x0e54  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:31:24.0144 0x0e54  gupdatem - ok
22:31:24.0147 0x0e54  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
22:31:24.0154 0x0e54  hamachi - ok
22:31:24.0156 0x0e54  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:31:24.0165 0x0e54  hcw85cir - ok
22:31:24.0173 0x0e54  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:31:24.0190 0x0e54  HdAudAddService - ok
22:31:24.0195 0x0e54  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:31:24.0207 0x0e54  HDAudBus - ok
22:31:24.0210 0x0e54  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
22:31:24.0219 0x0e54  HidBatt - ok
22:31:24.0222 0x0e54  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
22:31:24.0234 0x0e54  HidBth - ok
22:31:24.0237 0x0e54  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
22:31:24.0248 0x0e54  HidIr - ok
22:31:24.0251 0x0e54  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
22:31:24.0274 0x0e54  hidserv - ok
22:31:24.0277 0x0e54  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:31:24.0286 0x0e54  HidUsb - ok
22:31:24.0289 0x0e54  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:31:24.0313 0x0e54  hkmsvc - ok
22:31:24.0319 0x0e54  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:31:24.0333 0x0e54  HomeGroupListener - ok
22:31:24.0338 0x0e54  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:31:24.0351 0x0e54  HomeGroupProvider - ok
22:31:24.0355 0x0e54  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:31:24.0363 0x0e54  HpSAMD - ok
22:31:24.0378 0x0e54  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:31:24.0400 0x0e54  HTTP - ok
22:31:24.0403 0x0e54  huawei_cdcacm - ok
22:31:24.0405 0x0e54  huawei_enumerator - ok
22:31:24.0407 0x0e54  huawei_ext_ctrl - ok
22:31:24.0410 0x0e54  huawei_wwanecm - ok
22:31:24.0414 0x0e54  [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32        C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS
22:31:24.0421 0x0e54  HWiNFO32 - ok
22:31:24.0423 0x0e54  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:31:24.0430 0x0e54  hwpolicy - ok
22:31:24.0435 0x0e54  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
22:31:24.0445 0x0e54  i8042prt - ok
22:31:24.0454 0x0e54  [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor          C:\Windows\system32\drivers\iaStor.sys
22:31:24.0468 0x0e54  iaStor - ok
22:31:24.0478 0x0e54  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:31:24.0493 0x0e54  iaStorV - ok
22:31:24.0499 0x0e54  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:31:24.0503 0x0e54  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
22:31:26.0929 0x0e54  Detect skipped due to KSN trusted
22:31:26.0929 0x0e54  IDriverT - ok
22:31:26.0945 0x0e54  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:31:26.0969 0x0e54  idsvc - ok
22:31:26.0973 0x0e54  IEEtwCollectorService - ok
22:31:26.0975 0x0e54  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
22:31:26.0983 0x0e54  iirsp - ok
22:31:27.0000 0x0e54  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
22:31:27.0025 0x0e54  IKEEXT - ok
22:31:27.0103 0x0e54  [ D63E2B47D1BCB63CCCEF8F591CEDAEE5, AB1E3054D61C10AC565371C6A3FC0CF7433FE2C379C0BFEACF43143C441A56FC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
22:31:27.0184 0x0e54  IntcAzAudAddService - ok
22:31:27.0191 0x0e54  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:31:27.0198 0x0e54  intelide - ok
22:31:27.0201 0x0e54  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:31:27.0211 0x0e54  intelppm - ok
22:31:27.0215 0x0e54  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:31:27.0240 0x0e54  IPBusEnum - ok
22:31:27.0244 0x0e54  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:31:27.0267 0x0e54  IpFilterDriver - ok
22:31:27.0278 0x0e54  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:31:27.0298 0x0e54  iphlpsvc - ok
22:31:27.0302 0x0e54  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:31:27.0312 0x0e54  IPMIDRV - ok
22:31:27.0316 0x0e54  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:31:27.0341 0x0e54  IPNAT - ok
22:31:27.0344 0x0e54  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:31:27.0356 0x0e54  IRENUM - ok
22:31:27.0358 0x0e54  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:31:27.0366 0x0e54  isapnp - ok
22:31:27.0372 0x0e54  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:31:27.0384 0x0e54  iScsiPrt - ok
22:31:27.0387 0x0e54  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:31:27.0395 0x0e54  kbdclass - ok
22:31:27.0397 0x0e54  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:31:27.0407 0x0e54  kbdhid - ok
22:31:27.0410 0x0e54  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
22:31:27.0419 0x0e54  KeyIso - ok
22:31:27.0423 0x0e54  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:31:27.0431 0x0e54  KSecDD - ok
22:31:27.0436 0x0e54  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:31:27.0445 0x0e54  KSecPkg - ok
22:31:27.0448 0x0e54  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
22:31:27.0470 0x0e54  ksthunk - ok
22:31:27.0479 0x0e54  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:31:27.0509 0x0e54  KtmRm - ok
22:31:27.0518 0x0e54  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
22:31:27.0531 0x0e54  LADF_CaptureOnly - ok
22:31:27.0535 0x0e54  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
22:31:27.0542 0x0e54  LADF_RenderOnly - ok
22:31:27.0548 0x0e54  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:31:27.0577 0x0e54  LanmanServer - ok
22:31:27.0582 0x0e54  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:31:27.0608 0x0e54  LanmanWorkstation - ok
22:31:27.0612 0x0e54  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
22:31:27.0618 0x0e54  LGBusEnum - ok
22:31:27.0621 0x0e54  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
22:31:27.0626 0x0e54  LGVirHid - ok
22:31:27.0630 0x0e54  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:31:27.0654 0x0e54  lltdio - ok
22:31:27.0662 0x0e54  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:31:27.0691 0x0e54  lltdsvc - ok
22:31:27.0694 0x0e54  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:31:27.0718 0x0e54  lmhosts - ok
22:31:27.0726 0x0e54  [ 0803906D607A9B83184447B75B60ECC2, A7A599C4CEDD4AC4196A558442E80B4F852AF6C6104A53C8819A79AA5D388DE8 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:31:27.0737 0x0e54  LMS - ok
22:31:27.0742 0x0e54  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
22:31:27.0751 0x0e54  LSI_FC - ok
22:31:27.0755 0x0e54  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
22:31:27.0764 0x0e54  LSI_SAS - ok
22:31:27.0767 0x0e54  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
22:31:27.0775 0x0e54  LSI_SAS2 - ok
22:31:27.0779 0x0e54  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
22:31:27.0788 0x0e54  LSI_SCSI - ok
22:31:27.0792 0x0e54  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:31:27.0816 0x0e54  luafv - ok
22:31:27.0820 0x0e54  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
22:31:27.0826 0x0e54  MBAMProtector - ok
22:31:27.0968 0x0e54  [ 516E29AD03BDF610CC36A95AE692FE42, 09F913B169AD775FF587AE59AEC5DD2A2D8646803F48BF616C74EEC0DE3BE7A2 ] MBAMScheduler   d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:31:28.0028 0x0e54  MBAMScheduler - ok
22:31:28.0078 0x0e54  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     d:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:31:28.0104 0x0e54  MBAMService - ok
22:31:28.0109 0x0e54  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
22:31:28.0116 0x0e54  MBAMWebAccessControl - ok
22:31:28.0120 0x0e54  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:31:28.0132 0x0e54  Mcx2Svc - ok
22:31:28.0141 0x0e54  [ 7CF1B716372B89568AE4C0FE769F5869, 0D70A7A594BCFBB26D7249C0F4B0AF9EF874F2318B3FDCE44648CC61279594ED ] MDM             C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
22:31:28.0150 0x0e54  MDM - detected UnsignedFile.Multi.Generic ( 1 )
22:31:30.0877 0x0e54  Detect skipped due to KSN trusted
22:31:30.0878 0x0e54  MDM - ok
22:31:30.0881 0x0e54  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
22:31:30.0888 0x0e54  megasas - ok
22:31:30.0895 0x0e54  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
22:31:30.0907 0x0e54  MegaSR - ok
22:31:30.0911 0x0e54  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
22:31:30.0917 0x0e54  MEIx64 - ok
22:31:30.0922 0x0e54  Microsoft SharePoint Workspace Audit Service - ok
22:31:30.0925 0x0e54  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
22:31:30.0949 0x0e54  MMCSS - ok
22:31:30.0952 0x0e54  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
22:31:30.0975 0x0e54  Modem - ok
22:31:30.0978 0x0e54  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:31:30.0988 0x0e54  monitor - ok
22:31:30.0991 0x0e54  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:31:30.0998 0x0e54  mouclass - ok
22:31:31.0001 0x0e54  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:31:31.0010 0x0e54  mouhid - ok
22:31:31.0014 0x0e54  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:31:31.0023 0x0e54  mountmgr - ok
22:31:31.0029 0x0e54  [ 9FC679D10A7377BB04ECC3D0E2E26B53, 24ACD4EC1618A052C29E4463138B28F62C8B78D442DB82F4925E64FC5849A096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:31:31.0039 0x0e54  MozillaMaintenance - ok
22:31:31.0044 0x0e54  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:31:31.0054 0x0e54  mpio - ok
22:31:31.0058 0x0e54  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:31:31.0082 0x0e54  mpsdrv - ok
22:31:31.0098 0x0e54  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:31:31.0136 0x0e54  MpsSvc - ok
22:31:31.0142 0x0e54  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:31:31.0152 0x0e54  MRxDAV - ok
22:31:31.0157 0x0e54  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:31:31.0169 0x0e54  mrxsmb - ok
22:31:31.0176 0x0e54  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:31:31.0189 0x0e54  mrxsmb10 - ok
22:31:31.0194 0x0e54  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:31:31.0204 0x0e54  mrxsmb20 - ok
22:31:31.0207 0x0e54  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:31:31.0215 0x0e54  msahci - ok
22:31:31.0219 0x0e54  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:31:31.0229 0x0e54  msdsm - ok
22:31:31.0234 0x0e54  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
22:31:31.0246 0x0e54  MSDTC - ok
22:31:31.0251 0x0e54  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:31:31.0274 0x0e54  Msfs - ok
22:31:31.0277 0x0e54  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:31:31.0300 0x0e54  mshidkmdf - ok
22:31:31.0302 0x0e54  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:31:31.0309 0x0e54  msisadrv - ok
22:31:31.0314 0x0e54  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:31:31.0339 0x0e54  MSiSCSI - ok
22:31:31.0342 0x0e54  msiserver - ok
22:31:31.0345 0x0e54  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:31:31.0367 0x0e54  MSKSSRV - ok
22:31:31.0369 0x0e54  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:31:31.0391 0x0e54  MSPCLOCK - ok
22:31:31.0394 0x0e54  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:31:31.0415 0x0e54  MSPQM - ok
22:31:31.0423 0x0e54  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:31:31.0437 0x0e54  MsRPC - ok
22:31:31.0440 0x0e54  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:31:31.0448 0x0e54  mssmbios - ok
22:31:31.0450 0x0e54  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:31:31.0473 0x0e54  MSTEE - ok
22:31:31.0475 0x0e54  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
22:31:31.0484 0x0e54  MTConfig - ok
22:31:31.0487 0x0e54  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
22:31:31.0495 0x0e54  Mup - ok
22:31:31.0505 0x0e54  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
22:31:31.0536 0x0e54  napagent - ok
22:31:31.0544 0x0e54  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:31:31.0560 0x0e54  NativeWifiP - ok
22:31:31.0564 0x0e54  [ 7B2D90BBBBED11C8DFBA441D34AE901E, BBD8C7CA62262DB8471932DCB602EF260FB617B0CB8E4ECB1AA0AADBB85BD030 ] NBVol           C:\Windows\system32\DRIVERS\NBVol.sys
22:31:31.0571 0x0e54  NBVol - ok
22:31:31.0573 0x0e54  [ 4FE7B5757279D82C4D171E9F7FD52A75, 0FEB2280A8D6A641FCC4202D2AF833625230DC481A910BE97F4F2C2605FFFFE3 ] NBVolUp         C:\Windows\system32\DRIVERS\NBVolUp.sys
22:31:31.0578 0x0e54  NBVolUp - ok
22:31:31.0596 0x0e54  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:31:31.0620 0x0e54  NDIS - ok
22:31:31.0624 0x0e54  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:31:31.0647 0x0e54  NdisCap - ok
22:31:31.0650 0x0e54  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:31:31.0672 0x0e54  NdisTapi - ok
22:31:31.0675 0x0e54  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:31:31.0697 0x0e54  Ndisuio - ok
22:31:31.0702 0x0e54  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:31:31.0727 0x0e54  NdisWan - ok
22:31:31.0730 0x0e54  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:31:31.0752 0x0e54  NDProxy - ok
22:31:31.0756 0x0e54  [ DC6530A291D4BDF6DF399F1F128E7F8F, 85123D802063383646EEBC60F4ABBCDBA2AE3180E99A8A99C024B1EBB0C6690E ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
22:31:31.0760 0x0e54  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:31:34.0180 0x0e54  Detect skipped due to KSN trusted
22:31:34.0180 0x0e54  Net Driver HPZ12 - ok
22:31:34.0183 0x0e54  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:31:34.0206 0x0e54  NetBIOS - ok
22:31:34.0212 0x0e54  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:31:34.0239 0x0e54  NetBT - ok
22:31:34.0242 0x0e54  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
22:31:34.0251 0x0e54  Netlogon - ok
22:31:34.0259 0x0e54  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
22:31:34.0289 0x0e54  Netman - ok
22:31:34.0296 0x0e54  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:34.0306 0x0e54  NetMsmqActivator - ok
22:31:34.0310 0x0e54  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:34.0320 0x0e54  NetPipeActivator - ok
22:31:34.0330 0x0e54  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
22:31:34.0363 0x0e54  netprofm - ok
22:31:34.0413 0x0e54  [ A092954BE7E2827733D636D5E250F2E2, E21B68B2FAAA75192852F75CF2A48D0DBE102A3894340BBD370F7C0406EE63EA ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
22:31:34.0459 0x0e54  netr28x - ok
22:31:34.0466 0x0e54  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:34.0476 0x0e54  NetTcpActivator - ok
22:31:34.0480 0x0e54  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:31:34.0489 0x0e54  NetTcpPortSharing - ok
22:31:34.0493 0x0e54  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
22:31:34.0501 0x0e54  nfrd960 - ok
22:31:34.0508 0x0e54  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:31:34.0523 0x0e54  NlaSvc - ok
22:31:34.0526 0x0e54  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:31:34.0550 0x0e54  Npfs - ok
22:31:34.0553 0x0e54  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
22:31:34.0577 0x0e54  nsi - ok
22:31:34.0579 0x0e54  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:31:34.0601 0x0e54  nsiproxy - ok
22:31:34.0603 0x0e54  NSNDIS5 - ok
22:31:34.0634 0x0e54  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:31:34.0673 0x0e54  Ntfs - ok
22:31:34.0677 0x0e54  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
22:31:34.0701 0x0e54  Null - ok
22:31:34.0707 0x0e54  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
22:31:34.0717 0x0e54  NVHDA - ok
22:31:34.0909 0x0e54  [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:31:35.0106 0x0e54  nvlddmkm - ok
22:31:35.0150 0x0e54  [ C22ADABFABBC2B7AC189C87D87B1ABD6, 20886F806C1C02FA8BAA8B76AFCC32C40FA51921ED8D97F592DF9F92BFA933EE ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
22:31:35.0188 0x0e54  NvNetworkService - ok
22:31:35.0194 0x0e54  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:31:35.0203 0x0e54  nvraid - ok
22:31:35.0209 0x0e54  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:31:35.0219 0x0e54  nvstor - ok
22:31:35.0223 0x0e54  [ A88135181D776F8C18550A589A9CAF2D, 47CA5246A55198BA5DEDD34C93A3C5E2DF0EED29ADA3F27AB963857116B6048E ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:31:35.0230 0x0e54  NvStreamKms - ok
22:31:35.0232 0x0e54  NvStreamSvc - ok
22:31:35.0251 0x0e54  [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] NVSvc           C:\Windows\system32\nvvsvc.exe
22:31:35.0275 0x0e54  NVSvc - ok
22:31:35.0279 0x0e54  [ 1AF619620613869C07F9C147BC37520F, 0AD4E100354E201D5E72BA236C1464F5083A7E3B58C4AC6BA712489D258955F5 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
22:31:35.0286 0x0e54  nvvad_WaveExtensible - ok
22:31:35.0290 0x0e54  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:31:35.0299 0x0e54  nv_agp - ok
22:31:35.0303 0x0e54  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:31:35.0312 0x0e54  ohci1394 - ok
22:31:35.0402 0x0e54  [ FCE83ABDE761C87D17EA65960455F0E5, E59C13E26845FE0537AEBF0E4A9DC0AF3E6DF55C7A54247FC8078AC5DE666AD4 ] Origin Client Service D:\Program Files (x86)\Origin\OriginClientService.exe
22:31:35.0464 0x0e54  Origin Client Service - ok
22:31:35.0472 0x0e54  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:31:35.0481 0x0e54  ose64 - ok
22:31:35.0563 0x0e54  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:31:35.0664 0x0e54  osppsvc - ok
22:31:35.0677 0x0e54  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:31:35.0692 0x0e54  p2pimsvc - ok
22:31:35.0702 0x0e54  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
22:31:35.0720 0x0e54  p2psvc - ok
22:31:35.0724 0x0e54  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
22:31:35.0734 0x0e54  Parport - ok
22:31:35.0737 0x0e54  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:31:35.0745 0x0e54  partmgr - ok
22:31:35.0751 0x0e54  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:31:35.0763 0x0e54  PcaSvc - ok
22:31:35.0768 0x0e54  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
22:31:35.0779 0x0e54  pci - ok
22:31:35.0781 0x0e54  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:31:35.0788 0x0e54  pciide - ok
22:31:35.0794 0x0e54  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
22:31:35.0805 0x0e54  pcmcia - ok
22:31:35.0808 0x0e54  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:31:35.0816 0x0e54  pcw - ok
22:31:35.0828 0x0e54  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:31:35.0849 0x0e54  PEAUTH - ok
22:31:35.0860 0x0e54  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
22:31:35.0870 0x0e54  PerfHost - ok
22:31:35.0899 0x0e54  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
22:31:35.0948 0x0e54  pla - ok
22:31:35.0959 0x0e54  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:31:35.0976 0x0e54  PlugPlay - ok
22:31:35.0980 0x0e54  [ 71F62C51DFDFBC04C83C5C64B2B8058E, CAB12E6D27BE421BD5A3CB04066EA50303A3210332ECC4B5C03B5F19735FC857 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
22:31:35.0985 0x0e54  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
22:31:38.0399 0x0e54  Detect skipped due to KSN trusted
22:31:38.0399 0x0e54  Pml Driver HPZ12 - ok
22:31:38.0401 0x0e54  PnkBstrA - ok
22:31:38.0404 0x0e54  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:31:38.0415 0x0e54  PNRPAutoReg - ok
22:31:38.0422 0x0e54  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:31:38.0437 0x0e54  PNRPsvc - ok
22:31:38.0448 0x0e54  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:31:38.0480 0x0e54  PolicyAgent - ok
22:31:38.0487 0x0e54  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
22:31:38.0513 0x0e54  Power - ok
22:31:38.0518 0x0e54  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:31:38.0542 0x0e54  PptpMiniport - ok
22:31:38.0545 0x0e54  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
22:31:38.0555 0x0e54  Processor - ok
22:31:38.0561 0x0e54  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:31:38.0574 0x0e54  ProfSvc - ok
22:31:38.0576 0x0e54  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:31:38.0586 0x0e54  ProtectedStorage - ok
22:31:38.0590 0x0e54  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:31:38.0614 0x0e54  Psched - ok
22:31:38.0641 0x0e54  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
22:31:38.0677 0x0e54  ql2300 - ok
22:31:38.0682 0x0e54  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
22:31:38.0691 0x0e54  ql40xx - ok
22:31:38.0698 0x0e54  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
22:31:38.0715 0x0e54  QWAVE - ok
22:31:38.0718 0x0e54  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:31:38.0729 0x0e54  QWAVEdrv - ok
22:31:38.0732 0x0e54  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:31:38.0754 0x0e54  RasAcd - ok
22:31:38.0758 0x0e54  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:31:38.0781 0x0e54  RasAgileVpn - ok
22:31:38.0785 0x0e54  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
22:31:38.0810 0x0e54  RasAuto - ok
22:31:38.0814 0x0e54  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:31:38.0838 0x0e54  Rasl2tp - ok
22:31:38.0846 0x0e54  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
22:31:38.0875 0x0e54  RasMan - ok
22:31:38.0880 0x0e54  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:31:38.0903 0x0e54  RasPppoe - ok
22:31:38.0907 0x0e54  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:31:38.0931 0x0e54  RasSstp - ok
22:31:38.0938 0x0e54  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:31:38.0965 0x0e54  rdbss - ok
22:31:38.0968 0x0e54  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
22:31:38.0978 0x0e54  rdpbus - ok
22:31:38.0981 0x0e54  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:31:39.0003 0x0e54  RDPCDD - ok
22:31:39.0007 0x0e54  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:31:39.0029 0x0e54  RDPENCDD - ok
22:31:39.0032 0x0e54  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:31:39.0055 0x0e54  RDPREFMP - ok
22:31:39.0061 0x0e54  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:31:39.0073 0x0e54  RDPWD - ok
22:31:39.0079 0x0e54  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:31:39.0089 0x0e54  rdyboost - ok
22:31:39.0094 0x0e54  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:31:39.0118 0x0e54  RemoteAccess - ok
22:31:39.0123 0x0e54  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:31:39.0150 0x0e54  RemoteRegistry - ok
22:31:39.0153 0x0e54  [ 53579C5B424621E9333CEA216766AA96, 6D2BF7EB41D5C1E771A0527F765BCCD7CA4F9EDFF960E15924D03C320DACDAFE ] RHDISK_AMD64    C:\Program Files (x86)\Rohos\RHDISK_AMD64.SYS
22:31:39.0159 0x0e54  RHDISK_AMD64 - ok
22:31:39.0174 0x0e54  [ F2961A1EB51E9D41D2B34F1E01913673, 6B91DDAEDFE9345342592F658D3CBD95720C1FBA9297AAC2C97AA60D1C85729B ] Rohos Disk      C:\Program Files (x86)\Rohos\agent.exe
22:31:39.0194 0x0e54  Rohos Disk - ok
22:31:39.0198 0x0e54  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:31:39.0223 0x0e54  RpcEptMapper - ok
22:31:39.0226 0x0e54  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
22:31:39.0235 0x0e54  RpcLocator - ok
22:31:39.0245 0x0e54  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
22:31:39.0276 0x0e54  RpcSs - ok
22:31:39.0280 0x0e54  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:31:39.0304 0x0e54  rspndr - ok
22:31:39.0322 0x0e54  [ DCF7221D6588EDA8CD77CB27AE9B1844, 7741A4F513952CC3C4D5056958D0D50F8F2A9D3142C7478707F73A83D3CDE01C ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
22:31:39.0344 0x0e54  RTL8167 - ok
22:31:39.0348 0x0e54  [ E16B7C030A05EF649B18FAB0A93D871F, 0F532D534A93D71650E2F7AF677419A6B38CE3142C98983565F1D759E544A4ED ] RtNdPt60        C:\Windows\system32\DRIVERS\RtNdPt60.sys
22:31:39.0354 0x0e54  RtNdPt60 - ok
22:31:39.0357 0x0e54  [ 1DE78F5008120CD79B34C12394DCD493, 58C59BEEE2F1C1C6CE810BA433C0D5789B4E6F218A074868137960663CB54802 ] RTTEAMPT        C:\Windows\system32\DRIVERS\RtTeam60.sys
22:31:39.0363 0x0e54  RTTEAMPT - ok
22:31:39.0366 0x0e54  [ B1018AA1B5735F5FA89FD4DADF4BEA7A, A8D8B5086B8AA3C8D157DD601469E0AE51CDD2626C6618E8F72236CBA543BB61 ] RTVLANPT        C:\Windows\system32\DRIVERS\RtVlan60.sys
22:31:39.0372 0x0e54  RTVLANPT - ok
22:31:39.0374 0x0e54  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs           C:\Windows\system32\lsass.exe
22:31:39.0384 0x0e54  SamSs - ok
22:31:39.0388 0x0e54  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:31:39.0397 0x0e54  sbp2port - ok
22:31:39.0402 0x0e54  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:31:39.0429 0x0e54  SCardSvr - ok
22:31:39.0432 0x0e54  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:31:39.0454 0x0e54  scfilter - ok
22:31:39.0475 0x0e54  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
22:31:39.0519 0x0e54  Schedule - ok
22:31:39.0523 0x0e54  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:31:39.0546 0x0e54  SCPolicySvc - ok
22:31:39.0550 0x0e54  [ 8B56BDCE6A303DDE63D63440D1CF9AD1, 66A4356C29D00A1B8A95975C073AE4E6D2A90CBF3B143FE9B83B96BEC0805D46 ] ScreamBAudioSvc C:\Windows\system32\drivers\ScreamingBAudio64.sys
22:31:39.0556 0x0e54  ScreamBAudioSvc - ok
22:31:39.0561 0x0e54  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:31:39.0574 0x0e54  SDRSVC - ok
22:31:39.0577 0x0e54  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
22:31:39.0599 0x0e54  secdrv - ok
22:31:39.0602 0x0e54  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
22:31:39.0627 0x0e54  seclogon - ok
22:31:39.0630 0x0e54  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
22:31:39.0656 0x0e54  SENS - ok
22:31:39.0658 0x0e54  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:31:39.0668 0x0e54  SensrSvc - ok
22:31:39.0671 0x0e54  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
22:31:39.0679 0x0e54  Serenum - ok
22:31:39.0683 0x0e54  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
22:31:39.0693 0x0e54  Serial - ok
22:31:39.0695 0x0e54  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
22:31:39.0704 0x0e54  sermouse - ok
22:31:39.0711 0x0e54  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
22:31:39.0737 0x0e54  SessionEnv - ok
22:31:39.0739 0x0e54  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:31:39.0750 0x0e54  sffdisk - ok
22:31:39.0752 0x0e54  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:31:39.0762 0x0e54  sffp_mmc - ok
22:31:39.0765 0x0e54  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:31:39.0775 0x0e54  sffp_sd - ok
22:31:39.0777 0x0e54  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
22:31:39.0786 0x0e54  sfloppy - ok
22:31:39.0794 0x0e54  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:31:39.0825 0x0e54  SharedAccess - ok
22:31:39.0833 0x0e54  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:31:39.0864 0x0e54  ShellHWDetection - ok
22:31:39.0867 0x0e54  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
22:31:39.0875 0x0e54  SiSRaid2 - ok
22:31:39.0878 0x0e54  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
22:31:39.0887 0x0e54  SiSRaid4 - ok
22:31:39.0895 0x0e54  [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
22:31:39.0909 0x0e54  SkypeUpdate - ok
22:31:39.0913 0x0e54  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:31:39.0936 0x0e54  Smb - ok
22:31:39.0940 0x0e54  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:31:39.0950 0x0e54  SNMPTRAP - ok
22:31:39.0953 0x0e54  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:31:39.0960 0x0e54  spldr - ok
22:31:39.0971 0x0e54  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
22:31:39.0991 0x0e54  Spooler - ok
22:31:40.0051 0x0e54  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
22:31:40.0153 0x0e54  sppsvc - ok
22:31:40.0160 0x0e54  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:31:40.0186 0x0e54  sppuinotify - ok
22:31:40.0197 0x0e54  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:31:40.0213 0x0e54  srv - ok
22:31:40.0222 0x0e54  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:31:40.0237 0x0e54  srv2 - ok
22:31:40.0242 0x0e54  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:31:40.0252 0x0e54  srvnet - ok
22:31:40.0258 0x0e54  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:31:40.0285 0x0e54  SSDPSRV - ok
22:31:40.0288 0x0e54  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
22:31:40.0294 0x0e54  SSPORT - ok
22:31:40.0297 0x0e54  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:31:40.0323 0x0e54  SstpSvc - ok
22:31:40.0340 0x0e54  [ CC7ED069C2FC82B5B1555C2044C765CC, CE43363544A3EE2C5133CD0D47BF34AFAFA4EAD6AC9EB9A772EE55E89D4D89D4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:31:40.0362 0x0e54  Steam Client Service - ok
22:31:40.0365 0x0e54  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
22:31:40.0373 0x0e54  stexstor - ok
22:31:40.0384 0x0e54  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
22:31:40.0409 0x0e54  stisvc - ok
22:31:40.0436 0x0e54  [ 8734CF72F1C80C59085A3377B5497D38, 3419EE1F5AA380D9173E7D8A7CB04678ABA3BB0D3588D7742DB5AEEE7BC1B9F7 ] SWAS_Core       C:\Program Files (x86)\Samsung Network Printer Utilities\SyncThru Web Admin Service\SWAS.exe
22:31:40.0469 0x0e54  SWAS_Core - detected UnsignedFile.Multi.Generic ( 1 )
22:31:42.0885 0x0e54  Detect skipped due to KSN trusted
22:31:42.0885 0x0e54  SWAS_Core - ok
22:31:42.0888 0x0e54  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:31:42.0895 0x0e54  swenum - ok
22:31:42.0907 0x0e54  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
22:31:42.0923 0x0e54  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
22:31:45.0344 0x0e54  Detect skipped due to KSN trusted
22:31:45.0344 0x0e54  SwitchBoard - ok
22:31:45.0355 0x0e54  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
22:31:45.0389 0x0e54  swprv - ok
22:31:45.0420 0x0e54  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
22:31:45.0467 0x0e54  SysMain - ok
22:31:45.0473 0x0e54  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:31:45.0487 0x0e54  TabletInputService - ok
22:31:45.0490 0x0e54  taphss6 - ok
22:31:45.0497 0x0e54  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:31:45.0526 0x0e54  TapiSrv - ok
22:31:45.0530 0x0e54  [ 048CFE7569D6ADCAB9349BB1A566A79E, E248D2A66881FDFF9505896F383EFFEF2FD5AFC15D8992E653F5C31F1F80DAF3 ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
22:31:45.0537 0x0e54  tbhsd - ok
22:31:45.0540 0x0e54  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
22:31:45.0565 0x0e54  TBS - ok
22:31:45.0599 0x0e54  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:31:45.0642 0x0e54  Tcpip - ok
22:31:45.0678 0x0e54  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:31:45.0716 0x0e54  TCPIP6 - ok
22:31:45.0722 0x0e54  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:31:45.0730 0x0e54  tcpipreg - ok
22:31:45.0734 0x0e54  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:31:45.0742 0x0e54  TDPIPE - ok
22:31:45.0745 0x0e54  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:31:45.0753 0x0e54  TDTCP - ok
22:31:45.0757 0x0e54  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:31:45.0767 0x0e54  tdx - ok
22:31:45.0770 0x0e54  [ 1DE78F5008120CD79B34C12394DCD493, 58C59BEEE2F1C1C6CE810BA433C0D5789B4E6F218A074868137960663CB54802 ] TEAM            C:\Windows\system32\DRIVERS\RtTeam60.sys
22:31:45.0775 0x0e54  TEAM - ok
22:31:45.0855 0x0e54  [ 4ACFC5853A3F0C6C2F54E537C23EE90F, 47D81F471A250696A1A0D19294FC553EB88D813612A8351C89F65D7BF99C8532 ] TeamViewer9     C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
22:31:45.0952 0x0e54  TeamViewer9 - ok
22:31:45.0960 0x0e54  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:31:45.0968 0x0e54  TermDD - ok
22:31:45.0981 0x0e54  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
22:31:46.0003 0x0e54  TermService - ok
22:31:46.0006 0x0e54  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
22:31:46.0020 0x0e54  Themes - ok
22:31:46.0023 0x0e54  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
22:31:46.0048 0x0e54  THREADORDER - ok
22:31:46.0052 0x0e54  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
22:31:46.0078 0x0e54  TrkWks - ok
22:31:46.0083 0x0e54  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:31:46.0108 0x0e54  TrustedInstaller - ok
22:31:46.0112 0x0e54  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:31:46.0120 0x0e54  tssecsrv - ok
22:31:46.0124 0x0e54  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:31:46.0134 0x0e54  TsUsbFlt - ok
22:31:46.0136 0x0e54  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
22:31:46.0145 0x0e54  TsUsbGD - ok
22:31:46.0150 0x0e54  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:31:46.0174 0x0e54  tunnel - ok
22:31:46.0177 0x0e54  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
22:31:46.0185 0x0e54  uagp35 - ok
22:31:46.0193 0x0e54  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:31:46.0220 0x0e54  udfs - ok
22:31:46.0225 0x0e54  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:31:46.0236 0x0e54  UI0Detect - ok
22:31:46.0240 0x0e54  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:31:46.0248 0x0e54  uliagpkx - ok
22:31:46.0251 0x0e54  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
22:31:46.0260 0x0e54  umbus - ok
22:31:46.0263 0x0e54  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
22:31:46.0271 0x0e54  UmPass - ok
22:31:46.0316 0x0e54  [ EB79C6C91A99930015EF29AE7FA802D1, 96D00BA330854C7763BF385D84D47C3D1B87C4085A91D73B558C86829930DC4B ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:31:46.0371 0x0e54  UNS - ok
22:31:46.0382 0x0e54  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
22:31:46.0412 0x0e54  upnphost - ok
22:31:46.0417 0x0e54  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
22:31:46.0421 0x0e54  USBAAPL64 - detected UnsignedFile.Multi.Generic ( 1 )
22:31:48.0851 0x0e54  Detect skipped due to KSN trusted
22:31:48.0851 0x0e54  USBAAPL64 - ok
22:31:48.0856 0x0e54  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
22:31:48.0866 0x0e54  usbaudio - ok
22:31:48.0870 0x0e54  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:31:48.0880 0x0e54  usbccgp - ok
22:31:48.0884 0x0e54  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:31:48.0894 0x0e54  usbcir - ok
22:31:48.0898 0x0e54  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
22:31:48.0908 0x0e54  usbehci - ok
22:31:48.0916 0x0e54  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:31:48.0930 0x0e54  usbhub - ok
22:31:48.0933 0x0e54  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:31:48.0942 0x0e54  usbohci - ok
22:31:48.0965 0x0e54  [ 538233FBBC748AA1D57B7B53F150DE9A, 2ACE7539E3A79D609DD11229708F7DB1822C36189844A40E2F4971766229039B ] USBPNPA         C:\Windows\system32\drivers\CM10864.sys
22:31:48.0998 0x0e54  USBPNPA - ok
22:31:49.0003 0x0e54  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:31:49.0013 0x0e54  usbprint - ok
22:31:49.0017 0x0e54  [ AAA2513C8AED8B54B189FD0C6B1634C0, 02FEE0B756AA559C29477A19861AC16D5A3152DC3C897C7D466423438B6A5E42 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
22:31:49.0028 0x0e54  usbscan - ok
22:31:49.0031 0x0e54  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:31:49.0041 0x0e54  USBSTOR - ok
22:31:49.0044 0x0e54  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:31:49.0052 0x0e54  usbuhci - ok
22:31:49.0055 0x0e54  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
22:31:49.0081 0x0e54  UxSms - ok
22:31:49.0083 0x0e54  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
22:31:49.0093 0x0e54  VaultSvc - ok
22:31:49.0097 0x0e54  [ 6B22F16BE58AEF1A57970611D7109507, 50D195D6105DB0AA08593290B96A10BA8E34A934E68CE93C319FB075614820A6 ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
22:31:49.0107 0x0e54  VBoxNetAdp - ok
22:31:49.0109 0x0e54  VBoxNetFlt - ok
22:31:49.0112 0x0e54  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:31:49.0119 0x0e54  vdrvroot - ok
22:31:49.0130 0x0e54  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
22:31:49.0164 0x0e54  vds - ok
22:31:49.0167 0x0e54  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:31:49.0178 0x0e54  vga - ok
22:31:49.0180 0x0e54  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:31:49.0203 0x0e54  VgaSave - ok
22:31:49.0209 0x0e54  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:31:49.0220 0x0e54  vhdmp - ok
22:31:49.0222 0x0e54  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:31:49.0230 0x0e54  viaide - ok
22:31:49.0233 0x0e54  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:31:49.0241 0x0e54  volmgr - ok
22:31:49.0249 0x0e54  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:31:49.0262 0x0e54  volmgrx - ok
22:31:49.0270 0x0e54  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:31:49.0282 0x0e54  volsnap - ok
22:31:49.0287 0x0e54  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
22:31:49.0297 0x0e54  vsmraid - ok
22:31:49.0325 0x0e54  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
22:31:49.0378 0x0e54  VSS - ok
22:31:49.0383 0x0e54  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
22:31:49.0393 0x0e54  vwifibus - ok
22:31:49.0397 0x0e54  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
22:31:49.0410 0x0e54  vwififlt - ok
22:31:49.0412 0x0e54  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
22:31:49.0424 0x0e54  vwifimp - ok
22:31:49.0433 0x0e54  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
22:31:49.0465 0x0e54  W32Time - ok
22:31:49.0469 0x0e54  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
22:31:49.0478 0x0e54  WacomPen - ok
22:31:49.0482 0x0e54  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:31:49.0506 0x0e54  WANARP - ok
22:31:49.0508 0x0e54  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:31:49.0531 0x0e54  Wanarpv6 - ok
22:31:49.0559 0x0e54  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
22:31:49.0597 0x0e54  wbengine - ok
22:31:49.0604 0x0e54  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:31:49.0621 0x0e54  WbioSrvc - ok
22:31:49.0629 0x0e54  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:31:49.0649 0x0e54  wcncsvc - ok
22:31:49.0652 0x0e54  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:31:49.0662 0x0e54  WcsPlugInService - ok
22:31:49.0665 0x0e54  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
22:31:49.0672 0x0e54  Wd - ok
22:31:49.0688 0x0e54  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:31:49.0711 0x0e54  Wdf01000 - ok
22:31:49.0716 0x0e54  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:31:49.0726 0x0e54  WdiServiceHost - ok
22:31:49.0730 0x0e54  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:31:49.0740 0x0e54  WdiSystemHost - ok
22:31:49.0747 0x0e54  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
22:31:49.0763 0x0e54  WebClient - ok
22:31:49.0769 0x0e54  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:31:49.0799 0x0e54  Wecsvc - ok
22:31:49.0802 0x0e54  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:31:49.0828 0x0e54  wercplsupport - ok
22:31:49.0832 0x0e54  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
22:31:49.0858 0x0e54  WerSvc - ok
22:31:49.0860 0x0e54  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:31:49.0882 0x0e54  WfpLwf - ok
22:31:49.0885 0x0e54  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:31:49.0892 0x0e54  WIMMount - ok
22:31:49.0894 0x0e54  WinDefend - ok
22:31:49.0897 0x0e54  WinHttpAutoProxySvc - ok
22:31:49.0905 0x0e54  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:31:49.0933 0x0e54  Winmgmt - ok
22:31:49.0939 0x0e54  WinRing0_1_2_0 - ok
22:31:49.0974 0x0e54  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
22:31:50.0023 0x0e54  WinRM - ok
22:31:50.0030 0x0e54  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
22:31:50.0041 0x0e54  WinUsb - ok
22:31:50.0058 0x0e54  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:31:50.0089 0x0e54  Wlansvc - ok
22:31:50.0131 0x0e54  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:31:50.0181 0x0e54  wlidsvc - ok
22:31:50.0186 0x0e54  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:31:50.0195 0x0e54  WmiAcpi - ok
22:31:50.0201 0x0e54  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:31:50.0214 0x0e54  wmiApSrv - ok
22:31:50.0217 0x0e54  WMPNetworkSvc - ok
22:31:50.0219 0x0e54  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:31:50.0229 0x0e54  WPCSvc - ok
22:31:50.0233 0x0e54  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:31:50.0247 0x0e54  WPDBusEnum - ok
22:31:50.0250 0x0e54  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:31:50.0272 0x0e54  ws2ifsl - ok
22:31:50.0276 0x0e54  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
22:31:50.0292 0x0e54  wscsvc - ok
22:31:50.0296 0x0e54  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
22:31:50.0306 0x0e54  WSDPrintDevice - ok
22:31:50.0309 0x0e54  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
22:31:50.0317 0x0e54  WSDScan - ok
22:31:50.0319 0x0e54  WSearch - ok
22:31:50.0369 0x0e54  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:31:50.0429 0x0e54  wuauserv - ok
22:31:50.0436 0x0e54  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:31:50.0446 0x0e54  WudfPf - ok
22:31:50.0451 0x0e54  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:31:50.0463 0x0e54  WUDFRd - ok
22:31:50.0466 0x0e54  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:31:50.0478 0x0e54  wudfsvc - ok
22:31:50.0484 0x0e54  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:31:50.0498 0x0e54  WwanSvc - ok
22:31:50.0503 0x0e54  ================ Scan global ===============================
22:31:50.0506 0x0e54  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
22:31:50.0513 0x0e54  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
22:31:50.0523 0x0e54  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
22:31:50.0530 0x0e54  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
22:31:50.0540 0x0e54  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
22:31:50.0547 0x0e54  [ Global ] - ok
22:31:50.0547 0x0e54  ================ Scan MBR ==================================
22:31:50.0548 0x0e54  [ 4976D4A7A40B83FC7F06EE4BDD84EB9B ] \Device\Harddisk0\DR0
22:31:50.0629 0x0e54  \Device\Harddisk0\DR0 - ok
22:31:50.0646 0x0e54  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:31:50.0707 0x0e54  \Device\Harddisk1\DR1 - ok
22:31:50.0708 0x0e54  ================ Scan VBR ==================================
22:31:50.0709 0x0e54  [ CB73C56FD49F1B1C384D9ACFECD53459 ] \Device\Harddisk0\DR0\Partition1
22:31:50.0710 0x0e54  \Device\Harddisk0\DR0\Partition1 - ok
22:31:50.0711 0x0e54  [ 6C30033CA83165F35B7A0621C57BB261 ] \Device\Harddisk1\DR1\Partition1
22:31:50.0741 0x0e54  \Device\Harddisk1\DR1\Partition1 - ok
22:31:50.0741 0x0e54  ================ Scan generic autorun ======================
22:31:50.0882 0x0e54  [ A22789E8003D9851C1380CB0EC8A14BE, 7E50ECC9C603B4738690E06B9CEC7CA9E8C5045EB01824903694C91472EB10D0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
22:31:51.0029 0x0e54  RtHDVCpl - ok
22:31:51.0045 0x0e54  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
22:31:51.0055 0x0e54  Cm108Sound - ok
22:31:51.0059 0x0e54  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
22:31:51.0068 0x0e54  BCSSync - ok
22:31:51.0105 0x0e54  [ 44FE94FCDF97E574B6986C5A81758628, D950CF92623CA2AD053F7DCC44B483176D02E721C716255957DA90A083D0F1B9 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
22:31:51.0147 0x0e54  NvBackend - ok
22:31:51.0152 0x0e54  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
22:31:51.0162 0x0e54  ShadowPlay - ok
22:31:51.0338 0x0e54  [ 95671F4BE988BC043F5828BB7E02CBD0, 7B7572CB569161C44BD63AAF9DEF2C806974576AE9ABFF94ED5A950EFFB3D222 ] C:\Program Files\Logitech Gaming Software\LCore.exe
22:31:51.0522 0x0e54  Launch LCore - ok
22:31:51.0539 0x0e54  [ B1964E8776FD7633F149788F5B2A71CB, E30AC137B9DC2D3456499E0BB3B1955D2E0F7FFDB11E7A290A9DA25C76F4FAF8 ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
22:31:51.0551 0x0e54  CDAServer - ok
22:31:51.0552 0x0e54  InstallerLauncher - ok
22:31:51.0554 0x0e54  NCInstallQueue - ok
22:31:51.0560 0x0e54  [ BD712BF585CBE46FEC924398E852A29E, 135BF15D279C2C3D1E0CA97E77673709CB4133892AE3C397291977D5D683B878 ] C:\Program Files (x86)\ASUS\AI Manager\AsShellApplication.exe
22:31:51.0569 0x0e54  RunAIShell - ok
22:31:51.0573 0x0e54  [ 321280EB900E4DF9430CA8C9BDFD7484, 132A562721EC3372C3A291B360C55718F7E0FC4037F31DCAF20868B4F3DD6A37 ] C:\Program Files (x86)\Tt eSPORTS\Tt eSPORTS Level 10 M\L10mMonitor.exe
22:31:51.0580 0x0e54  Tt eSPORTS Level 10 M Gaming Mouse - ok
22:31:51.0748 0x0e54  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] d:\Program Files\AVAST Software\Avast\AvastUI.exe
22:31:51.0917 0x0e54  AvastUI.exe - ok
22:31:51.0928 0x0e54  [ C94B4A6CB5EDB6289F192719E3C3DCAB, BB4C4B775AB12E432A5C4A1B576A1860D7C53E4496BA0BCF8F89C4C7265E8E1E ] C:\Users\Heimanwender\AppData\Roaming\ShinyProfile\spup.exe
22:31:51.0936 0x0e54  spup - ok
22:31:51.0956 0x0e54  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:31:51.0979 0x0e54  Adobe ARM - ok
22:31:52.0000 0x0e54  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:31:52.0031 0x0e54  Sidebar - ok
22:31:52.0035 0x0e54  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:31:52.0052 0x0e54  mctadmin - ok
22:31:52.0073 0x0e54  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
22:31:52.0101 0x0e54  Sidebar - ok
22:31:52.0105 0x0e54  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
22:31:52.0118 0x0e54  mctadmin - ok
22:31:52.0226 0x0e54  [ D2DB27182DABB702260922BB42FA3326, 3F2F446582DF841BB656F346C9491BED7AF9D555538A80E80F0DA979A07EE071 ] C:\Program Files\CCleaner\CCleaner64.exe
22:31:52.0340 0x0e54  CCleaner Monitoring - ok
22:31:52.0350 0x0e54  EPLTarget\P0000000000000000 - ok
22:31:52.0387 0x0e54  [ C3E6128725B7C509EB6742A6F2310576, C8348D91AF275185FE90BAB2315AC05B4009E36ECF321E5CECF34D1C3F8AC8B6 ] C:\Users\Heimanwender\AppData\Roaming\Spotify\SpotifyWebHelper.exe
22:31:52.0425 0x0e54  Spotify Web Helper - ok
22:31:52.0431 0x0e54  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\Heimanwender\AppData\Local\Google\Update\GoogleUpdate.exe
22:31:52.0438 0x0e54  Google Update - ok
22:31:52.0439 0x0e54  Waiting for KSN requests completion. In queue: 111
22:31:53.0439 0x0e54  Waiting for KSN requests completion. In queue: 111
22:31:54.0439 0x0e54  Waiting for KSN requests completion. In queue: 111
22:31:55.0465 0x0e54  AV detected via SS2: avast! Antivirus, d:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
22:31:55.0468 0x0e54  Win FW state via NFP2: enabled
22:31:57.0876 0x0e54  ============================================================
22:31:57.0876 0x0e54  Scan finished
22:31:57.0876 0x0e54  ============================================================
22:31:57.0882 0x0ac0  Detected object count: 0
22:31:57.0882 0x0ac0  Actual detected object count: 0

schrauber · 10.06.2015, 16:51

Seh ich ja jetzt erst.....

Zitat:

127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 activate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com

Erstmal das geklaute Photoshop runter, erst dann gibt es Support.

09.06.2015, 10:17	#7
schrauber /// the machine /// TB-Ausbilder	unregelmäßige Pingschwankungen - ist ein Hintergrund-Programm dran schuld? und TDSSKiller? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

unregelmäßige Pingschwankungen - ist ein Hintergrund-Programm dran schuld?

Log-Analyse und Auswertung: unregelmäßige Pingschwankungen - ist ein Hintergrund-Programm dran schuld?