Win 7: Updates von Anwenderprogrammen nicht möglich

Silverdrow · 05.06.2015, 19:35

Hallo, ich habe folgendes Problem:
Wenn ich irgendein Anwenderprogramm updaten möchte, bekomme ich immer eine Fehlermeldung, sobald die .exe-Datei überschrieben werden soll.

Z.B. wenn FilleZilla meldet es gibt ein Update und dieses wird direkt nach dem download installiert, bleibt der Update bei der .exe Datei stehen und es kommt die Meldung "Error opening file for writing : ...." und dies ist nicht nur bei FilleZilla so, sonder auch bei diversen anderen Programmen, bei MS Updates funktioniert alles bestens.

Aufgetaucht ist diese Meldung das 1. Mal, nachdem ich bei Bitdefender ein Upgrade laufen lies. Bei Bitdefender hatte ich diese Problem schon geschildert eine Lösung wurde nicht genannt.
Ich habe danach den Bitdefender mit den zugehörigen Tools deinstalliert, die Fehlermeldungen sind jedoch geblieben.

Hir die ersten Logs:

[CODE]defogger_disable by jpshortstuff (23.02.10.1)
Log created at 18:56 on 05/06/2015 (************)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Disabled (Service running -> reboot required)

-=E.O.F=-
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by ************ (************) on ************-PC on 05-06-2015 18:59:46
Running from C:\Users\************\Desktop
Loaded Profiles: ************ (Available Profiles: ************)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Waterfox) C:\Program Files\Waterfox\waterfox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [67752 2006-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Run: [AnyCaptureScreen] => [X]
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Run: [ASRockXTU] => [X]
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-12-19] (TomTom)
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\MountPoints2: D - D:\ASRSetup.exe
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\MountPoints2: {b61c1fa9-6973-11e2-82a8-bc5ff448fca1} - K:\AutoRun.exe
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\MountPoints2: {d7420c46-67cb-11e2-80a5-bc5ff448fca1} - H:\AutoRun.exe
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\MountPoints2: {d7420c50-67cb-11e2-80a5-bc5ff448fca1} - H:\AutoRun.exe
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\MountPoints2: {e6f12649-71b9-11e2-bdb0-bc5ff448fca1} - H:\AutoRun.exe
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\MountPoints2: {e6f1265f-71b9-11e2-bdb0-bc5ff448fca1} - H:\AutoRun.exe
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\MountPoints2: {fe89afd6-3157-11df-9194-806e6f6e6963} - D:\Run.exe
HKU\S-1-5-21-905352029-3248617649-53037531-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [477696 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
HKU\S-1-5-18\...\Run: [Bitdefender-Geldbörse-Anwendungs-Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
AppInit_DLLs-x32:  => "" File not found
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-905352029-3248617649-53037531-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-905352029-3248617649-53037531-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKLM-x32 - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-11-07] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: WOT -> {9E571C81-21E7-496B-9E6B-127E60263022} -> C:\Users\************\AppData\LocalLow\WOT\IE\WOT.dll [2012-01-12] (WOT Services Oy)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-905352029-3248617649-53037531-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-905352029-3248617649-53037531-1000 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.178.41/VDControl.CAB?2,0,0,89
DPF: HKLM-x32 {59A5A3CB-18D6-40A4-ABBC-60DBE7D98ED8} hxxp://192.168.178.37/web/DLinkNVS322.cab
DPF: HKLM-x32 {A606CAC8-4804-4E7F-A63A-2D85B416AB96} https://eu.mydlink.com/8D/activeX/NVSWebAll.cab
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Winsock: Catalog9 01 C:\Windows\SysWOW64\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9 02 C:\Windows\SysWOW64\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9 03 C:\Windows\SysWOW64\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9 04 C:\Windows\SysWOW64\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9 16 C:\Windows\SysWOW64\LavasoftTcpService.dll [347976 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [429392 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [429392 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [429392 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [429392 2015-05-31] (Lavasoft Limited)
Winsock: Catalog9-x64 16 C:\Windows\system32\LavasoftTcpService64.dll [429392 2015-05-31] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\************\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default
FF NewTab: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-905352029-3248617649-53037531-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\************\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-905352029-3248617649-53037531-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2012-07-25] (Amazon.com, Inc.)
FF Extension: YouTube Unblocker - C:\Users\************\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\youtubeunblocker@unblocker.yt [2015-05-20]
FF Extension: ColorfulTabs - C:\Users\************\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-28]
FF Extension: {4d0c81e9-3feb-4bb1-a10d-5f862740153e} - C:\Users\************\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{4d0c81e9-3feb-4bb1-a10d-5f862740153e}.xpi [2015-03-17]
FF Extension: Adblock Plus - C:\Users\************\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-21]
FF Extension: Tab Mix Plus - C:\Users\************\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-01-24]
FF Extension: Adblock Edge - C:\Users\************\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-11] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-11] (BitRaider, LLC)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-05-05] (Macrovision Europe Ltd.) [File not signed]
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-05-05] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
S4 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2013-01-27] ()
S4 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S4 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [245760 2013-11-21] (BUFFALO INC.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [63488 2010-03-11] (Nalpeiron Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-05-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-05-02] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe [68760 2008-12-07] (SiSoftware) [File not signed]
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S4 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WOTUpdater; C:\Users\************\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [File not signed]
S4 Boonty Games; "C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows (R) Codename Longhorn DDK provider)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-03] ()
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-01-12] (BitRaider)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [40960 2010-03-01] (Motorola, Inc.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S1 GLogin; No ImagePath
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-03] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [59648 2012-11-26] (Fuzhou Rockchip Electronics Co,Ltd.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-11-22] (RapidSolution Software AG)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-01] (Duplex Secure Ltd.)
S3 ssudnflt; C:\Windows\System32\DRIVERS\ssudnflt.sys [19520 2011-02-18] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-04-25] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-04-25] (Acronis International GmbH)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-04-25] (Acronis International GmbH)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-06-05] ()
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 lvpopf64; system32\DRIVERS\lvpopf64.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 LVUVC64; system32\DRIVERS\lvuvc64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 18:59 - 2015-06-05 19:00 - 00031692 _____ C:\Users\************\Desktop\FRST.txt
2015-06-05 18:59 - 2015-06-05 18:59 - 02108928 _____ (Farbar) C:\Users\************\Desktop\FRST64.exe
2015-06-05 18:59 - 2015-06-05 18:59 - 00000000 ____D C:\FRST
2015-06-05 18:56 - 2015-06-05 18:56 - 00000592 _____ C:\Users\************\Desktop\defogger_disable.log
2015-06-05 18:56 - 2015-06-05 18:56 - 00000020 _____ C:\Users\************\defogger_reenable
2015-06-05 18:55 - 2015-06-05 18:55 - 00050477 _____ C:\Users\************\Desktop\Defogger.exe
2015-06-05 15:40 - 2015-06-05 15:40 - 00002038 _____ C:\Users\************\Desktop\reparatur.reg
2015-06-05 11:06 - 2015-06-05 11:06 - 06477032 _____ (Tim Kosse) C:\Users\************\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-04 00:50 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-04 00:50 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-04 00:50 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-04 00:50 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-04 00:50 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-04 00:50 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-04 00:50 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-04 00:50 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-04 00:50 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-04 00:50 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-04 00:50 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-04 00:50 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-04 00:50 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-04 00:50 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-04 00:50 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-04 00:50 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-04 00:50 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-04 00:50 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-04 00:50 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-04 00:50 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-04 00:50 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-04 00:50 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-04 00:49 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-04 00:47 - 2015-06-04 00:47 - 00000000 ____D C:\Users\************\AppData\Local\GWX
2015-06-03 16:33 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-03 15:39 - 2015-06-03 15:41 - 278338176 _____ (Cyanide ) C:\Users\************\Documents\AGOT-patch-1.6.0.0-ALL.exe
2015-06-03 14:50 - 2015-06-03 14:50 - 00000793 _____ C:\Users\Public\Desktop\Game of Thrones.lnk
2015-06-03 14:50 - 2015-06-03 14:50 - 00000386 _____ C:\Windows\DirectX.log
2015-06-03 14:50 - 2015-06-03 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyanide
2015-06-02 20:33 - 2015-06-02 20:33 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-02 20:33 - 2015-06-02 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-02 20:33 - 2015-06-02 20:33 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-02 20:33 - 2015-06-02 20:33 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-02 20:33 - 2015-06-02 20:33 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-06-02 20:33 - 2015-06-02 20:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-06-02 20:33 - 2015-06-02 20:33 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-02 20:33 - 2015-06-02 20:33 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-02 20:33 - 2015-06-02 20:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-06-02 20:33 - 2015-06-02 20:33 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-02 20:32 - 2015-06-02 20:35 - 00009929 _____ C:\Windows\IE11_main.log
2015-06-02 19:51 - 2015-06-02 19:54 - 00009353 _____ C:\Windows\IE10_main.log
2015-06-02 19:47 - 2015-06-02 19:48 - 20020197 _____ C:\Users\************\Downloads\Silverlight514.zip
2015-06-01 16:48 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 16:48 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 16:43 - 2015-06-01 16:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 16:43 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 16:43 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-31 21:34 - 2015-06-01 07:55 - 00002872 _____ C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
2015-05-31 21:34 - 2015-06-01 07:55 - 00002872 _____ C:\Windows\system32\LavasoftTcpServiceOff.ini
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\Users\************\AppData\Local\Lavasoft
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-05-31 21:34 - 2015-05-25 10:24 - 00429392 _____ (Lavasoft Limited) C:\Windows\system32\LavasoftTcpService64.dll
2015-05-31 21:34 - 2015-05-25 10:24 - 00347976 _____ (Lavasoft Limited) C:\Windows\SysWOW64\LavasoftTcpService.dll
2015-05-31 21:33 - 2015-05-31 21:33 - 00000000 ____D C:\Users\************\Documents\My Cheat Tables
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\Users\************\AppData\Roaming\OpenCandy
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\Users\************\AppData\Roaming\Lavasoft
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\ProgramData\Lavasoft
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-05-30 17:23 - 2015-05-30 17:24 - 00007400 _____ C:\Windows\DPINST.LOG
2015-05-24 01:49 - 2015-05-24 01:49 - 00004565 _____ C:\Users\************\.recently-used.xbel
2015-05-23 10:33 - 2015-05-23 10:33 - 04076719 _____ C:\Users\************\Downloads\FileZilla_3.2.7.1_win32-setup [1].exe
2015-05-23 01:35 - 2015-05-23 01:35 - 00000303 _____ C:\Users\************\Desktop\u1-pc.txt
2015-05-22 19:24 - 2015-05-22 19:25 - 00000000 ____D C:\Program Files\FRITZ!Fernzugang
2015-05-22 19:24 - 2015-05-22 19:24 - 00000000 ____D C:\ProgramData\AVM
2015-05-22 19:16 - 2015-05-22 19:16 - 00000000 ____D C:\Users\************\AppData\Roaming\AVM
2015-05-22 19:14 - 2015-05-22 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2015-05-22 19:14 - 2015-05-22 19:16 - 00000000 ____D C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Users\************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Users\************\AppData\Local\Vitalwerks
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-05-22 17:15 - 2015-05-22 17:15 - 00003140 _____ C:\Windows\System32\Tasks\{9CEE33A6-FFD6-4A87-9115-D02EB29008DA}
2015-05-22 08:41 - 2015-05-22 08:41 - 06448912 _____ (Tim Kosse) C:\Users\************\Downloads\FileZilla_3.11.0_win64-setup.exe
2015-05-20 15:04 - 2015-05-20 15:05 - 00000788 _____ C:\Users\Public\Desktop\Entropia Universe.lnk
2015-05-20 15:04 - 2015-05-20 15:05 - 00000000 ____D C:\Windows\Entropia Universe
2015-05-20 15:04 - 2015-05-20 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Entropia Universe
2015-05-20 15:04 - 2015-05-20 15:04 - 00000000 ____D C:\Users\************\Documents\Entropia Universe
2015-05-19 10:48 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-19 10:48 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-14 08:25 - 2015-06-05 18:58 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-05-14 01:17 - 2015-05-14 01:17 - 00000000 ____D C:\Windows\PCHEALTH
2015-05-14 01:12 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:12 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:11 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 01:11 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 01:11 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 01:11 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 01:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 01:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 01:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 01:11 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 01:11 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-07 08:29 - 2015-05-07 08:29 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-06 10:35 - 2015-05-06 10:35 - 00778939 _____ C:\Users\************\Documents\JHV_20150606.pptx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-05 18:58 - 2015-04-20 21:32 - 00445455 _____ C:\Windows\setupact.log
2015-06-05 18:58 - 2015-04-20 21:32 - 00027232 _____ C:\Windows\PFRO.log
2015-06-05 18:58 - 2012-12-13 17:02 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-06-05 18:58 - 2010-07-13 20:26 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-06-05 18:58 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-05 18:57 - 2015-02-25 09:31 - 01416741 _____ C:\Windows\WindowsUpdate.log
2015-06-05 18:56 - 2010-03-17 02:11 - 00000000 ____D C:\Users\************
2015-06-05 18:48 - 2012-04-21 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-05 14:20 - 2009-07-14 06:45 - 00015056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-05 14:20 - 2009-07-14 06:45 - 00015056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-05 11:19 - 2010-07-13 20:26 - 00000000 ____D C:\Users\************\AppData\Roaming\FileZilla
2015-06-05 11:06 - 2010-07-13 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-06-05 02:00 - 2010-05-30 21:21 - 00000000 ____D C:\Users\************\AppData\Local\Adobe
2015-06-04 20:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-04 19:37 - 2014-05-04 10:21 - 00000000 ____D C:\Users\************\AppData\Local\Battle.net
2015-06-04 08:51 - 2009-07-14 19:58 - 00705356 _____ C:\Windows\system32\perfh007.dat
2015-06-04 08:51 - 2009-07-14 19:58 - 00151650 _____ C:\Windows\system32\perfc007.dat
2015-06-04 08:51 - 2009-07-14 07:13 - 01631230 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-04 01:49 - 2015-04-18 19:59 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-04 01:49 - 2014-04-25 22:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-04 01:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 21:26 - 2015-04-03 23:00 - 00000000 ____D C:\Users\************\AppData\Roaming\MediaMonkey
2015-06-03 16:34 - 2015-04-04 09:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-03 16:34 - 2015-04-04 09:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-03 15:34 - 2012-12-14 16:11 - 00000000 ____D C:\Users\************\AppData\Local\CrashDumps
2015-06-03 15:33 - 2015-01-21 14:41 - 00000000 ____D C:\Users\************\AppData\Roaming\vlc
2015-06-02 21:32 - 2015-04-28 15:19 - 00001405 _____ C:\Users\************\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-01 16:49 - 2012-03-25 10:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 16:49 - 2010-03-18 00:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-31 17:19 - 2010-06-01 00:05 - 00000000 ____D C:\Users\************\AppData\Roaming\XnView
2015-05-28 09:04 - 2015-05-05 23:19 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2015-02-13 22:50 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-12-24 16:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-02-02 00:02 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2014-04-25 20:24 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-04-25 20:24 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-04-25 20:24 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-24 01:50 - 2011-04-09 13:05 - 00000000 ____D C:\Users\************\.gimp-2.6
2015-05-24 01:49 - 2011-04-09 13:10 - 00000000 ____D C:\Users\************\AppData\Roaming\gtk-2.0
2015-05-23 20:59 - 2014-06-10 07:54 - 00000431 _____ C:\Users\************\Desktop\Passwörter BC-C-B.txt
2015-05-23 03:47 - 2015-05-05 23:21 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-22 16:12 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 09:26 - 2012-04-21 22:23 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 09:26 - 2012-04-21 22:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-21 09:26 - 2011-05-13 09:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-19 10:48 - 2010-03-18 00:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-16 20:48 - 2013-06-23 19:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 12:00 - 2015-01-19 16:41 - 00000000 ____D C:\Program Files\Waterfox
2015-05-14 08:25 - 2009-07-14 06:45 - 05010216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 01:20 - 2015-04-28 13:41 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-14 01:20 - 2015-04-28 13:41 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-05-14 01:20 - 2015-04-28 13:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-05-14 01:20 - 2013-08-15 01:05 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 01:20 - 2013-01-18 20:51 - 00001912 _____ C:\Windows\epplauncher.mif
2015-05-14 01:20 - 2010-05-30 15:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-14 01:17 - 2010-03-17 08:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Files in the root of some directories =======

2011-11-15 08:28 - 2005-12-09 04:52 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI
2012-08-23 16:27 - 2015-01-03 00:01 - 11685888 _____ () C:\Users\************\AppData\Roaming\Sandra.mdb
2010-11-10 23:06 - 2014-09-24 16:30 - 0010752 _____ () C:\Users\************\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-05 23:57 - 2013-01-05 23:57 - 0027520 _____ () C:\Users\************\AppData\Local\dt.dat
2012-02-02 21:01 - 2012-02-02 21:01 - 0000098 _____ () C:\Users\************\AppData\Local\fusioncache.dat
2014-05-05 16:19 - 2015-02-24 13:36 - 0004286 _____ () C:\Users\************\AppData\Local\mbt-actwiz.log
2015-02-25 10:19 - 2015-02-25 10:19 - 0001401 _____ () C:\Users\************\AppData\Local\recently-used.xbel
2011-07-03 15:13 - 2014-03-13 22:49 - 0007600 _____ () C:\Users\************\AppData\Local\Resmon.ResmonCfg
2011-10-22 14:07 - 2011-10-22 14:07 - 0017408 _____ () C:\Users\************\AppData\Local\WebpageIcons.db
2015-01-14 11:31 - 2015-01-14 11:35 - 0000083 ___SH () C:\ProgramData\.zreglib
2015-04-28 12:41 - 2015-04-28 12:41 - 0267500 _____ () C:\ProgramData\1430217639.bdinstall.bin
2010-05-30 16:11 - 2010-05-30 16:11 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2013-09-01 21:02 - 2013-09-01 21:02 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\************\AppData\Local\Temp\Execute2App.exe
C:\Users\************\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\************\AppData\Local\Temp\msvcp90.dll
C:\Users\************\AppData\Local\Temp\msvcr90.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 14:01

==================== End of log ============================

--- --- ---

weiterer Log

Code:

ATTFilter

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-05 19:40:23
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 Samsung_SSD_840_EVO_250GB rev.EXT0BB6Q 232,89GB
Running: Gmer-19357.exe; Driver: C:\Users\***~1\AppData\Local\Temp\kfldiuog.sys


---- User code sections - GMER 2.1 ----

.text  C:\Windows\SysWOW64\PnkBstrA.exe[3116] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82                                                                      0000000071f217fa 2 bytes CALL 770711a9 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrA.exe[3116] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88                                                                  0000000071f21860 2 bytes CALL 770711a9 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrA.exe[3116] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98                                                                0000000071f21942 2 bytes JMP 75a67089 C:\Windows\syswow64\WS2_32.dll
.text  C:\Windows\SysWOW64\PnkBstrA.exe[3116] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109                                                               0000000071f2194d 2 bytes JMP 75a6cba6 C:\Windows\syswow64\WS2_32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82                                                                      0000000071f217fa 2 bytes CALL 770711a9 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88                                                                  0000000071f21860 2 bytes CALL 770711a9 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98                                                                0000000071f21942 2 bytes JMP 75a67089 C:\Windows\syswow64\WS2_32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109                                                               0000000071f2194d 2 bytes JMP 75a6cba6 C:\Windows\syswow64\WS2_32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                        0000000075a41401 2 bytes JMP 7709b21b C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                          0000000075a41419 2 bytes JMP 7709b346 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                        0000000075a41431 2 bytes JMP 77118f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                        0000000075a4144a 2 bytes CALL 7707489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                   * 9
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                           0000000075a414dd 2 bytes JMP 77118822 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                    0000000075a414f5 2 bytes JMP 771189f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                           0000000075a4150d 2 bytes JMP 77118718 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                    0000000075a41525 2 bytes JMP 77118ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                          0000000075a4153d 2 bytes JMP 7708fca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                               0000000075a41555 2 bytes JMP 770968ef C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                        0000000075a4156d 2 bytes JMP 77118fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                          0000000075a41585 2 bytes JMP 77118b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                             0000000075a4159d 2 bytes JMP 771186dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                          0000000075a415b5 2 bytes JMP 7708fd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                        0000000075a415cd 2 bytes JMP 7709b2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                    0000000075a416b2 2 bytes JMP 77118ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Windows\SysWOW64\PnkBstrB.exe[3144] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                    0000000075a416bd 2 bytes JMP 77118671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe[3456] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes  00000000775608b0 14 bytes {JMP QWORD [RIP+0x0]}
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4768] C:\Windows\syswow64\kernel32.dll!SetFileCompletionNotificationModes         00000000770eb35e 5 bytes JMP 0000000110007740
.text  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[4768] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                           00000000774d2ab1 5 bytes JMP 000000010113f046
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!LdrLoadDll                                                                 0000000077756f30 13 bytes {MOV R11, 0x7fef3951580; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtReadFile                                                                 000000007777dc10 13 bytes {MOV R11, 0x7fee8c237f0; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtWriteFile                                                                000000007777dc30 13 bytes {MOV R11, 0x7fee8c23b10; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtWriteFileGather                                                          000000007777dd60 13 bytes {MOV R11, 0x7fee8c23ca0; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtReadFileScatter                                                          000000007777de90 13 bytes {MOV R11, 0x7fee8c23980; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtFlushBuffersFile                                                         000000007777e060 13 bytes {MOV R11, 0x7fee8c23e30; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtCreateFile                                                               000000007777e100 13 bytes {MOV R11, 0x7fee8c22b90; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\SYSTEM32\ntdll.dll!NtQueryFullAttributesFile                                                  000000007777ed10 13 bytes {MOV R11, 0x7fee8c23f50; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\system32\kernel32.dll!SetUnhandledExceptionFilter                                             0000000077529020 13 bytes {MOV R11, 0x7feecab8310; JMP R11}
.text  C:\Program Files\Waterfox\waterfox.exe[5316] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                                      00000000775608b0 14 bytes {JMP QWORD [RIP+0x0]}
.text  C:\Program Files (x86)\Windows Media Player\wmplayer.exe[6600] C:\Windows\syswow64\kernel32.dll!SetFileCompletionNotificationModes                    00000000770eb35e 5 bytes JMP 0000000110007740
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[6352] C:\Windows\system32\kernel32.dll!SetFileCompletionNotificationModes                      00000000775608b0 14 bytes {JMP QWORD [RIP+0x0]}

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\001bdc0636c0                                                                           
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                                      
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                   0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                   0
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                0x3A 0x6F 0x34 0x08 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                                   C:\Program Files (x86)\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                                             
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                       0xB0 0x8D 0xCF 0xC9 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                          0xA0 0x02 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                                        
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                                  0x34 0x4D 0xE0 0x2C ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1                                                        
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                                                  0x37 0xC7 0x22 0x6E ...
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\001bdc0636c0 (not active ControlSet)                                                       
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                                  
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                       0x00 0x00 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                       0
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                    0x3A 0x6F 0x34 0x08 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                                       C:\Program Files (x86)\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                                         
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                           0xB0 0x8D 0xCF 0xC9 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                              0xA0 0x02 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                                    
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                                      0x34 0x4D 0xE0 0x2C ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)                                    
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                                                      0x37 0xC7 0x22 0x6E ...

---- EOF - GMER 2.1 ----

Silverdrow · 05.06.2015, 19:36

Addition Teil 1

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by *** at 2015-06-05 19:00:16
Running from C:\Users\***\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-905352029-3248617649-53037531-500 - Administrator - Disabled) => C:\Users\Administrator
ASPNET (S-1-5-21-905352029-3248617649-53037531-1006 - Limited - Enabled)
Gast (S-1-5-21-905352029-3248617649-53037531-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-905352029-3248617649-53037531-1011 - Limited - Enabled)
*** (S-1-5-21-905352029-3248617649-53037531-1000 - *** - Enabled) => C:\Users\***

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

@BIOS Ver.2.06 (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.06 - GIGABYTE)
1849 (HKLM-x32\...\Steam App 290970) (Version:  - SomaSim)
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.1 - Futuremark Corporation)
442 - Fussball Manager (HKLM-x32\...\{6EFF1675-057D-4B08-8926-8C043CE04EE9}) (Version:  - )
777 Gebärden 3.1 (HKLM-x32\...\{88E8FD14-3C94-496E-913D-E364A335F8CF}_is1) (Version:  - Verlag Karin Kestner)
Acronis True Image 2014 (HKLM-x32\...\{3ECDD663-5AF8-489B-9E3C-561F33A271BD}Visible) (Version: 17.0.6673 - Acronis)
Ad-Aware Web Companion (x32 Version: 2.0.1013.2086 - Lavasoft) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version:  - Gearbox Software)
Amaya (HKLM-x32\...\Amaya) (Version: 11.3.1 - )
Amazon Kindle (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Amazon Kindle) (Version:  - Amazon)
Amazon MP3-Downloader 1.0.15 (HKLM-x32\...\Amazon MP3-Downloader) (Version: 1.0.15 - Amazon Services LLC)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 1503 GOLD (HKLM-x32\...\{DB833EF9-A198-49BE-970A-BD46F30BFBB4}) (Version: 1.05.00 - )
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Any Capture 3.50 Build 3501 (HKLM-x32\...\Any Screen Capture_is1) (Version:  - James Huang)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.5.9.0 - SlySoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
ASRock 3TB+ Unlocker v1.1 (HKLM\...\ASRock 3TB+ Unlocker_is1) (Version:  - ASRock Inc.)
ASRock eXtreme Tuner v0.1.251 (HKLM-x32\...\ASRock eXtreme Tuner_is1) (Version:  - )
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version:  - ASRock Inc.)
ASRock XFast RAM v2.0.9 (HKLM\...\ASRock XFast RAM_is1) (Version:  - ASRock Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Aurora 3D Text & Logo Maker version 12.04.27 (HKLM-x32\...\{4F6B6582-B9F6-42B2-AAFC-48E097D07837}_is1) (Version: 12.04.27 - Aurora3D Software)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version:  - AVM Berlin)
AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version:  - AVM Berlin)
Baldur's Gate(TM) II - Schatten von Amn(TM) (HKLM-x32\...\{7AF32AB1-CB97-11D4-9607-0050BA84F5F7}) (Version:  - )
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bitnami WordPress-Modul (HKLM-x32\...\Bitnami WordPress-Modul 3.9.2-1) (Version: 3.9.2-1 - Bitnami)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.9 - BitRaider, LLC)
Blur(TM) (HKLM-x32\...\InstallShield_{589A63D3-89E1-4D9B-8DBC-6039BB27289E}) (Version: 1.00.0000 - Activision)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version:  - )
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Brother Driver Deployment Wizard (HKLM-x32\...\{0ED38503-B69A-44B4-98BE-21BFF284A9B6}) (Version: 1.09.000 - Brother)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version: 2.78 - Buffalo Inc.)
Call of Duty Modern Warfare 3 (c) Activision version 1 (HKLM-x32\...\Call of Duty Modern Warfare 3 (c) Activision_is1) (Version: 1 - )
Call of Duty(R) - World at War(TM) (HKLM-x32\...\InstallShield_{D80A6A73-E58A-4673-AFF5-F12D7110661F}) (Version: 1.7 - Activision)
Call of Duty(R) - World at War(TM) (x32 Version: 1.0 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.1 Patch (x32 Version: 1.1 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.2 Patch (x32 Version: 1.2 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.4 Patch (x32 Version: 1.4 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.5 Patch (x32 Version: 1.5 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.6 Patch (x32 Version: 1.6 - Activision) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version:  - ) Hidden
Call of Duty(R) - World at War(TM) 1.7 Patch (x32 Version: 1.7 - Activision) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.00.0000 - Activision)
Call of Duty(R) 2 (x32 Version: 1.00.0000 - Activision) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 14.2.0.10 - Citrix Systems, Inc.)
CloneBD (HKLM-x32\...\CloneBD) (Version: 1.0.3.7 - Elaborate Bytes)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
CoffeeCup Free HTML Editor (HKLM-x32\...\CoffeeCup Free HTML Editor) (Version:  - )
Craft The World (HKLM-x32\...\Steam App 248390) (Version:  - Dekovir Entertainment)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version:  - Paradox Development Studio)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DIE SIEDLER - Aufstieg eines Königreichs (HKLM-x32\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Elite Dangerous Launcher version 0.4.2150.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.2150.0 - Frontier Developments)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - AMPLITUDE Studios)
Entropia Universe (HKLM-x32\...\Entropia Universe) (Version: 15.2.3.128490 - MindArk PE AB)
EVE Online (HKLM-x32\...\{06BBC723-696D-4393-B47F-55B1B285FF9A}) (Version: 3.0.0 - CCP Games Ltd.)
EVE Online (HKLM-x32\...\{BB20171D-5E3C-4443-9483-4857EB5D397D}) (Version: 3.0.0 - CCP Games Ltd.)
EVE Online (nur entfernen) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
EVEMon (HKLM-x32\...\EVEMon) (Version: 1.9.4 - battleclinic.com)
EZ Setup B12.0330.01 (HKLM-x32\...\{DA6AF673-AD91-4AC7-B2F4-FE0C8A3A7E99}) (Version: 1.00.0000 - GIGABYTE)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Firefall (HKLM-x32\...\Steam App 227700) (Version:  - Red 5 Studios)
FRITZ!Box-Fernzugang einrichten (HKLM-x32\...\{EFADD989-D9F2-49F6-A280-675951CC78D3}) (Version: 1.0.3 - AVM Berlin)
FRITZ!Fernzugang (HKLM\...\{DD57CC22-8864-4CCA-94D4-600D024C1207}) (Version: 1.3.1 - AVM Berlin)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game of Thrones Version 1.6.0.0 (HKLM-x32\...\AGOT_is1) (Version: 1.6.0.0 - Cyanide)
gamelauncher-ps2-psg (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\SOE-E:/Gamesload/PlanetSide 2) (Version:  - Sony Online Entertainment)
GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
Goat Simulator (HKLM-x32\...\R29hdFNpbXVsYXRvcg==_is1) (Version: 1 - )
GPL Ghostscript (HKLM\...\GPL Ghostscript 9.02) (Version: 9.02 - Artifex Software Inc.)
GSview 4.9 (HKLM\...\GSview 4.9) (Version:  - )
Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HxD Hex Editor Version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
Inkscape 0.48.4 (HKLM-x32\...\Inkscape) (Version: 0.48.4 - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Internet Manager (HKLM-x32\...\Internet Manager_is1) (Version:  - TCT Mobile Limited)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
iTunes (HKLM\...\{D227565A-0033-40AD-89BA-653A205CDC11}) (Version: 12.1.1.4 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Mega Codec Pack 10.0.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.0.0 - )
LauschAngriff (HKLM-x32\...\LauschAngriff) (Version:  - )
LavasoftTcpService (x32 Version: 2.3.4.2 - Lavasoft) Hidden
Ligos Indeo® Codecs (HKLM-x32\...\{AD7FC27B-519A-48CB-B996-71A1B367F751}) (Version:  - )
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Harmony Remote Software 7 (HKLM-x32\...\{5C6F884D-680C-448B-B4C9-22296EE1B206}) (Version: 7.7.0.0 - Logitech)
Magical Jelly Bean KeyFinder (HKLM-x32\...\KeyFinder_is1) (Version: 2.0.9.8 - Magical Jelly Bean)
Magical Jelly Bean PasswdFinder (HKLM-x32\...\PasswdFinder_is1) (Version: 1.0.0.25 - PasswdFinder)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{F880E744-9F1C-435F-B01C-1A56A18D6154}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.0.30 - MAGIX AG)
MAGIX Video deluxe 2014 Premium Update (Version: 13.0.5.4 - MAGIX AG) Hidden
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version:  - )
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052B-02A4-4627-81F2-1818DA5D550D}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837B34E3-7C30-493C-8F6A-2B0F04E2912C}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071C9B48-7C32-4621-A0AC-3F809523288F}) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{6F29F195-B11C-3EAD-B883-997BB29DFA17}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022.218 (HKLM\...\{BBBE35B2-9349-3C48-BD3D-F574B17C7924}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version:  - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version:  - )
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version:  - )
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version:  - )
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version:  - )
Minion (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.00.705 - Huawei Technologies Co.,Ltd)
Motorola Bluetooth (HKLM\...\Motorola Bluetooth_is1) (Version: 3.0.1.227 - Motorola, Inc.)
MSI Afterburner 2.2.0 Beta 15 (HKLM-x32\...\Afterburner) (Version: 2.2.0 Beta 15 - MSI Co., LTD)
My Game Long Name (HKLM\...\UDK-0ffc6de4-723f-4404-b5b6-7b4b859679a2) (Version:  - Epic Games, Inc.)
MyDriveConnect 3.3.0.1812 (HKLM-x32\...\MyDriveConnect) (Version: 3.3.0.1812 - TomTom)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
Namo WebEditor 8 (HKLM-x32\...\{D3507473-2CE3-4073-A6BA-A0846B5CC687}) (Version: 8.00.000 - Namo Interactive, Inc.)
Neverwinter (HKLM-x32\...\Steam App 109600) (Version:  - Cryptic Studios)
Neverwinter Nights (HKLM-x32\...\{7C503E58-B2BC-11D5-978A-0050BA84F5F7}) (Version:  - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.0 - Vitalwerks Internet Solutions LLC)
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 141106.96623 - Square Enix Ltd)
Nur Deinstallierung der CopyTrans Suite möglich. (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\CopyTrans Suite) (Version: 2.10 - WindSolutions)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Nvu 1.0 (HKLM-x32\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Online Plug-in (x32 Version: 14.2.0.10 - Citrix Systems, Inc.) Hidden
Only If (HKLM-x32\...\Steam App 298260) (Version:  - Creability)
Ontrack EasyRecovery Professional (HKLM-x32\...\{668CC71A-C2AD-4D56-866D-CF300BD1D5BE}_is1) (Version: 10.0.2.3 - Kroll Ontrack Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC)
PantsOff 2.0 (HKLM-x32\...\{EC1F15E1-F3CC-46EE-B7A5-849A08ED60DC}}_is1) (Version: 2.0 - Christoph Bünger Software)
Panzar (HKLM-x32\...\Steam App 240320) (Version:  - Troxit Service)
PasswordCreator3 (HKLM-x32\...\{912B7860-AC3B-11DC-6784-00965B3C18BE}) (Version: 3.00.000 - American Riviera Software)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PE Builder 3.1.10a (HKLM-x32\...\PE Builder_is1) (Version:  - Bart Lagerweij)
PHOTOfunSTUDIO 8.0 AE (HKLM-x32\...\{E715809A-194F-4AD6-84E6-36C88267940B}) (Version: 8.00.511 - Panasonic Corporation)
PHP Coder Release R2 Final PreRelease 3 (HKLM-x32\...\PHP Coder_is1) (Version:  - ST Software)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
PlanetSide 2 (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\soe-PlanetSide 2 PSG) (Version: 1.0.3.183 - Sony Online Entertainment)
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Quantum Rush Online (HKLM-x32\...\Steam App 304890) (Version:  - GameArt Studio GmbH)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
ratDVD 0.78.1444 (HKLM-x32\...\ratDVD) (Version: 0.78.1444 - ratDVD)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6559 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Reflex (HKLM-x32\...\Steam App 328070) (Version:  - Turbo Pixel Studios)
Remote Control USB Driver (HKLM-x32\...\{8471021C-F529-43DE-84DF-3612E10F58C4}) (Version: 2.3.2.317 - )
Rise of Venice (HKLM-x32\...\Steam App 227020) (Version:  - )
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.6 - Samsung)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Self-Service Plug-in (x32 Version: 4.2.0.2495 - Citrix Systems, Inc.) Hidden
Serious Sam 2 (HKLM-x32\...\Steam App 204340) (Version:  - Croteam)
Serious Sam 3: BFE (HKLM-x32\...\Steam App 41070) (Version:  - Croteam)
Serious Sam Classic: The First Encounter (HKLM-x32\...\Steam App 41050) (Version:  - Croteam)
Serious Sam Classic: The Second Encounter (HKLM-x32\...\Steam App 41060) (Version:  - Croteam)
Serious Sam Classics: Revolution (HKLM-x32\...\Steam App 227780) (Version:  - Croteam)
Serious Sam Double D XXL (HKLM-x32\...\Steam App 111600) (Version:  - Mommy's Best Games)
Serious Sam HD: The First Encounter (HKLM-x32\...\Steam App 41000) (Version:  - Croteam)
Serious Sam HD: The Second Encounter (HKLM-x32\...\Steam App 41010) (Version:  - Croteam)
Serious Sam: The First Encounter (HKLM-x32\...\{815050E5-F545-11D4-9569-004095812ACC}) (Version:  - )
Serious Sam: The Random Encounter (HKLM-x32\...\Steam App 201480) (Version:  - Vlambeer)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Shadowrun: Dragonfall - Director's Cut (HKLM-x32\...\Steam App 300550) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SiSoftware Sandra Personal 2013a (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 19.19.2013.1 - SiSoftware)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SmartSync (HKLM-x32\...\{5B12573C-9C90-4790-BFEE-2BC43C2EB997}) (Version:  - )
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Space Empires V (HKLM-x32\...\Steam App 1690) (Version:  - Malfador Machinations)
Spotify (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Star Wars Battlefront (HKLM-x32\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - )
Star Wars Battlefront II (HKLM-x32\...\{3D374523-CFDE-461A-827E-2A102E2AB365}) (Version: 1.0 - LucasArts)
Star Wars Empire at War (HKLM-x32\...\{99AE7207-8612-4DBA-A8F8-BAE5C633390D}) (Version: 1.0 - LucasArts)
Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 8.0.0.5 - Bioware/EA)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Starpoint Gemini 2 (HKLM-x32\...\Steam App 236150) (Version:  - Little Green Men Games)
Starship Troopers (HKLM-x32\...\{CA1AB30E-8B9F-4739-A0F7-5BC1226D2BA3}) (Version: 0.05.2400 - Empire Interactive)
Strategic War in Europe (HKLM-x32\...\Steam App 283000) (Version:  - Wastelands Interactive)
Strike Vector (HKLM-x32\...\Steam App 246700) (Version:  - Ragequit Corporation)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version:  - )
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.38475 - TeamViewer)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
TomTom HOME (HKLM-x32\...\{BB05590A-6602-43F3-A400-77EA0976BC0A}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Total Uninstall 6.3.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.3.1 - Gavrila Martau)
Train Fever (HKLM-x32\...\Steam App 304730) (Version:  - Urban Games)
TweakMe! (HKLM-x32\...\{709D0207-B1F8-4ADC-BB2F-CDBE2367A475}_is1) (Version: 1.2.0.5 - DiSTANTX)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0012-0000-0000-0000000FF1CE}_STANDARDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 5.1 - Ubisoft)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Waterfox 38.0 (x64 en-US) (HKLM\...\Waterfox 38.0 (x64 en-US)) (Version: 38.0 - Mozilla)
Web Companion (HKLM-x32\...\{7ADC1B3B-06CB-4EC2-80A7-F063B2C5FE42}_WebCompanion) (Version: 2.0.1013.2086 - Lavasoft)
WinHTTrack Website Copier 3.44-1 (HKLM-x32\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack)
Wireshark 1.6.3 (HKLM-x32\...\Wireshark) (Version: 1.6.3 - The Wireshark developer community, hxxp://www.wireshark.org)
WM Recorder (HKLM-x32\...\WM Recorder14.10.1) (Version: 14.10.1 - AllAlex, Inc)
WM Recorder 14 (HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\WM Recorder 14) (Version:  - )
Wondershare Video Converter Ultimate(Build 8.0.0.10) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.0.0.10 - Wondershare Software)
WYSIWYG Web Builder 7  (HKLM-x32\...\WYSIWYG_Web_Builder_7) (Version:  - )
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-5 - Bitnami)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
XnView 1.97.4 (HKLM-x32\...\XnView_is1) (Version: 1.97.4 - Gougelet Pierre-e)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
ZOTAC FireStorm (HKLM-x32\...\ZOTAC FireStorm) (Version:  - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-905352029-3248617649-53037531-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\***\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-905352029-3248617649-53037531-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\***\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-905352029-3248617649-53037531-1000_Classes\CLSID\{87b171be-e531-4432-abf4-5a4bda680222}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-905352029-3248617649-53037531-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\***\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-905352029-3248617649-53037531-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\***\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01287610-6F19-4029-B59F-970C9D81BDC8} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {01ACC750-8C47-4495-AF2A-D6D492C2935B} - System32\Tasks\{8A576758-3F88-4BBD-8BEF-5260EFF2F1EA} => pcalua.exe -a E:\Download\setupSiemens-DCA-140-540v1.0.7.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {03136EB5-2CA2-4BF3-9736-24E4E8955776} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {03176F30-6EF7-46B6-BD97-7D29C4496522} - System32\Tasks\{329AE141-0B4D-4DB8-A496-96216F595CC4} => D:\SETUP\GERMAN\SETUP.EXE
Task: {06CC6EA3-C400-403C-BF6B-C2B0ACD071AB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-905352029-3248617649-53037531-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {072C893B-40CF-47D4-9332-B0DB0002339B} - System32\Tasks\{AFA9C625-AB2E-4F7F-B528-14C45B68A815} => pcalua.exe -a E:\Download\ADE_4.0_Installer.exe -d E:\Download
Task: {0791A85E-BB45-44B2-A503-1876D6DF4BD7} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {0799C19C-858C-42C9-9326-AB95C3EB9D94} - System32\Tasks\{A36BEA24-DA95-4D32-8CEA-8706C81CDCCD} => pcalua.exe -a D:\setup.exe -d D:\
Task: {09350F89-CD83-478D-84E9-9B2B3ADB7CCD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-21] (Adobe Systems Incorporated)
Task: {09E8DC5E-596B-4D00-93F2-D34D7BA637E2} - System32\Tasks\{B7B9CC25-B8B0-4F71-B230-AE1C3F954D8F} => pcalua.exe -a E:\Download\WYSIWYG_Web_Builder_7.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {0B2C2A3C-4459-46C4-86E8-BE81FAEC236F} - System32\Tasks\xingoscupdate => C:\Program Files\XING\XING Outlook Connector\xingoscupdate.exe [2014-01-08] (XING)
Task: {0D4D5581-CC4B-4155-AA71-8D568DBBEB51} - System32\Tasks\{85E69E29-A169-4837-896C-2F2CA1F1E5A8} => pcalua.exe -a E:\Download\WebInstaller.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {18E289A8-93FD-4F41-BAB4-E8FD5548298A} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {37097D7B-6C15-49DC-9BD6-E431D86DF95A} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {397133CC-B665-4AD9-BBEB-E1C794E4FAFC} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {39F44782-7523-4641-A8C5-B474C96B926E} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-905352029-3248617649-53037531-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {3A04EB77-4C97-4AE3-990C-282CB13729CB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3D92854E-08A3-46D9-8012-F3D00CD90E5D} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-09] (Microsoft Corporation)
Task: {3F7DE1A0-EAC2-434E-9BF4-D41EA99FF92D} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {46DFC66D-6249-464B-AFB6-DFA42D09A178} - System32\Tasks\Xing Social Recommendations => C:\Program Files\XING\XING Outlook Connector\32-bit\XingSocial.exe [2014-01-08] (XING AG)
Task: {48410C32-58C1-4BE5-9D35-7B9808E0F6DF} - System32\Tasks\{C8E91737-3877-4530-AB4F-53E33A92263D} => pcalua.exe -a "G:\Lösch Games\World of goo\Setup.EXE" -d "G:\Lösch Games\World of goo"
Task: {4B77179F-D890-4EFC-AB88-8B371A4FF937} - System32\Tasks\{CAE8ECC6-A4C8-49E4-A50D-06BA400840D2} => E:\Download\firmware-dsl-plus-1100-lan-windows-v2.exe
Task: {5D7CDE23-42AF-40EE-833E-02C6130945C2} - System32\Tasks\{A1ED54C4-8FF9-4DBB-BF89-BCA2FD8277C7} => pcalua.exe -a F:\INSTALL.EXE -d F:\
Task: {6AEF7877-FAAC-47ED-9BE0-C8EB1D247499} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {73E0C867-C985-4E35-82CA-D8BCD2E7D42F} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-905352029-3248617649-53037531-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {7EC80E6A-CBED-4DBF-A3EA-4659D573663D} - System32\Tasks\{B2AB55D3-3CCA-42BC-967A-952C131DBE70} => G:\BlueByte\Die Siedler IV\S4.exe [2000-10-25] ()
Task: {A507EF38-D052-42AB-915F-2862E0389912} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-905352029-3248617649-53037531-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {A85C5FB1-D563-4499-A654-388D42A8145F} - System32\Tasks\{4AFFFDB9-7A15-4A04-B46C-F51497218D61} => pcalua.exe -a "G:\Party- Games\Tom Clancy's Rainbow Six Vegas 2\Patch v1.03 + NoCD-Crack_wichtig_für_Win7\rainbow_six_vegas_2_1.03.exe" -d "G:\Party- Games\Tom Clancy's Rainbow Six Vegas 2\Patch v1.03 + NoCD-Crack_wichtig_für_Win7"
Task: {AFC1CBEB-2D1A-441F-AD4A-CB900C1E24AF} - System32\Tasks\{F89C8A83-C7CF-482F-BB5A-4D606A45777F} => pcalua.exe -a E:\MFC-7820N\Disk1\setup.exe -d E:\MFC-7820N\Disk1
Task: {B4776283-9C17-4D56-864A-51D14F00CD57} - System32\Tasks\{FAFF1F58-144D-4031-961A-E826C20CD765} => pcalua.exe -a C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe -c /M{938D9C57-3CF0-4DA8-B04E-EF99501859B5} /l1031
Task: {C0945BA3-CE44-46D3-8E50-2AB0AD4423E8} - System32\Tasks\AdobeAAMUpdater-1.0-***-PC-*** => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {C855B1C5-0677-45A0-A60A-DCE0CBA55E88} - System32\Tasks\{592445FE-8D9F-474F-B6AA-47D0DD4F36F5} => pcalua.exe -a E:\Gamesload\Anno\Setup.exe -d E:\Gamesload\Anno
Task: {D8042DB1-F1E7-4F15-9238-A3355BAD5FD8} - System32\Tasks\{FDC09FA8-DFCE-4B53-AC65-E6A7686959B4} => pcalua.exe -a E:\Download\MFC-7820N-inst-win7-A2.EXE -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D9BE9B97-9F0F-4EB1-9B2A-4D65D863A1B1} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {E691F61E-72BB-4A40-8A5A-7338578005DF} - System32\Tasks\{0E51C6AD-C6EE-41AA-B96A-7DE306D4CDEE} => pcalua.exe -a E:\Download\delinf_1065.EXE -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {ECA58E2F-9413-4471-AE31-7C938455C811} - System32\Tasks\{9CEE33A6-FFD6-4A87-9115-D02EB29008DA} => pcalua.exe -a E:\Download\FRITZ_Fernzugang_german_01.03.01.exe -d E:\Download
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (Whitelisted) ==============

2014-04-25 20:24 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-02-19 13:10 - 2006-02-23 12:35 - 00020480 _____ () C:\Windows\System32\FritzColorPort64.dll
2015-02-19 13:10 - 2006-02-22 11:39 - 00020480 _____ () C:\Windows\System32\FritzPort64.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00133632 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2012-02-09 17:26 - 2012-02-09 17:26 - 00048128 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2012-02-09 17:26 - 2012-02-09 17:26 - 00036864 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll
2010-11-04 19:35 - 2015-05-02 12:29 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-05-02 12:29 - 2015-05-02 12:29 - 00107832 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2013-10-01 10:32 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2015-06-02 17:18 - 2015-06-02 17:18 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-11-09 14:38 - 2014-10-24 15:16 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00019816 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
2015-05-25 10:23 - 2015-05-25 10:23 - 00012144 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Service.Logger.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00034664 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WcfService.dll
2015-05-05 23:21 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00078656 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00183656 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.Business.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00046920 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.adblocker.dll
2015-05-25 10:24 - 2015-05-25 10:24 - 00123736 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.PUP.Management.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00015696 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.Utils.SqlLite.dll
2015-05-25 10:24 - 2015-05-25 10:24 - 00073544 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SysInfo.dll
2015-05-25 10:23 - 2015-05-25 10:23 - 00039256 _____ () C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.CSharp.Utilities.dll
2011-11-14 23:10 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2014-02-04 18:25 - 2014-02-04 18:25 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2014-02-04 18:28 - 2014-02-04 18:28 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2015-02-15 02:40 - 2015-02-15 02:40 - 00381440 _____ () C:\Windows\mod_frst.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\Reprise:yhuwxvwhfkxkcqmbzxjuiqjduvsftifh
AlternateDataStreams: C:\ProgramData\TEMP:890CC2F3
AlternateDataStreams: C:\Users\***\Downloads\InstallActiveX.exe:BDU
AlternateDataStreams: C:\Users\***\Downloads\vcredist_x64.exe:BDU

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\mtu-online.com -> hxxps://citrix.mtu-online.com
IE trusted site: HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\mydlink.com -> hxxps://eu.mydlink.com
IE trusted site: HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\rrpowersystems.com -> hxxps://webmail.rrpowersystems.com
IE trusted site: HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\webcompanion.com -> hxxp://webcompanion.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-905352029-3248617649-53037531-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\***\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AcrSch2Svc => 3
MSCONFIG\Services: AdobeActiveFileMonitor5.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: Bluetooth Device Manager => 3
MSCONFIG\Services: Bluetooth Media Service => 3
MSCONFIG\Services: Bluetooth OBEX Service => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: Boonty Games => 3
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: Mobile Partner. RunOuc => 2
MSCONFIG\Services: Modem Device Helper => 2
MSCONFIG\Services: NasPmService => 2
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer => 3
MSCONFIG\Services: Virtual CDAudio Service => 2
MSCONFIG\Services: WinDefend => 3
MSCONFIG\Services: WOTUpdater => 3
MSCONFIG\Services: YahooAUService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BUFFALO NAS Navigator2.lnk => C:\Windows\pss\BUFFALO NAS Navigator2.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^NAS Scheduler.lnk => C:\Windows\pss\NAS Scheduler.lnk.CommonStartup
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: AnyDVD => "C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Bitdefender-Geldbörse => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard
MSCONFIG\startupreg: Bitdefender-Geldbörse-Anwendungs-Agent => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"
MSCONFIG\startupreg: BTMTrayAgent => rundll32.exe "C:\Program Files\Motorola\Bluetooth\btmshell.dll",TrayApp
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Google Update => "C:\Users\***\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MusicManager => "C:\Users\***\AppData\Local\Programs\Google\MusicManager\MusicManager.exe"
MSCONFIG\startupreg: Ocs_SM => C:\Users\***\AppData\Roaming\OCS\SM\SearchAnonymizer.exe
MSCONFIG\startupreg: Redirector => "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
MSCONFIG\startupreg: SmartSync - ScheduleSync => C:\PROGRA~2\MOBILE~1\SMARTS~1\SCHEDU~1.EXE
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: T-Mobile ModemListener => C:\Program Files (x86)\T-Mobile\InternetManager_A\Background\ModemListener.exe start

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{6D5D196F-4595-4567-AC3B-4AC432896F87}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [UDP Query User{46CDA267-F355-4671-94BD-DADB447C0330}C:\program files (x86)\gigabyte\@bios\gwflash.exe] => (Allow) C:\program files (x86)\gigabyte\@bios\gwflash.exe
FirewallRules: [{468E73B9-ED74-465D-BB0E-A783F9006524}] => (Allow) LPort=8394
FirewallRules: [{7FB5CB31-4EC8-45E9-BB78-999FB3E0BB65}] => (Allow) LPort=8394
FirewallRules: [{72B35ECE-187B-400A-9920-E54891123415}] => (Allow) LPort=6915
FirewallRules: [{3F898F77-FAAB-4844-9C7A-9125B34F21A5}] => (Allow) LPort=6915
FirewallRules: [{BEFA316E-C808-4231-BD75-2B2C0B2BD68C}] => (Allow) LPort=6928
FirewallRules: [{174069BF-0F69-49D1-97CB-68AEC6D6BEE5}] => (Allow) LPort=6928
FirewallRules: [{69EB7697-59B5-4059-A1FC-214E7AE80631}] => (Allow) LPort=54925
FirewallRules: [{36D8901F-A349-40FA-8BE9-DB23C47D97AF}] => (Allow) LPort=6957
FirewallRules: [{CD9E6DB4-2466-4DCE-8E5F-43B210526550}] => (Allow) LPort=6957
FirewallRules: [{5E2FCDDE-C36D-4CD7-8F61-220A004A3B25}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [{1E3D8DB1-DBBC-4DDD-8399-E904138539BA}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe
FirewallRules: [TCP Query User{883DFAC6-4497-4FEF-805B-8CF4074F79DB}G:\rom\client.exe] => (Allow) G:\rom\client.exe
FirewallRules: [UDP Query User{0F6574F6-BED0-458C-9060-0B53B88645C7}G:\rom\client.exe] => (Allow) G:\rom\client.exe
FirewallRules: [TCP Query User{C36FF02E-78E1-442D-910D-C2BDCC83A773}G:\rom\launcher.exe] => (Allow) G:\rom\launcher.exe
FirewallRules: [UDP Query User{D1378AB7-93E2-462C-9DEB-12377113FC27}G:\rom\launcher.exe] => (Allow) G:\rom\launcher.exe
FirewallRules: [TCP Query User{2F9868D7-A111-41F3-87AA-8BBA170E9244}G:\lösch games\call of duty - world at war\codwaw lanfixed.exe] => (Allow) G:\lösch games\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{618C1BAD-F763-43DD-93CF-7585B3B70126}G:\lösch games\call of duty - world at war\codwaw lanfixed.exe] => (Allow) G:\lösch games\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [{8C48C6C9-F0B1-4DF2-A7BA-B3BC7ED384F2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E3231A01-81DF-4C81-87EC-5C138DFC8BB2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{33D800DC-EA4C-4343-9A80-3A08799FD5E6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{BA9AF5BA-74F3-4CFB-A213-7341F703AB35}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{BD6C1D31-6AFE-4A2A-A0EC-CBB4E5DD608E}G:\quake iii arena\quake3.exe] => (Allow) G:\quake iii arena\quake3.exe
FirewallRules: [UDP Query User{DC4080DF-BD34-4369-8F94-E1B9AC5ACD07}G:\quake iii arena\quake3.exe] => (Allow) G:\quake iii arena\quake3.exe
FirewallRules: [TCP Query User{0ED08AB0-FDAA-4866-B009-B1678A9CB3E1}G:\world of padman\wop.exe] => (Allow) G:\world of padman\wop.exe
FirewallRules: [UDP Query User{2301C318-FF6C-457F-9B04-24267BB9290F}G:\world of padman\wop.exe] => (Allow) G:\world of padman\wop.exe
FirewallRules: [TCP Query User{DB055ED5-8A2B-411E-B702-92A6D0085E5C}C:\program files (x86)\namo\webeditor 8\bin\webeditor.exe] => (Allow) C:\program files (x86)\namo\webeditor 8\bin\webeditor.exe
FirewallRules: [UDP Query User{B5FFC613-4572-46E1-BC51-317D21B99D9C}C:\program files (x86)\namo\webeditor 8\bin\webeditor.exe] => (Allow) C:\program files (x86)\namo\webeditor 8\bin\webeditor.exe
FirewallRules: [TCP Query User{80E1EA0E-5B30-45EC-968F-7C9CCD234EBC}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{0C6AF793-459D-4C43-8632-99AE9A0D2B70}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [{4EAE0BDC-0C20-4F86-ACB2-1F21F23121B5}] => (Allow) G:\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{5D7DBC15-472C-4108-9F2A-5E93C7291131}] => (Allow) G:\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{239892B0-D96F-48E7-8BE9-5BCBAA109F24}] => (Allow) G:\Create\pc\Create.exe
FirewallRules: [{247636A9-BA04-411B-95B0-9D1AC1A179CF}] => (Allow) G:\Create\pc\Create.exe
FirewallRules: [{9DB1214A-4716-446E-AF4E-1D7A47C9CCA4}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{ABDDB3F6-B8F0-4497-9BD0-EAF73309259C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{EAAB979C-73CC-4BA5-945F-DA8172DFEAEE}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{089CFD9C-0C7F-4A87-82A9-9CF96865773A}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{0412647D-F5AC-4A0F-9F31-8ACB2B92753D}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{619A3D59-11AE-4D65-857A-4A5BAB6434B5}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{6C49ABF6-C547-4F62-9A56-12B33FD41F6E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{DC259B63-7589-437E-8DCF-8A8929CB133B}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{D60697CC-00AE-469E-97BC-73F8D128F03F}G:\call of duty - black ops\blackops.exe] => (Block) G:\call of duty - black ops\blackops.exe
FirewallRules: [UDP Query User{54BAC12A-4925-4152-86CF-445A50E2C434}G:\call of duty - black ops\blackops.exe] => (Block) G:\call of duty - black ops\blackops.exe
FirewallRules: [TCP Query User{D9F99722-3126-4446-86E3-6E3F8D0AB02C}G:\call of duty - black ops\blackopsmp.exe] => (Block) G:\call of duty - black ops\blackopsmp.exe
FirewallRules: [UDP Query User{9536971C-2192-4CD0-983B-2DD910075E8B}G:\call of duty - black ops\blackopsmp.exe] => (Block) G:\call of duty - black ops\blackopsmp.exe
FirewallRules: [TCP Query User{93EF5519-93B3-458F-AACF-9C431CC27B6F}G:\anno 1404\tools\addonweb.exe] => (Allow) G:\anno 1404\tools\addonweb.exe
FirewallRules: [UDP Query User{A1BE4227-7280-413F-8109-0C1A618F101E}G:\anno 1404\tools\addonweb.exe] => (Allow) G:\anno 1404\tools\addonweb.exe
FirewallRules: [TCP Query User{DE35D87D-6082-4E0D-9F49-AF323283215A}G:\anno 1404\tools\anno4web.exe] => (Allow) G:\anno 1404\tools\anno4web.exe
FirewallRules: [UDP Query User{30E864F7-93AD-4EC0-A362-F73C7233176C}G:\anno 1404\tools\anno4web.exe] => (Allow) G:\anno 1404\tools\anno4web.exe
FirewallRules: [{7EBFDDA0-672B-4EF0-95DC-AC7DB8F5095B}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{C2BB9736-00AA-436B-B80B-195B65A8348D}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [TCP Query User{3E4EA503-93B9-44FA-9CA8-2378BE2AEFA4}G:\call of duty - world at war\codwaw-1.7 lanfixed.exe] => (Allow) G:\call of duty - world at war\codwaw-1.7 lanfixed.exe
FirewallRules: [UDP Query User{B54F2067-983F-4344-913A-5937DDF33309}G:\call of duty - world at war\codwaw-1.7 lanfixed.exe] => (Allow) G:\call of duty - world at war\codwaw-1.7 lanfixed.exe
FirewallRules: [TCP Query User{30E250CC-DE45-4626-B6C8-A8D3E624BA28}G:\call of duty - world at war\codwawmp.exe] => (Allow) G:\call of duty - world at war\codwawmp.exe
FirewallRules: [UDP Query User{6EE8ACA9-A3F6-4172-995C-E6F00C644A7F}G:\call of duty - world at war\codwawmp.exe] => (Allow) G:\call of duty - world at war\codwawmp.exe
FirewallRules: [TCP Query User{5D81D938-983C-4BEC-9574-B0E9B2547B83}G:\borderlands\binaries\borderlands.exe] => (Allow) G:\borderlands\binaries\borderlands.exe
FirewallRules: [UDP Query User{5B06D47A-F8D0-4D17-B6A7-49178F6C2090}G:\borderlands\binaries\borderlands.exe] => (Allow) G:\borderlands\binaries\borderlands.exe
FirewallRules: [TCP Query User{E100277F-5AD8-4C09-9E7B-592449F6DD2D}G:\q3\quake3.exe] => (Allow) G:\q3\quake3.exe
FirewallRules: [UDP Query User{ABC396BD-E397-4894-B5DE-1F003D35ACDD}G:\q3\quake3.exe] => (Allow) G:\q3\quake3.exe
FirewallRules: [{FDBE76A8-BFCE-4C47-ABDA-ABD7A88835B3}] => (Allow) G:\Blur\Blur.exe
FirewallRules: [{A58B9BC5-A0D5-4611-A4DC-C2CFD09B66F6}] => (Allow) G:\Blur\Blur.exe
FirewallRules: [TCP Query User{22DEE383-107B-4683-8AA3-83D7DF5E05AF}G:\dragon age\bin_ship\eacoreserver.exe] => (Allow) G:\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [UDP Query User{4453580D-1A85-4B34-A8BE-6FAB4D67B5F4}G:\dragon age\bin_ship\eacoreserver.exe] => (Allow) G:\dragon age\bin_ship\eacoreserver.exe
FirewallRules: [{4DFF5EE6-9452-42E4-92AD-96B694C85258}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{63F09A3C-D7B8-41D2-90FD-2136D614EA31}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{4E597A59-3593-4264-A1CD-4A7EEE8256D8}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D2A677C2-09A5-4427-A530-DA3891D86CE7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FBAF61CD-61B7-49D7-B001-E47D8F2D725F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{6158BBC1-EDBE-4CB5-BF7B-C9AC99C7D549}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DE2B19E8-07FB-4EDA-B4A8-5A3B084F16E8}] => (Allow) LPort=49163
FirewallRules: [{3DAD4D8F-263D-4283-8BCB-350A7885930F}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{0771C805-D31F-47C4-85BB-70817204374F}G:\star wars empire at war\gamedata\fpupdate.exe] => (Allow) G:\star wars empire at war\gamedata\fpupdate.exe
FirewallRules: [UDP Query User{D3247585-A52A-4F3D-88BA-17863C4CE2A5}G:\star wars empire at war\gamedata\fpupdate.exe] => (Allow) G:\star wars empire at war\gamedata\fpupdate.exe
FirewallRules: [TCP Query User{D9D2501E-4684-4CAE-98AD-9653CF966F16}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe
FirewallRules: [UDP Query User{3F67576A-614D-4AB4-AA2E-94611A7120E1}C:\windows\syswow64\rundll32.exe] => (Allow) C:\windows\syswow64\rundll32.exe
FirewallRules: [{74937ADA-8443-4386-9429-E53B0A212DAF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [{4B4FC426-D3D9-46E9-A5F5-9CC22CC71A2C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{862CB418-98A8-4BB8-992C-7789BC46EC4A}I:\ncsoft\guild wars2\gw2.exe] => (Allow) I:\ncsoft\guild wars2\gw2.exe
FirewallRules: [UDP Query User{346CCAD8-5149-4855-AD03-BCE7D03611FA}I:\ncsoft\guild wars2\gw2.exe] => (Allow) I:\ncsoft\guild wars2\gw2.exe
FirewallRules: [TCP Query User{9AE70517-C48D-46B2-AAD4-94F6AB21FD8A}I:\ncsoft\guild wars2\gw2.exe] => (Allow) I:\ncsoft\guild wars2\gw2.exe
FirewallRules: [UDP Query User{437C10C5-E90E-4982-A64B-AF1E8C6633AC}I:\ncsoft\guild wars2\gw2.exe] => (Allow) I:\ncsoft\guild wars2\gw2.exe
FirewallRules: [TCP Query User{ECD95F5B-9CDE-47CC-A10D-C4B3E0363C6E}G:\quake wars\etqw.exe] => (Allow) G:\quake wars\etqw.exe
FirewallRules: [UDP Query User{6BCFF76B-961A-4A58-AED6-596DA7185A26}G:\quake wars\etqw.exe] => (Allow) G:\quake wars\etqw.exe
FirewallRules: [TCP Query User{48134473-7576-4179-A3BE-F12972179979}G:\quake wars\etqwded.exe] => (Allow) G:\quake wars\etqwded.exe
FirewallRules: [UDP Query User{7ED1505E-1D0E-471D-8AB6-74F94FCFEF25}G:\quake wars\etqwded.exe] => (Allow) G:\quake wars\etqwded.exe
FirewallRules: [TCP Query User{CC5519E0-8935-4B1D-B9B7-0153DD4B1DC4}I:\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe] => (Block) I:\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe
FirewallRules: [UDP Query User{3689D42D-2CCF-4164-9E66-C482C6D6782B}I:\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe] => (Block) I:\tom clancy's rainbow six vegas 2\binaries\rainbowsixvegas2_sads.exe
FirewallRules: [TCP Query User{C65B117E-C8CB-4D8E-B945-067285CA526E}I:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) I:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [UDP Query User{25B2628A-5A0F-46B2-BB34-7892793BA1EA}I:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe] => (Allow) I:\tom clancy's rainbow six vegas 2\binaries\r6vegas2_game.exe
FirewallRules: [{D347EA0C-9B31-4868-AD61-B01ECC2CF352}] => (Allow) I:\Crysis2\bin32\Crysis2.exe
FirewallRules: [{B1F53FB6-74BC-4928-9C53-0C96A7047C71}] => (Allow) I:\Crysis2\bin32\Crysis2.exe
FirewallRules: [TCP Query User{1335709F-7614-4CA9-971B-87D89C3076D9}G:\mohaa\mohaa.exe] => (Allow) G:\mohaa\mohaa.exe
FirewallRules: [UDP Query User{4AD4B7EA-3419-4728-B025-6BF4FAAB4A55}G:\mohaa\mohaa.exe] => (Allow) G:\mohaa\mohaa.exe
FirewallRules: [TCP Query User{B99553BD-3D72-48D7-BA80-36DA2A238ABC}I:\cryptic studios\star trek online\live\gameclient.exe] => (Allow) I:\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [UDP Query User{4663FCE2-C347-4632-B33C-FD089FE267A7}I:\cryptic studios\star trek online\live\gameclient.exe] => (Allow) I:\cryptic studios\star trek online\live\gameclient.exe
FirewallRules: [{61D22F65-066F-46F2-87EE-A4263A986667}] => (Allow) I:\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{5166CA1A-B40C-48F9-A3B0-86BEA8A8363D}] => (Allow) I:\Game of Thrones\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{04A8646D-C47E-4784-B6BA-DF8746E29CF7}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{A6239E63-6BD7-4D38-8D98-295B2296B7EF}] => (Allow) C:\Program Files (x86)\YourFileDownloader\Downloader.exe
FirewallRules: [{E37F9C08-F3FD-4C08-9AC1-B25842BEBC09}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [{ECAAA4B7-C7CB-4D6E-8671-78379CB09196}] => (Allow) C:\Program Files (x86)\YourFileDownloader\YourFile.exe
FirewallRules: [TCP Query User{8780D842-EE61-4F3A-B9E4-F92BEB515E99}C:\program files\paint.net\paintdotnet.exe] => (Allow) C:\program files\paint.net\paintdotnet.exe
FirewallRules: [UDP Query User{D36534C5-0962-4D02-9F8C-DF567FC4FCAB}C:\program files\paint.net\paintdotnet.exe] => (Allow) C:\program files\paint.net\paintdotnet.exe
FirewallRules: [TCP Query User{000E513B-B62F-491F-9736-2A2E07745D7F}G:\re-volt\revolt.exe] => (Allow) G:\re-volt\revolt.exe
FirewallRules: [UDP Query User{A461E58E-E700-4E21-AAD7-408946DAD1B9}G:\re-volt\revolt.exe] => (Allow) G:\re-volt\revolt.exe

Silverdrow · 05.06.2015, 19:37

Addition Teil 2

Code:

ATTFilter

FirewallRules: [TCP Query User{3343BD7F-DEE2-4C45-A50D-3568E224F3FC}I:\maniaplanet\maniaplanet.exe] => (Allow) I:\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{9A5B54F7-5BA6-4F2E-BC76-16F5B61EC334}I:\maniaplanet\maniaplanet.exe] => (Allow) I:\maniaplanet\maniaplanet.exe
FirewallRules: [TCP Query User{25957048-D63F-4B86-923B-B84D6E80EE0B}C:\users\***\appdata\local\temp\gw2.exe] => (Block) C:\users\***\appdata\local\temp\gw2.exe
FirewallRules: [UDP Query User{8EDC7570-9F47-4B31-B767-223245C04C97}C:\users\***\appdata\local\temp\gw2.exe] => (Block) C:\users\***\appdata\local\temp\gw2.exe
FirewallRules: [TCP Query User{F179AC5A-3194-44E9-BDAE-6C7BEE2D1EFD}I:\guild wars 2\gw2.exe] => (Allow) I:\guild wars 2\gw2.exe
FirewallRules: [UDP Query User{86BC3E84-69DC-4DAF-A366-DFD4FF6E7CDE}I:\guild wars 2\gw2.exe] => (Allow) I:\guild wars 2\gw2.exe
FirewallRules: [TCP Query User{80BA3A1B-8FF0-4351-A08F-86098A1A8D18}G:\mohaa\moh_spearhead.exe] => (Allow) G:\mohaa\moh_spearhead.exe
FirewallRules: [UDP Query User{F3C8AB7E-80C3-4C5A-BF86-4A576B1340C5}G:\mohaa\moh_spearhead.exe] => (Allow) G:\mohaa\moh_spearhead.exe
FirewallRules: [TCP Query User{28D4D2F9-FCBC-446E-9245-507F5DA064D7}G:\quake iii arena\cnq3.exe] => (Allow) G:\quake iii arena\cnq3.exe
FirewallRules: [UDP Query User{17E44EC5-DDB1-45E0-A381-A62E4A207ED1}G:\quake iii arena\cnq3.exe] => (Allow) G:\quake iii arena\cnq3.exe
FirewallRules: [{A5AFCD89-516E-4C02-B4FA-CB1809ACEDAB}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe
FirewallRules: [TCP Query User{AA9D08E4-C0FE-433B-AD86-D84B158EC060}E:\gamesload\planetside 2\planetside2.exe] => (Allow) E:\gamesload\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{75618F4B-69D8-46C9-839D-1199AC2924A0}E:\gamesload\planetside 2\planetside2.exe] => (Allow) E:\gamesload\planetside 2\planetside2.exe
FirewallRules: [{E057F48A-F15C-4D4C-8A81-F85A2869E32F}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{F8A6E180-CF6D-4861-9F7E-758CD1771E1C}] => (Allow) C:\Program Files (x86)\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{D89FF4E8-7D37-4865-ABAC-30E6214D7033}] => (Allow) I:\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{C8C65DE9-C057-443E-9F2A-9735FF03B812}] => (Allow) I:\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{4C605A63-FEC0-46DA-BEE2-B3835F853964}] => (Allow) I:\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{060D4C8B-8316-4AE5-BA02-DF0739CDB186}] => (Allow) I:\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{34323477-FCEB-49A2-AEDD-DBFDAD72F9B8}] => (Allow) I:\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{26E520B1-4E89-4A38-941F-B630E2F3ADE2}] => (Allow) I:\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [TCP Query User{40D5A215-60D4-46DB-B23C-734FB84AB1A7}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe
FirewallRules: [UDP Query User{784B759A-C698-4EF5-A2A2-8A6176330AE9}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe
FirewallRules: [TCP Query User{CA5257DA-FBE1-4713-A8E6-6E7F2234B488}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{DA6B0849-8A24-49F9-B815-135994608479}C:\windows\system32\rundll32.exe] => (Allow) C:\windows\system32\rundll32.exe
FirewallRules: [{411EA713-7337-4ACA-ACD1-003F73B2A8DD}] => (Block) C:\windows\system32\rundll32.exe
FirewallRules: [{1A896D23-A181-4D55-8CE4-08948D68D802}] => (Block) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{F4BFA64D-8E59-4721-82C6-AC157927982C}G:\serious\bin\serioussam.exe] => (Allow) G:\serious\bin\serioussam.exe
FirewallRules: [UDP Query User{4C141E9D-7021-4094-AE64-95E5DF53DB3B}G:\serious\bin\serioussam.exe] => (Allow) G:\serious\bin\serioussam.exe
FirewallRules: [{DF733AAE-31BB-4198-A3C4-6BC4C34A3390}] => (Allow) I:\T3Fun\Hellgate\HGLLauncher.exe
FirewallRules: [{639D4D41-09EA-40D2-BCA5-454D6C26DF0B}] => (Allow) I:\T3Fun\Hellgate\HGLLauncher.exe
FirewallRules: [{9949D528-1B6B-4FDD-807E-440E94EF5888}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{FC6DABD3-1190-4FF0-9A60-1FA80D3B3680}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{A88FCC3A-C02E-40AA-BE20-8AFBAD0D6A86}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe
FirewallRules: [UDP Query User{5D70E488-2FB5-40F4-B607-B9273A42567D}C:\windows\splwow64.exe] => (Allow) C:\windows\splwow64.exe
FirewallRules: [TCP Query User{67691333-7715-41E9-B711-606B6EE8A3FE}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{C722B828-9714-49A5-8939-184301F7F235}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{40A9ACD9-DE9B-49C8-AEE0-982C0FF822C1}I:\löschung\cod2mp_s.exe] => (Allow) I:\löschung\cod2mp_s.exe
FirewallRules: [UDP Query User{6D0635FF-2E8F-4F22-86FB-054BD74F3979}I:\löschung\cod2mp_s.exe] => (Allow) I:\löschung\cod2mp_s.exe
FirewallRules: [{65CFA490-D1C1-4C9A-9827-DC025B95A526}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E79EFAC4-6497-4C01-900B-A2587618CABC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{069DE7C1-B759-490A-B462-8FA30177E6A5}I:\call of duty 4 - modern warfare\iw3mp.exe] => (Block) I:\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [UDP Query User{566CB709-F42A-4569-A41E-2441E2147D00}I:\call of duty 4 - modern warfare\iw3mp.exe] => (Block) I:\call of duty 4 - modern warfare\iw3mp.exe
FirewallRules: [TCP Query User{8B94835C-44A8-4C6C-9552-F0B7ED5B312C}I:\steamlibrary\steamapps\common\retrovirus\retrovirus.exe] => (Allow) I:\steamlibrary\steamapps\common\retrovirus\retrovirus.exe
FirewallRules: [UDP Query User{BDC26633-15AE-4442-A968-F6720E8C4362}I:\steamlibrary\steamapps\common\retrovirus\retrovirus.exe] => (Allow) I:\steamlibrary\steamapps\common\retrovirus\retrovirus.exe
FirewallRules: [TCP Query User{B1CE558A-D5F4-46DE-8094-F257084F6D19}G:\q2\quake2.exe] => (Allow) G:\q2\quake2.exe
FirewallRules: [UDP Query User{3C868F5B-FE7A-48E0-BD54-9FCC310A8023}G:\q2\quake2.exe] => (Allow) G:\q2\quake2.exe
FirewallRules: [{2B5AD5CA-3659-42BC-810D-B77696924DC8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{9BEF2D54-2B25-4793-A27E-0635B03330F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{6BE88B85-7E6A-446F-93BA-E7CFDE4F71FF}] => (Allow) I:\Steam\SteamApps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{707D396C-9A38-4CDC-9CCA-B633E20F8789}] => (Allow) I:\Steam\SteamApps\common\Cities XL Platinum\CitiesXL_Platinum.exe
FirewallRules: [{6E8E3142-1D54-4841-A080-CACAC421D9D1}] => (Allow) I:\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{B1155CF9-94BA-49A9-8F6C-CE8917F98D98}] => (Allow) I:\Steam\SteamApps\common\RAGE\Rage.exe
FirewallRules: [{34251C72-B59E-409E-BD41-F7C35F780F06}] => (Allow) I:\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [{0043D16C-8DCB-4443-933B-930C8C4ABBDB}] => (Allow) I:\Steam\SteamApps\common\RAGE\Rage64.exe
FirewallRules: [TCP Query User{45594164-5FDE-4617-A92E-81621C578C4A}I:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) I:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{FD5C0EA2-EF0D-4D44-B121-52FD264C0A00}I:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) I:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{97BDABDB-1531-459C-B82E-138C1139173A}] => (Allow) I:\Steam\SteamApps\common\Imagine Earth\ImagineEarth.exe
FirewallRules: [{741F5D01-FE47-4FFD-AD6D-BDDF5BF573A5}] => (Allow) I:\Steam\SteamApps\common\Imagine Earth\ImagineEarth.exe
FirewallRules: [TCP Query User{F1CD4996-1037-40D1-AA27-4544A8DABE7A}I:\steam\steam.exe] => (Allow) I:\steam\steam.exe
FirewallRules: [UDP Query User{1EF2D79E-F197-469C-8892-E2E927259192}I:\steam\steam.exe] => (Allow) I:\steam\steam.exe
FirewallRules: [{D1D8E2D8-AE11-427D-B6FA-2810216043E4}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{6AAA17AE-6AFB-43BB-837F-4EA74F60AC7E}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{466A295A-FEB4-4385-B410-22D2A0E45182}] => (Allow) I:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{A876B47E-9CEC-4CC1-9F01-6FBBFD179AA5}] => (Allow) I:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{1B700C4E-6897-403D-B540-6F1C989EF23A}] => (Allow) I:\SteamLibrary\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{D8FD8AF8-AA30-445A-9440-278880155FE1}] => (Allow) I:\SteamLibrary\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{B0999DFA-A11D-4DDF-A713-A45D1FC76294}] => (Allow) I:\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe
FirewallRules: [{970B8D50-27C0-4E86-ABA5-5E6D26541B7C}] => (Allow) I:\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe
FirewallRules: [{09D4CF93-683D-45EE-963E-A1D5151FEDFB}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{1356F879-FC98-4B30-9784-3A4B9484BF26}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{D7AB7055-397D-45F0-91A8-1E4918B9FDD4}] => (Allow) I:\SteamLibrary\SteamApps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{3C2BB96E-3297-407F-B86E-27F8408D91B3}] => (Allow) I:\SteamLibrary\SteamApps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{A1240964-D665-4819-9264-521AA48BDC2B}] => (Allow) I:\SteamLibrary\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{4A9681A5-14F7-4FB6-8A35-6BED5F15807B}] => (Allow) I:\SteamLibrary\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [TCP Query User{EAD09F31-AA61-41C8-85FB-43B4CF0A4D29}I:\steam\steamapps\common\dragon's prophet (eu)\launcher.exe] => (Allow) I:\steam\steamapps\common\dragon's prophet (eu)\launcher.exe
FirewallRules: [UDP Query User{63870C04-757A-4DE6-A892-53BAA4A701AE}I:\steam\steamapps\common\dragon's prophet (eu)\launcher.exe] => (Allow) I:\steam\steamapps\common\dragon's prophet (eu)\launcher.exe
FirewallRules: [TCP Query User{2BB63549-C322-4981-A7BB-A0FE01109A62}I:\steam\steamapps\common\dragon's prophet (eu)\dp_x64.exe] => (Allow) I:\steam\steamapps\common\dragon's prophet (eu)\dp_x64.exe
FirewallRules: [UDP Query User{B0A68571-1DF6-4696-8081-DFDCB5520B53}I:\steam\steamapps\common\dragon's prophet (eu)\dp_x64.exe] => (Allow) I:\steam\steamapps\common\dragon's prophet (eu)\dp_x64.exe
FirewallRules: [{232D272E-C80B-49BD-B3C7-04EC633A3A65}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FE602132-5C6A-410B-A4C4-5A504EA88D5D}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7976BAB7-350F-4095-8C70-7B25A7AB1730}] => (Allow) I:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{0DCADB5B-9217-4595-93D5-BA3AC80FC713}] => (Allow) I:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{BCC76BC2-7230-487F-A821-6F71D6AC1DA5}] => (Allow) I:\SteamLibrary\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{41B64B5A-AC86-431E-A413-7B01830846A0}] => (Allow) I:\SteamLibrary\SteamApps\common\Endless Space\EndlessSpace.exe
FirewallRules: [{CA8898BA-EE80-410A-8E95-D4FAFAEE1052}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{56A67C95-BCB4-4DB4-89E6-3362A88F68E0}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{C893010D-F5A1-4AE3-AB49-44B576C7C843}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7FE863E1-49CB-4AD2-9E76-C03E5C7C91E2}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{06369204-EBE8-4B2D-ADAC-D3074F6F943F}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{7199F3DF-18ED-468E-94E9-15BC4ED25647}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{C4DAC499-94A7-481B-BC47-F8EC16987531}] => (Allow) I:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{2D1C9CDD-EC88-4BD3-AABE-C0BE24E8EFC7}] => (Allow) I:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{8BE9B1B2-E5D3-4C9E-A78F-8BC957409BE7}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{3F4AD264-DB8B-417B-80B2-106B1F2B2265}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{FB741830-0300-499B-9B31-FF23FE1CEBF1}] => (Allow) I:\SteamLibrary\SteamApps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{FB353D1A-7F68-419D-ACEA-53E43B753392}] => (Allow) I:\SteamLibrary\SteamApps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{651A6978-6E19-434F-A561-E455F5BFCE3F}] => (Allow) I:\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{C486A7F9-8592-41C9-BC50-12C67BA80BCE}] => (Allow) I:\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{F1F460EE-88CC-47FF-BF1E-E3D4030D046A}] => (Allow) I:\SteamLibrary\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{573646D8-3518-46FB-9BEF-2D53EE1B0482}] => (Allow) I:\SteamLibrary\SteamApps\common\Might & Magic - Duel of Champions\Game.exe
FirewallRules: [{98F4CB0E-8705-4EA1-A60C-28AFBCAA0C94}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{989EFAE2-AD81-488A-897D-9E2BFBEE810E}] => (Allow) I:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{35E9C514-2ADA-4414-A85C-048FD9D9F940}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{5E0718CC-7BCD-4AB8-B00A-286F411A2F8E}] => (Allow) I:\SteamLibrary\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{14BC0C4E-F7DB-438B-9F65-982C2A80A181}] => (Allow) I:\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{5D12295A-489F-4D6C-99E8-FE8F44ED6D2A}] => (Allow) I:\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{AE9CE6D4-DC23-45E5-A4AB-D17D13E91940}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{3EEEA1F5-F30D-45B8-8609-37737B8147A2}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{7DC9FC88-C60A-4654-B0E8-8A2D66B9EB40}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{77ABA322-B1F9-4159-980F-193D3F742C1D}] => (Allow) I:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{69336361-6774-4708-9524-417099CC8583}] => (Allow) G:\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{5F6EBBE2-5EC0-4D8E-8DE6-7D5917491BA1}] => (Allow) G:\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{1FE4139E-5E74-4BA9-8030-45951761AC83}] => (Allow) G:\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{A2B4BA7D-83E3-4A3D-8889-CE5907DF3FF8}] => (Allow) G:\Star Wars-The Old Republic\swtor\retailclient\swtor.exe
FirewallRules: [{2A0A3EE9-F1A2-4B11-B6E4-180385772BC5}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{EC71CC0D-39F9-4A69-B9F8-B1EDA71C3DDC}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{A1564022-C12E-42AB-A89B-E44C8A10E873}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{14355DBD-97B0-44D7-90C9-02A6D11F0662}] => (Allow) G:\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{0C4C094B-73CA-4294-B864-F72FECBBE9C3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{DB19F1B6-5C2B-4FB2-A9CF-2E59D2CA385D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E563DC8E-9448-4F26-B3B0-4695A9D92E5A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{ACFD530F-E47D-4571-BA14-3F4AD7FA4555}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{AAE40999-0909-4244-9DB6-01D3037A3637}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AE40E790-683D-41AB-BF28-AA1D22348D89}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{E90819DE-5C00-4FBB-877B-15A21A6AA7AD}] => (Allow) G:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{0DCD7B25-2D9F-4058-B0E9-D6F81BDB0F93}] => (Allow) G:\Steam\SteamApps\common\X Rebirth\XRebirth.exe
FirewallRules: [{2DF54928-5756-4427-A1D6-D77C04DF6D70}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{DDEE2EF3-DA9C-4A48-92AC-D9CADDF090F5}] => (Allow) G:\Steam\Steam.exe
FirewallRules: [{2C5456ED-EF66-4D88-B6D4-A10F1B1EEF50}] => (Allow) G:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{55CC1B73-0328-473F-91C5-5D10011F236B}] => (Allow) G:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelGame.exe
FirewallRules: [{BE6B97BE-BC2F-47EB-A2D3-41D9F624A4E6}] => (Allow) G:\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{20186847-19AF-4744-B717-314CFF85FFDA}] => (Allow) G:\Steam\SteamApps\common\Democracy 3\Democracy3.exe
FirewallRules: [{4E6F2A21-D5A7-450E-BE9B-3D1DD0570A89}] => (Allow) G:\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe
FirewallRules: [{0D34039B-F1C8-42DA-8EBE-25BAD1BE2DED}] => (Allow) G:\Steam\SteamApps\common\Dragon's Prophet (EU)\dplogin.exe
FirewallRules: [{E8ED8A33-648C-42D9-A3A2-EF6B58FA1E6E}] => (Allow) G:\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{323D2063-BF21-4819-83E2-0F686D4B71AA}] => (Allow) G:\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{277D7D40-5746-4348-AC7D-09381C1D97CC}] => (Allow) G:\Steam\SteamApps\common\Imagine Earth\ImagineEarth.exe
FirewallRules: [{86AE41CF-BAD1-49F4-BF9B-885D033B8097}] => (Allow) G:\Steam\SteamApps\common\Imagine Earth\ImagineEarth.exe
FirewallRules: [{0075A48D-3918-48D3-B6B5-8D294FFF8738}] => (Allow) G:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{76CEB830-F6DF-4C5B-8AFD-C43EC557CB1E}] => (Allow) G:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
FirewallRules: [{F884AFB0-D209-49E2-A10B-074F4534E0BF}] => (Allow) G:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{9C911CA3-BA3A-4E1B-99DD-D33A734BAF8C}] => (Allow) G:\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
FirewallRules: [{0503D98A-2B2E-40BF-AF54-89868B0BB0A9}] => (Allow) G:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{78D82688-6F4C-4789-AA76-47C4CE68A94B}] => (Allow) G:\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{9D899E37-56B8-4E94-9BDF-892A2B085574}] => (Allow) G:\Steam\SteamApps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{8809EEE7-831D-421E-A1C9-0DFFD117FE13}] => (Allow) G:\Steam\SteamApps\common\Rise of Venice\RiseOfVenice.exe
FirewallRules: [{6C042EC3-1779-41D7-A776-BF1397737861}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [{558A31BA-8CFD-4832-8C03-4B8F125924AE}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 2\Bin\Sam2.exe
FirewallRules: [{B8BCC70E-F98C-4799-AB67-F3CB3A62AFD3}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 2\Bin\DedicatedServer.exe
FirewallRules: [{A21DE891-5DA1-4ECD-B72D-BF06E216B773}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 2\Bin\DedicatedServer.exe
FirewallRules: [{03FCD631-588A-44C9-89F0-7C2477D395FF}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousSam.exe
FirewallRules: [{4F4960B9-D488-4DEB-B7E7-0D62C584872F}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousSam.exe
FirewallRules: [{7C99D813-6106-42DC-8CC8-933833966316}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousEditor.exe
FirewallRules: [{792ECC45-C272-4AAF-B0BE-5C3B7C559BB4}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousEditor.exe
FirewallRules: [{50C2C07B-6023-434C-8BDC-EB4DD7768E25}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousModeler.exe
FirewallRules: [{4BC82B50-58B2-4F97-A173-F6BF0D340579}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The First Encounter\Bin\SeriousModeler.exe
FirewallRules: [{6266FE6C-63B5-454D-BA58-51AEC231036A}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The Second Encounter\Bin\SeriousSam.exe
FirewallRules: [{91432B59-9763-4146-9C55-6120CFCF84EC}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The Second Encounter\Bin\SeriousSam.exe
FirewallRules: [{6C788C69-AFC8-4D84-B0D4-F365D8AABC5D}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The Second Encounter\Bin\SeriousEditor.exe
FirewallRules: [{A3D8F896-2DA5-4E30-B098-612E92F3FDA2}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The Second Encounter\Bin\SeriousEditor.exe
FirewallRules: [{853B2F86-3589-4F31-8C06-DA9E05933A73}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The Second Encounter\Bin\SeriousModeler.exe
FirewallRules: [{EB0B4AF3-111A-4F2A-9FDB-5CB62FEA99DE}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Classic The Second Encounter\Bin\SeriousModeler.exe
FirewallRules: [{DA2EA55C-0D11-429A-8407-06BCDCE81B2B}] => (Allow) G:\Steam\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{6351F00C-E582-4519-86D9-AF1202B301BB}] => (Allow) G:\Steam\SteamApps\common\SeriousSamDoubleD\SSLauncher.exe
FirewallRules: [{E3B2A242-27F7-4147-A171-DB99B36D9E70}] => (Allow) G:\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{8D304E2B-CB87-44D3-B8AF-C576FEF71675}] => (Allow) G:\Steam\SteamApps\common\Serious Sam HD The First Encounter\Bin\SamHD.exe
FirewallRules: [{440DA164-5A91-4CA5-AD0E-25442FEA1998}] => (Allow) G:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{6AB199E1-F6F8-489A-AAE6-BD70346A3A93}] => (Allow) G:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE.exe
FirewallRules: [{68BB9FEB-63B1-4AE7-98C1-2B6D9E237789}] => (Allow) G:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{C9223B93-5F15-464F-87AA-9C5765DBA959}] => (Allow) G:\Steam\SteamApps\common\Serious Sam HD The Second Encounter\Bin\SamHD_TSE_Unrestricted.exe
FirewallRules: [{B4164AEB-AFD0-406E-B4F0-DC52041AE886}] => (Allow) G:\Steam\SteamApps\common\Serious Sam The Random Encounter\sstre.exe
FirewallRules: [{D652A2B4-FB9E-4C78-82DC-9D33255BCC80}] => (Allow) G:\Steam\SteamApps\common\Serious Sam The Random Encounter\sstre.exe
FirewallRules: [{4EBAC334-92FC-4019-BCD5-94618C4A201A}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{70DF80BC-CA6E-4C9B-A471-D304B7EE1C67}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3.exe
FirewallRules: [{595663B5-D9FD-426D-B9FE-A613E38FA0C8}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{B49291BB-E4EB-4E23-B4CF-AF8E61E6BEF5}] => (Allow) G:\Steam\SteamApps\common\Serious Sam 3\Bin\Sam3_Unrestricted.exe
FirewallRules: [{524BD0A9-FD8B-4621-A348-7E1F34B88556}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{57349287-D4BB-4AFC-A7BD-180578F93758}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{80581592-D44A-4950-92AE-09FB8EBCA371}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{8A1974D0-20ED-41C5-BD69-55A392350183}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A84D92EF-5960-4B41-96F0-2F1A3CC316DF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B2C18D8-7E59-486C-90DD-409D109F469D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{59D8EA1F-1708-4907-A4FB-C2471C470D2B}] => (Allow) G:\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{9BC83BC2-73CC-40C5-9666-0177A0964196}] => (Allow) G:\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{7EE0456E-DCC5-41A9-84E5-99A35E39E76A}] => (Allow) G:\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{AAE483A2-AF3D-4118-9C54-D762CEFA7B9D}] => (Allow) G:\Steam\SteamApps\common\Shadowrun Returns\Shadowrun.exe
FirewallRules: [{3A9B4BF6-6DB3-4469-A4C2-4AA7DE74EA85}] => (Allow) G:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{5D347E55-0FBA-4E4C-8F5C-6CA1CBA86EFB}] => (Allow) G:\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{818AB247-875D-4817-AC85-0BE6112820FA}] => (Allow) G:\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{1C72CA16-4580-4235-9854-59E0C4AC868A}] => (Allow) G:\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{F43CB7AB-6D39-4901-98CD-E46203DFE658}] => (Allow) G:\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{12FC7F86-4967-41B1-933D-C8E5401C386D}] => (Allow) G:\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{483B7639-0540-4BD7-9E9D-7136CFA6F7F2}] => (Allow) G:\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{BCD81945-814A-4867-B145-9FCA4AD5F97E}] => (Allow) G:\Steam\SteamApps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{B8FEFE65-2743-49F6-A705-743EC8176931}] => (Allow) G:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{DBE14D3B-BFC5-4B2D-83FC-292D123892E4}] => (Allow) G:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win32\MarvelHeroes2015.exe
FirewallRules: [{7365A425-0058-4980-8230-CC8F5F4E6F49}] => (Allow) G:\Steam\SteamApps\common\Quantum Rush\QuantumRush.exe
FirewallRules: [{6CB8FA9B-EF05-4A3A-9D30-86A0315EF8CE}] => (Allow) G:\Steam\SteamApps\common\Quantum Rush\QuantumRush.exe
FirewallRules: [{B245C311-AABB-4295-A3C3-E14454A329D6}] => (Allow) G:\Steam\SteamApps\common\Only If\Only If.exe
FirewallRules: [{912FCCE2-459E-42D1-B9C3-D07DFD9CEFFC}] => (Allow) G:\Steam\SteamApps\common\Only If\Only If.exe
FirewallRules: [{79954C9E-37B2-48AB-8F14-468846F5C922}] => (Allow) G:\Steam\SteamApps\common\StrikeVector\Binaries\Win32\UDK.exe
FirewallRules: [{75EA0491-7E08-4700-AADF-767F321E2200}] => (Allow) G:\Steam\SteamApps\common\StrikeVector\Binaries\Win32\UDK.exe
FirewallRules: [{37DD99C3-B25E-47D6-BB20-C2AC69484436}] => (Allow) G:\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{A50FD7F3-B892-4EDD-8327-8331918E584F}] => (Allow) G:\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{8F9A06E9-A6BE-44A8-BA4D-B9BE92555759}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{B5806189-5D20-44E4-BD8D-B29F06D00D29}] => (Allow) G:\Steam\bin\steamwebhelper.exe
FirewallRules: [{AE2EDD4B-F896-4BD3-90B6-5F28AAAEA760}] => (Allow) G:\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{F2310956-42CA-4C27-AC16-EA45EDC85AAD}] => (Allow) G:\Steam\SteamApps\common\Crusader Kings II\CK2game.exe
FirewallRules: [{B97BA4AD-EC87-49E4-BAE3-09BE8227F516}] => (Allow) G:\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{B4F2F97B-6A27-4BCA-98C8-E28425577E06}] => (Allow) G:\Steam\SteamApps\common\Cryptic Studios\Neverwinter.exe
FirewallRules: [{1F58913A-BDF8-4B23-82C5-44BACADD322B}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{91EC34F8-969A-484C-94EA-2D58520CFC50}] => (Allow) G:\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{95A26BF0-007A-4F90-9CC0-8643926356CE}] => (Allow) G:\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
FirewallRules: [{AE9AD0EC-A81F-4AC7-8584-C3FC2C7BCB0C}] => (Allow) G:\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{7B80B3D7-194F-4590-A935-6A2C7E709475}] => (Allow) G:\Steam\SteamApps\common\PAC-MAN Championship Edition DX+\PAC-MAN.exe
FirewallRules: [{7B04C83A-C3E0-4A1F-B1CB-9A8689A43C1C}] => (Allow) G:\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{FBE43FF2-6325-4EFB-AF3A-82727AABBF9B}] => (Allow) G:\Steam\SteamApps\common\Shadowrun Dragonfall Director's Cut\Dragonfall.exe
FirewallRules: [{3DCEB332-E3F1-43C1-B829-1D849D68A2AD}] => (Allow) G:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{327D34FA-552F-413E-B03D-895DC4471EF7}] => (Allow) G:\Steam\SteamApps\common\Total War Rome II\launcher\launcher.exe
FirewallRules: [{7475F433-18A5-442F-A306-62B87CD7D4FA}] => (Allow) G:\Steam\SteamApps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{7F4B7785-53A1-4ECD-8C09-205D78FE4311}] => (Allow) G:\Steam\SteamApps\common\Starpoint Gemini 2\StarpointGemini2.exe
FirewallRules: [{998C75FD-E243-4318-B0C0-D27F849B9D57}] => (Allow) G:\Steam\SteamApps\common\Panzar\PnzSteamLauncher.exe
FirewallRules: [{9E4D571D-5364-4E72-9A29-53947FD40F26}] => (Allow) G:\Steam\SteamApps\common\Panzar\PnzSteamLauncher.exe
FirewallRules: [{634471E4-1B93-4780-B5D5-7B5A949B7BA8}] => (Allow) G:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{C1089B37-1310-46FE-B3A7-D5A9E3807B96}] => (Allow) G:\Steam\SteamApps\common\Game Dev Tycoon\nw.exe
FirewallRules: [{A0E6A05D-2A16-498C-82F8-2FDAAA7CD386}] => (Allow) G:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{31BA34F5-1C6F-4D45-B0B6-A07C4778BDE7}] => (Allow) G:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{2D51A514-64F8-435B-B37E-0124859A7647}] => (Allow) G:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{96D95FA8-D978-4269-8DDD-224FFF56364D}] => (Allow) G:\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{8EE7C1E3-82F3-4DC6-9F49-8984124A1686}] => (Allow) G:\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{39084F22-0263-4A12-9434-083BCD3FFFF5}] => (Allow) G:\Steam\SteamApps\common\Aliens Colonial Marines\Binaries\Win32\ACM.exe
FirewallRules: [{3EAE00E5-DE57-45C2-A01D-27731982BBED}] => (Allow) C:\Program Files (x86)\devolo\bridgesetup\bridgesetup.exe
FirewallRules: [{A7EAC2AF-91A0-4D80-8561-85D4196D77B9}] => (Allow) C:\Program Files (x86)\devolo\bridgesetup\bridgesetup.exe
FirewallRules: [{46DB0907-444E-4CA7-9161-EE4A6019CD49}] => (Allow) C:\Program Files (x86)\devolo\easyshare\easyshare.exe
FirewallRules: [{05E8AB28-BD2B-484C-83B1-F9C767A7FEF2}] => (Allow) C:\Program Files (x86)\devolo\easyshare\easyshare.exe
FirewallRules: [{7F0E0BF8-40FA-4BD0-8902-B33D83494230}] => (Allow) G:\Steam\SteamApps\common\1849\1849.exe
FirewallRules: [{9E16C9C8-5E20-4404-920D-809AF6E971D6}] => (Allow) G:\Steam\SteamApps\common\1849\1849.exe
FirewallRules: [{6C3E028A-F739-4300-886B-A80F01A319AD}] => (Allow) G:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{408552DA-6D81-4413-BEC2-CCC4561187AD}] => (Allow) G:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
FirewallRules: [{3FDC70FB-A4B0-43B8-908A-701CA3375E9D}] => (Allow) G:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{878B0A78-81A6-4EDA-8FA9-55CCB4CAED2F}] => (Allow) G:\Steam\SteamApps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
FirewallRules: [{043C1F18-D946-4816-B1E7-1349402B07A2}] => (Allow) G:\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{33E51623-7B25-4FE2-ABDA-997A2E682261}] => (Allow) G:\Steam\SteamApps\common\chivalrymedievalwarfare\ChivLauncher.exe
FirewallRules: [{FF804F80-678C-4104-B505-14373D86330F}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{394F926C-76F4-4305-8C75-242465B8E64E}] => (Allow) G:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{BAF89214-6114-4631-B014-68316446558F}] => (Allow) G:\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{C7F2FF1C-4921-4FF2-9225-C26D39A3E734}] => (Allow) G:\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{48B48B7F-32AC-4598-9D03-995CAF5D03CA}] => (Allow) D:\fsetup.exe
FirewallRules: [{1257CE39-4314-4756-B98A-D6948A35C154}] => (Allow) D:\fsetup.exe
FirewallRules: [{5020D761-FBA6-42FC-99F0-064AE0A9F0E5}] => (Allow) D:\fsetup.exe
FirewallRules: [{96BB0AF2-92C6-450F-8995-5C43673BB2D7}] => (Allow) D:\fsetup.exe
FirewallRules: [{C5E16482-79C3-419C-9A5A-8B930A9234B1}] => (Allow) G:\Steam\SteamApps\common\Reflex\reflex.exe
FirewallRules: [{087C7B52-93B7-42D8-870C-3D778C4BF223}] => (Allow) G:\Steam\SteamApps\common\Reflex\reflex.exe
FirewallRules: [{A8EF88D6-D0D9-4B08-9AD9-F8E3022B31A0}] => (Allow) G:\Steam\SteamApps\common\SpaceEmpiresV\SE5\SE5.exe
FirewallRules: [{2012E474-BA40-436F-8B37-45950D0D732F}] => (Allow) G:\Steam\SteamApps\common\SpaceEmpiresV\SE5\SE5.exe
FirewallRules: [{9B689780-3B39-448E-9F55-517A30ED5CEB}] => (Allow) G:\Steam\SteamApps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{6C77CF2D-937A-4632-9D55-34BE7E412A19}] => (Allow) G:\Steam\SteamApps\common\CraftTheWorld\CraftWorld.exe
FirewallRules: [{99EE9F35-F5F2-419D-90F0-AE4D79BD64F0}] => (Allow) G:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{C639D982-C446-417C-B18D-7375193E50E5}] => (Allow) G:\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{F28D3E0F-82BD-49EA-B676-CF21D35B0BAC}] => (Allow) G:\Steam\steamapps\common\Dragon's Prophet (EU)\dp_x64.exe
FirewallRules: [{A72D2AD6-4988-473E-B25A-EA9975712692}] => (Allow) G:\Steam\steamapps\common\Dragon's Prophet (EU)\launcher.exe
FirewallRules: [{9A8BB8BF-1DA6-473F-AD2F-0BA709B5A1BB}] => (Allow) G:\Steam\steamapps\common\Dragon's Prophet (EU)\dp_x86.exe
FirewallRules: [{4192E513-E75C-425B-9AA1-EB2373F0945F}] => (Allow) G:\Steam\steamapps\common\Dragon's Prophet (EU)\dp_x64.exe
FirewallRules: [{36AA3876-49CC-48F4-8703-D3EE9B44A7E8}] => (Allow) G:\Steam\steamapps\common\Dragon's Prophet (EU)\launcher.exe
FirewallRules: [{8E655AB5-3636-4F88-9C66-B23CAE69C174}] => (Allow) G:\Steam\steamapps\common\Dragon's Prophet (EU)\dp_x86.exe
FirewallRules: [{9FD6058B-9C60-4E9E-88F2-668A35905882}] => (Allow) C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\WNt500x64\RpcSandraSrv.exe
FirewallRules: [{FE3C1D29-EA68-447E-8CEA-54307450C94C}] => (Allow) G:\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{C722F745-DD30-4BCD-BB97-776BBC25A800}] => (Allow) G:\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{8768219D-A421-4647-A7AC-C3C596FEA14D}] => (Allow) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
FirewallRules: [TCP Query User{DCDD31D5-F141-47B9-862F-1BCBBDFCB6A0}C:\program files (x86)\buffalo\nasnavi\nasnavi.exe] => (Allow) C:\program files (x86)\buffalo\nasnavi\nasnavi.exe
FirewallRules: [UDP Query User{0AEEDBE1-3D0B-41F1-B3CD-891F9CE01B44}C:\program files (x86)\buffalo\nasnavi\nasnavi.exe] => (Allow) C:\program files (x86)\buffalo\nasnavi\nasnavi.exe
FirewallRules: [{7043C556-8014-458F-8DB7-145993CA2894}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{39ABA337-B20A-45E3-825B-78451D249064}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{097E2E6B-55A2-4C44-AB15-2812075DF3BB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FB04CD4C-4121-402B-8926-955BFFA95537}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{46D442F3-4245-44A8-BF69-0B9E8354DAE9}] => (Allow) LPort=2869
FirewallRules: [{104DF39B-7CC7-4456-B6E0-64984C74AA4F}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{6B8AC3CC-EF6D-40A6-90BA-2B65298783BA}C:\users\***\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\***\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [UDP Query User{9F09BDCA-4037-4396-9137-64493CDB57E3}C:\users\***\appdata\local\temp\rarsfx0\x32\pcsftool.exe] => (Allow) C:\users\***\appdata\local\temp\rarsfx0\x32\pcsftool.exe
FirewallRules: [TCP Query User{F92D7D2A-24CA-4E73-B0D4-1A721624998E}C:\users\***\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\***\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [UDP Query User{E3A33761-755C-4392-B228-0929FCE7922F}C:\users\***\appdata\local\temp\rarsfx0\x64\pcsftool.exe] => (Allow) C:\users\***\appdata\local\temp\rarsfx0\x64\pcsftool.exe
FirewallRules: [TCP Query User{74766F3E-1379-4215-9B3C-749D2BA2B81B}G:\eve - miner\bin\exefile.exe] => (Allow) G:\eve - miner\bin\exefile.exe
FirewallRules: [UDP Query User{D621925B-D6BC-4E76-97E7-DC8C2B08B531}G:\eve - miner\bin\exefile.exe] => (Allow) G:\eve - miner\bin\exefile.exe
FirewallRules: [TCP Query User{5E7D7C8C-F37C-4674-B19C-6C8AA8CAED52}G:\eve - miner\bin\exefile.exe] => (Allow) G:\eve - miner\bin\exefile.exe
FirewallRules: [UDP Query User{B620DA78-07CE-448C-91BE-811269E5580C}G:\eve - miner\bin\exefile.exe] => (Allow) G:\eve - miner\bin\exefile.exe
FirewallRules: [TCP Query User{6EC6A841-0E00-4507-87E6-F246B2E82993}C:\program files\waterfox\waterfox.exe] => (Allow) C:\program files\waterfox\waterfox.exe
FirewallRules: [UDP Query User{C31DBE99-6691-41C0-AE67-E015ED5B45FE}C:\program files\waterfox\waterfox.exe] => (Allow) C:\program files\waterfox\waterfox.exe
FirewallRules: [{7C21DD40-A74A-4D27-A190-7F1F02F4303C}] => (Allow) G:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{951DC36B-4BB2-486D-B97D-7EE196154CD6}] => (Allow) G:\Steam\SteamApps\common\Marvel Heroes\UnrealEngine3\Binaries\Win64\MarvelHeroes2015.exe
FirewallRules: [{1B420343-3606-4782-B832-0545C41EF6F7}] => (Allow) G:\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{3FE05DB3-0454-4C6D-9492-678AD2CEA68C}] => (Allow) G:\Steam\SteamApps\common\Firefall\system\bin\FirefallClient.exe
FirewallRules: [{DBFAA1AB-AC7C-4461-9905-2B1F8AD111E1}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Revolution\Bin\SeriousSam.exe
FirewallRules: [{9325C7AB-FFF5-4E60-B8D6-B0D846E89A53}] => (Allow) G:\Steam\SteamApps\common\Serious Sam Revolution\Bin\SeriousSam.exe
FirewallRules: [{13AA254C-EC70-4014-8C9F-4801270C3F21}] => (Allow) G:\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{617A6E52-067F-4739-9319-45AA1F83796A}] => (Allow) G:\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{2745E188-B3EF-4DA9-9F4A-CF4D3D8F6D21}] => (Allow) G:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{E9CB9C4D-1EC1-491B-BE78-295BB0DEF9BA}] => (Allow) G:\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{10BBC4FA-4E62-494F-9D73-CE59E6D3FD58}G:\blur\blur.exe] => (Allow) G:\blur\blur.exe
FirewallRules: [UDP Query User{2C0E91B0-774C-4F9F-8DE6-38FEF23351B3}G:\blur\blur.exe] => (Allow) G:\blur\blur.exe
FirewallRules: [{6AE1476C-82EB-4150-BCE9-C034412C3ED1}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{7CF2C49A-23A3-46E5-9296-4857BDD3D5D8}G:\cod2\cod2mp_s.exe] => (Allow) G:\cod2\cod2mp_s.exe
FirewallRules: [UDP Query User{ED0AD173-5993-4B58-AFD7-E828669DAE6A}G:\cod2\cod2mp_s.exe] => (Allow) G:\cod2\cod2mp_s.exe
FirewallRules: [{3E2C0E72-A3D2-498A-99DC-F4AF4D962CA1}] => (Allow) G:\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{94CD1FE0-64E5-4B88-801E-7400B053A44E}] => (Allow) G:\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [TCP Query User{83411956-1759-4366-BCE3-34D299594FEB}G:\blizz\d3\diablo iii\diablo iii.exe] => (Allow) G:\blizz\d3\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{C01123F1-9F38-4490-82A6-13019BCD945D}G:\blizz\d3\diablo iii\diablo iii.exe] => (Allow) G:\blizz\d3\diablo iii\diablo iii.exe
FirewallRules: [TCP Query User{EC906216-704E-490F-A992-4FB9DC0B5C2A}G:\call of duty - world at war\codwaw lanfixed.exe] => (Allow) G:\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [UDP Query User{CBEFD0C4-B1AA-4300-B19F-0274658DA82B}G:\call of duty - world at war\codwaw lanfixed.exe] => (Allow) G:\call of duty - world at war\codwaw lanfixed.exe
FirewallRules: [TCP Query User{BD68B565-3D36-49F9-A96D-5B2C87885E2B}G:\world of padman\wop.exe] => (Allow) G:\world of padman\wop.exe
FirewallRules: [UDP Query User{3D03E3D0-D47E-4D65-9E31-2B0DD565E294}G:\world of padman\wop.exe] => (Allow) G:\world of padman\wop.exe
FirewallRules: [TCP Query User{67FFB8B4-2C09-43F4-972F-20E81F1666AC}G:\maniaplanet\maniaplanet.exe] => (Allow) G:\maniaplanet\maniaplanet.exe
FirewallRules: [UDP Query User{2674BD4E-39B8-4123-8B53-A2C25B157661}G:\maniaplanet\maniaplanet.exe] => (Allow) G:\maniaplanet\maniaplanet.exe
FirewallRules: [{E320EE5C-68FC-434D-B8F7-1C4DD069B2B3}] => (Allow) G:\ManiaPlanet\ManiaPlanetLauncher.exe
FirewallRules: [TCP Query User{34BACA8F-805E-49CA-879F-286545F8E9FE}G:\quake wars\etqwded.exe] => (Allow) G:\quake wars\etqwded.exe
FirewallRules: [UDP Query User{E6F64ED8-6AC9-4833-B970-4188E73AF563}G:\quake wars\etqwded.exe] => (Allow) G:\quake wars\etqwded.exe
FirewallRules: [TCP Query User{C05AB31C-0823-4F57-96CB-A6823BFE7AAA}G:\quake wars\etqw.exe] => (Allow) G:\quake wars\etqw.exe
FirewallRules: [UDP Query User{4AC00429-755C-4CA8-956C-F6BFAC16DDCF}G:\quake wars\etqw.exe] => (Allow) G:\quake wars\etqw.exe
FirewallRules: [TCP Query User{D4044531-D4B2-4157-8676-838DA45AE181}G:\mohaa\moh_spearhead.exe] => (Allow) G:\mohaa\moh_spearhead.exe
FirewallRules: [UDP Query User{C788097E-8B81-4D09-BA76-4A63D81E71A3}G:\mohaa\moh_spearhead.exe] => (Allow) G:\mohaa\moh_spearhead.exe
FirewallRules: [TCP Query User{3CF8F1B6-CA9F-4D14-839A-8A4E9C809DC0}G:\mohaa\mohaa.exe] => (Allow) G:\mohaa\mohaa.exe
FirewallRules: [UDP Query User{225E167F-0D8E-400E-B9F5-B4BCC002B273}G:\mohaa\mohaa.exe] => (Allow) G:\mohaa\mohaa.exe
FirewallRules: [{3B97C894-EC24-482C-BF01-42EC2E117133}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1FAA1FB7-F43C-4BDC-A503-22ACF55A650E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{34F3D510-C0B3-4DFA-BB48-44C9182A8B45}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{E520D6C5-607D-4821-8966-93E44C573B5F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DBE0F1ED-8DD7-41DF-A42D-AF9930B16ACF}] => (Allow) G:\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{FD6F2EFB-D34B-4B76-A92B-7A38CDB5F5EA}] => (Allow) G:\Call of Duty - World at War\CoDWaW.exe
FirewallRules: [{B08A7168-4355-4BCA-AC8D-BE362B22D099}] => (Allow) G:\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{067C39FB-9B5A-4797-92CF-78DC10B9D993}] => (Allow) G:\Call of Duty - World at War\CoDWaWmp.exe
FirewallRules: [{6443DEB1-BF20-40B6-A500-87B675E0F1B6}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{782802DD-BA53-448A-8CA8-9368B7C18CFD}] => (Allow) C:\Program Files\Waterfox\waterfox.exe
FirewallRules: [{19867C88-1365-4FB1-B48D-868A0ED8428E}] => (Allow) G:\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{D14DD41F-2E2F-443D-A69A-38E548B3C355}] => (Allow) G:\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe
FirewallRules: [{6D862E83-BEEE-4A0E-9696-0A72A09AF916}] => (Allow) G:\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{4CE47748-01C1-4AB9-B050-8F7ABCEE107A}] => (Allow) G:\Steam\SteamApps\common\Train Fever\TrainFever.exe
FirewallRules: [{B91CE125-6A5C-4DB5-954A-59E6C8B0DAB2}] => (Allow) G:\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{98D46618-F122-478D-8087-5945B2C81FA0}] => (Allow) G:\Steam\SteamApps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{1A0A9BAD-11BF-447D-9691-DD88611698ED}] => (Allow) G:\GoT\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{1FC56748-8EB5-434E-A95C-F81164B2EF89}] => (Allow) G:\GoT\Binaries\Win32\ShippingPC-AGOTGame.exe
FirewallRules: [{FA90C74D-3251-4048-BD6E-6B294FB6C764}] => (Allow) G:\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
FirewallRules: [{19B60DB7-CC01-4D16-83FC-6E3AEFCB6BDE}] => (Allow) G:\Steam\SteamApps\common\Marvel Puzzle Quest\Binaries\PC\Ship\Marvel Puzzle Quest.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe] => Enabled:Logitech Harmony Remote Software 7

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: CSR Bluetooth Device
Description: CSR Bluetooth Device
Class Guid: {a173b237-6a34-4bb5-aa63-2561160fa200}
Manufacturer: Motorola, Inc.
Service: BTMUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Logitech GamePanel-Geräte (QVGA)
Description: Logitech GamePanel-Geräte (QVGA)
Class Guid: {997b5d8d-c442-4f2e-baf3-9c8e671e9e21}
Manufacturer: Logitech Inc
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: S4 Guni active
Description: GT-I9295
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/05/2015 07:00:13 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: Das Windows-Sicherheitscenter konnte keine Ereignisabfragen mit der WMI herstellen, um Antiviren, AntiSpyware- und Firewallprogramme von Drittanbietern zu überwachen.

Error: (06/05/2015 06:58:07 PM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (06/05/2015 04:19:59 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {698d4f44-5df3-453b-8935-f3d2cd89bcce}

Error: (06/05/2015 04:19:11 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {698d4f44-5df3-453b-8935-f3d2cd89bcce}

Error: (06/04/2015 08:45:19 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (06/04/2015 00:46:35 AM) (Source: ISCT Agent) (EventID: 1003) (User: )
Description: CAgentState::DoPeriodicSuspendResume    ****Error in initialize NetDetect, status = 0x2

Error: (06/03/2015 03:33:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0x1f6c
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (06/03/2015 03:33:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0x2748
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (06/03/2015 03:32:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0x2628
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (06/03/2015 03:32:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.1.5.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e8bfa
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001883d
ID des fehlerhaften Prozesses: 0x2428
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3


System errors:
=============
Error: (06/05/2015 07:00:13 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002

Error: (06/05/2015 06:59:05 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002

Error: (06/05/2015 06:58:39 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002

Error: (06/05/2015 06:58:27 PM) (Source: WMPNetworkSvc) (EventID: 14324) (User: )
Description: WMPNetworkSvc0x80004002

Error: (06/05/2015 06:58:26 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Heimnetzgruppen-Listener" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147467262.

Error: (06/05/2015 06:58:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "IE Search Set" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/05/2015 06:58:10 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen: 
GLogin

Error: (06/05/2015 06:58:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WebcamMax, WDM Video Capture" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1058

Error: (06/05/2015 08:56:05 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Microsoft Security Essentials – KB2310138 (Definition 1.199.1838.0)

Error: (06/05/2015 08:55:54 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT-AUTORITÄT60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 1.199.1568.0

	Update Source: %NT-AUTORITÄT59

	Update Stage: 4.8.0204.00

	Source Path: 4.8.0204.01

	Signature Type: %NT-AUTORITÄT602

	Update Type: %NT-AUTORITÄT604

	User: NT-AUTORITÄT\SYSTEM

	Current Engine Version: %NT-AUTORITÄT605

	Previous Engine Version: %NT-AUTORITÄT606

	Error code: %NT-AUTORITÄT607

	Error description: %NT-AUTORITÄT608


Microsoft Office:
=========================
Error: (04/20/2015 09:37:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/20/2015 09:35:00 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/20/2015 09:31:59 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/20/2015 09:30:17 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/20/2015 09:24:43 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 31 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/20/2015 09:23:59 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 33 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/20/2015 06:12:50 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 30 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/18/2015 06:06:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 32 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (04/18/2015 05:57:09 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 28172 seconds with 360 seconds of active time.  This session ended with a crash.

Error: (04/18/2015 10:03:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6691.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1080 seconds with 840 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-08-14 21:08:55.329
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-14 20:38:58.324
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-14 13:10:26.998
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-14 08:00:22.448
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-14 07:50:15.490
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-14 07:25:55.684
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 16:27:22.872
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 16:03:09.678
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:54:37.216
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-08-13 15:44:24.298
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume5\Windows\System32\hmpalert.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 15%
Total physical RAM: 16346.95 MB
Available physical RAM: 13821.65 MB
Total Pagefile: 32692.11 MB
Available Pagefile: 30053.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.88 GB) (Free:64.35 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Data) (Fixed) (Total:641.76 GB) (Free:322.35 GB) NTFS
Drive f: (Sicherung ) (Fixed) (Total:625.5 GB) (Free:590.35 GB) NTFS
Drive g: (Games) (Fixed) (Total:1863.01 GB) (Free:1203.31 GB) NTFS
Drive h: (Allerlei) (Fixed) (Total:2794.39 GB) (Free:2427.74 GB) NTFS
Drive m: (Volume) (Fixed) (Total:2794.39 GB) (Free:2762.08 GB) NTFS
Drive u: (Lernen) (Fixed) (Total:595.65 GB) (Free:293.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 6077B5C0)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: E4594ACE)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=625.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=595.6 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=641.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 21F132F9)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 2794.5 GB) (Disk ID: 552DE472)

Partition: GPT Partition Type.

==================== End of log ============================

schrauber · 05.06.2015, 20:17

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Silverdrow · 05.06.2015, 20:56

Hier der Malwarekit-Log

Code:

ATTFilter

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17801

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, H:\ DRIVE_FIXED, M:\ DRIVE_FIXED, U:\ DRIVE_FIXED
CPU speed: 3.400000 GHz
Memory total: 17141022720, free: 14007619584

Downloaded database version: v2015.06.05.05
Downloaded database version: v2015.06.02.01
Downloaded database version: v2015.05.13.01
=======================================
Initializing...
------------ Kernel report ------------
     06/05/2015 21:21:58
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\system32\DRIVERS\vidsflt.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\DRIVERS\iaStor.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\DRIVERS\asahci64.sys
\SystemRoot\system32\DRIVERS\AsrRamDisk.sys
\SystemRoot\system32\DRIVERS\storport.sys
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\vididr.sys
\SystemRoot\system32\DRIVERS\tib_mounter.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\system32\DRIVERS\tib.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\system32\DRIVERS\snapman.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\system32\DRIVERS\fltsrv.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\ctxusbm.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vpcnfltr.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\vpcvmm.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\ElbyCDIO.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\System32\Drivers\AnyDVD.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\drivers\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\ISCTD64.sys
\SystemRoot\system32\DRIVERS\avmnwim.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\rrnetcap.sys
\SystemRoot\system32\DRIVERS\AsrVDrive.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\DRIVERS\vpchbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\nx6000.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Windows\system32\drivers\acedrv11.sys
\SystemRoot\system32\DRIVERS\atksgt.sys
\SystemRoot\system32\DRIVERS\lirsgt.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\sysWOW64\drivers\npf_devolo.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WPRO_41_2001.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2015.06.05.05
  rootkit: v2015.06.02.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800d8e1790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d80db90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d8e1790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d808890, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800d65c060, DeviceName: \Device\Ide\IdeDeviceP2T0L0-2\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 6077B5C0

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 488390017
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800d8e8790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d810b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d8e8790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d80c910, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800d445060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E4594ACE

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800

    Partition 1 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 206848  Numsec = 1311776768
    Partition file system is NTFS
    Partition is not bootable

    Partition 2 type is Extended with LBA (0xf)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1311983616  Numsec = 1249167360

    Partition 3 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 2561150976  Numsec = 1345878016

Disk Size: 2000398934016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa800d8d7790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d8d72c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d8d7790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d810950, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800d575060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 2
Scanning MBR on drive 2...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 4135567114
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid 917f7dc3-fbf5-4008-bbe-6fe18382774b
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 4135567114
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid 917f7dc3-fbf5-4008-bbe-6fe18382774b
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 11e65117-eb3a-4051-8418-9929f8a84ae6
    FirstLBA 34  Last LBA 262177
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID a264e1b5-6f8b-4545-a783-24fcd935c37d
    FirstLBA 264192  Last LBA 5860532223
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xfffffa800d8e2060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d8e2b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d8e2060, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d8d7080, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800d683060, DeviceName: \Device\Ide\IdeDeviceP5T0L0-5\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 21F132F9

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 3907024896
    Partition file system is NTFS
    Partition is not bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 2000398934016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 4, DevicePointer: 0xfffffa800d8e9060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800d8e9b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800d8e9060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800d8e2950, DeviceName: Unknown, DriverName: \Driver\vidsflt\
DevicePointer: 0xfffffa800d698680, DeviceName: \Device\Ide\IdeDeviceP6T0L0-6\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 4
Scanning MBR on drive 4...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 552DE472

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 848601930
    GPT Header CurrentLba = 1 BackupLba 5860533167
    GPT Header FirstUsableLba 34  LastUsableLba 5860533134
    GPT Header Guid dd536ef9-6f3f-455b-a975-169086a83e28
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 848601930
    Backup GPT header CurrentLba = 5860533167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 5860533134
    Backup GPT header Guid dd536ef9-6f3f-455b-a975-169086a83e28
    Backup GPT header Contains 128 partition entries starting at LBA 5860533135
    Backup GPT header Partition entry size = 128

    Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID 304448a9-ea96-4582-906-481e6360e3cb
    FirstLBA 34  Last LBA 262177
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID d034f832-9c64-4184-9f57-d8c52418211
    FirstLBA 264192  Last LBA 5860532223
    Attributes 0
    Partition Name                 Basic data partition

Disk Size: 3000592982016 bytes
Sector size: 512 bytes

Done!
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3F18E4AB80F94D316A978705FC4398AD2C92EFA1.bin.VF" is compressed (flags = 1)
File "C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\mpcache-3F18E4AB80F94D316A978705FC4398AD2C92EFA1.bin.VE1" is compressed (flags = 1)
Infected: C:\Users\***\AppData\Local\Temp\PremierOpinion\poinstaller.exe --> [Adware.PremierOpinion]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-1-1-206848-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-3-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-4-r.mbam...
Removal finished

TDSSKiller Teil 1

Code:

ATTFilter

21:50:24.0211 0x1dd0  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:50:27.0947 0x1dd0  ============================================================
21:50:27.0947 0x1dd0  Current date / time: 2015/06/05 21:50:27.0947
21:50:27.0947 0x1dd0  SystemInfo:
21:50:27.0947 0x1dd0  
21:50:27.0947 0x1dd0  OS Version: 6.1.7601 ServicePack: 1.0
21:50:27.0947 0x1dd0  Product type: Workstation
21:50:27.0947 0x1dd0  ComputerName: ***-PC
21:50:27.0947 0x1dd0  UserName: ***
21:50:27.0947 0x1dd0  Windows directory: C:\Windows
21:50:27.0947 0x1dd0  System windows directory: C:\Windows
21:50:27.0947 0x1dd0  Running under WOW64
21:50:27.0947 0x1dd0  Processor architecture: Intel x64
21:50:27.0947 0x1dd0  Number of processors: 4
21:50:27.0947 0x1dd0  Page size: 0x1000
21:50:27.0947 0x1dd0  Boot type: Normal boot
21:50:27.0947 0x1dd0  ============================================================
21:50:28.0311 0x1dd0  KLMD registered as C:\Windows\system32\drivers\94907253.sys
21:50:28.0434 0x1dd0  System UUID: {8DC296AD-BB3B-0D4E-2300-C8397CC4BFDD}
21:50:28.0746 0x1dd0  Drive \Device\Harddisk4\DR4 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:50:28.0746 0x1dd0  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:50:28.0747 0x1dd0  Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:50:28.0748 0x1dd0  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:50:28.0751 0x1dd0  Drive \Device\Harddisk3\DR3 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:50:28.0756 0x1dd0  ============================================================
21:50:28.0756 0x1dd0  \Device\Harddisk4\DR4:
21:50:28.0756 0x1dd0  GPT partitions:
21:50:28.0757 0x1dd0  \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {304448A9-EA96-4582-9006-481E6360E3CB}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
21:50:28.0757 0x1dd0  \Device\Harddisk4\DR4\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D034F832-9C64-4184-9F57-D8C524180211}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
21:50:28.0757 0x1dd0  MBR partitions:
21:50:28.0757 0x1dd0  \Device\Harddisk1\DR1:
21:50:28.0757 0x1dd0  MBR partitions:
21:50:28.0757 0x1dd0  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
21:50:28.0757 0x1dd0  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x4E302000
21:50:28.0775 0x1dd0  \Device\Harddisk1\DR1\Partition3: MBR, Type 0x7, StartLBA 0x4E335000, BlocksNum 0x4A74C000
21:50:28.0775 0x1dd0  \Device\Harddisk1\DR1\Partition4: MBR, Type 0x7, StartLBA 0x98A81000, BlocksNum 0x50387800
21:50:28.0775 0x1dd0  \Device\Harddisk2\DR2:
21:50:28.0776 0x1dd0  GPT partitions:
21:50:28.0776 0x1dd0  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {11E65117-EB3A-4051-8418-9929F8A84AE6}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
21:50:28.0776 0x1dd0  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A264E1B5-6F8B-4545-A783-24FCD935C37D}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
21:50:28.0776 0x1dd0  MBR partitions:
21:50:28.0776 0x1dd0  \Device\Harddisk0\DR0:
21:50:28.0777 0x1dd0  MBR partitions:
21:50:28.0777 0x1dd0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x1D1C3D81
21:50:28.0777 0x1dd0  \Device\Harddisk3\DR3:
21:50:28.0777 0x1dd0  MBR partitions:
21:50:28.0777 0x1dd0  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
21:50:28.0777 0x1dd0  ============================================================
21:50:28.0783 0x1dd0  C: <-> \Device\Harddisk0\DR0\Partition1
21:50:28.0808 0x1dd0  E: <-> \Device\Harddisk1\DR1\Partition4
21:50:28.0827 0x1dd0  M: <-> \Device\Harddisk4\DR4\Partition2
21:50:28.0862 0x1dd0  U: <-> \Device\Harddisk1\DR1\Partition3
21:50:29.0002 0x1dd0  G: <-> \Device\Harddisk3\DR3\Partition1
21:50:29.0149 0x1dd0  F: <-> \Device\Harddisk1\DR1\Partition2
21:50:29.0181 0x1dd0  H: <-> \Device\Harddisk2\DR2\Partition2
21:50:29.0181 0x1dd0  ============================================================
21:50:29.0181 0x1dd0  Initialize success
21:50:29.0181 0x1dd0  ============================================================
21:50:31.0096 0x0f7c  ============================================================
21:50:31.0096 0x0f7c  Scan started
21:50:31.0096 0x0f7c  Mode: Manual; 
21:50:31.0096 0x0f7c  ============================================================
21:50:31.0096 0x0f7c  KSN ping started
21:50:33.0423 0x0f7c  KSN ping finished: true
21:50:33.0679 0x0f7c  ================ Scan system memory ========================
21:50:33.0679 0x0f7c  System memory - ok
21:50:33.0679 0x0f7c  ================ Scan services =============================
21:50:33.0708 0x0f7c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:50:33.0715 0x0f7c  1394ohci - ok
21:50:33.0725 0x0f7c  [ A3769020F7E8A70FD3E824C050F33306, BAAB18DD28C753EC90E9552BD5FFC316AD8815505A7998BCE51D21448B373D86 ] acedrv11        C:\Windows\system32\drivers\acedrv11.sys
21:50:34.0264 0x0f7c  acedrv11 - ok
21:50:34.0282 0x0f7c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:50:34.0296 0x0f7c  ACPI - ok
21:50:34.0300 0x0f7c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:50:34.0301 0x0f7c  AcpiPmi - ok
21:50:34.0349 0x0f7c  [ CD41DFA7A778555B2055E2D388F5CB33, AE149AB7823AE3A97E2826C06968F32A7E50331484203E4581C83E441A1680F9 ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
21:50:34.0435 0x0f7c  AcrSch2Svc - ok
21:50:34.0446 0x0f7c  [ 63AB43534CBF5D7F3EB81DFDC8161490, 205A6057200D0B14DC9EED71E5D96D7558C9215138EA3D7C73FAEB16074A93A7 ] AdobeActiveFileMonitor5.0 C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe
21:50:34.0452 0x0f7c  AdobeActiveFileMonitor5.0 - ok
21:50:34.0457 0x0f7c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:50:34.0459 0x0f7c  AdobeARMservice - ok
21:50:34.0502 0x0f7c  [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:50:34.0509 0x0f7c  AdobeFlashPlayerUpdateSvc - ok
21:50:34.0538 0x0f7c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:50:34.0563 0x0f7c  adp94xx - ok
21:50:34.0575 0x0f7c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:50:34.0584 0x0f7c  adpahci - ok
21:50:34.0595 0x0f7c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:50:34.0602 0x0f7c  adpu320 - ok
21:50:34.0606 0x0f7c  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:50:34.0608 0x0f7c  AeLookupSvc - ok
21:50:34.0624 0x0f7c  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp           C:\Windows\system32\DRIVERS\afcdp.sys
21:50:34.0636 0x0f7c  afcdp - ok
21:50:34.0783 0x0f7c  [ 3B1C11CB7006495F799F8A2AB8B2D530, B7B0C4922A1843BBF8104CDC705C4FEA1F1A760C1CC2BD6BC5E4213A0E4ED9FD ] afcdpsrv        C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
21:50:34.0970 0x0f7c  afcdpsrv - ok
21:50:34.0999 0x0f7c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
21:50:35.0017 0x0f7c  AFD - ok
21:50:35.0028 0x0f7c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
21:50:35.0036 0x0f7c  agp440 - ok
21:50:35.0046 0x0f7c  [ 2301DE156753111C58EE931906DE93A7, C34EE686C3871A4AE18A7F5E25B333FB53B37B7E265509BA58A012D81B5E9727 ] AlcatelOTDCWwan C:\Windows\system32\DRIVERS\AlcatelOTDCWwan.sys
21:50:35.0052 0x0f7c  AlcatelOTDCWwan - ok
21:50:35.0056 0x0f7c  [ 913C625EB03E0F917BF934734369EC54, DF69D59B2570DAEBB39C217B59B713D5726AB32174FD01C83210A20255842365 ] ALCATELUSB      C:\Windows\system32\Drivers\AlcatelUsb.sys
21:50:35.0061 0x0f7c  ALCATELUSB - ok
21:50:35.0067 0x0f7c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
21:50:35.0072 0x0f7c  ALG - ok
21:50:35.0076 0x0f7c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:50:35.0080 0x0f7c  aliide - ok
21:50:35.0082 0x0f7c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:50:35.0083 0x0f7c  amdide - ok
21:50:35.0088 0x0f7c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:50:35.0091 0x0f7c  AmdK8 - ok
21:50:35.0097 0x0f7c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:50:35.0101 0x0f7c  AmdPPM - ok
21:50:35.0107 0x0f7c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:50:35.0112 0x0f7c  amdsata - ok
21:50:35.0121 0x0f7c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:50:35.0129 0x0f7c  amdsbs - ok
21:50:35.0131 0x0f7c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:50:35.0132 0x0f7c  amdxata - ok
21:50:35.0138 0x0f7c  [ 4D8EBB1749651A5BAF59EB89878B2EE4, EE1DE79F078D60978219EEECB29520D6BC035D69A3D5C86C232BA1B92F55577D ] AnyDVD          C:\Windows\system32\Drivers\AnyDVD.sys
21:50:35.0148 0x0f7c  AnyDVD - ok
21:50:35.0152 0x0f7c  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
21:50:35.0154 0x0f7c  AppID - ok
21:50:35.0157 0x0f7c  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:50:35.0159 0x0f7c  AppIDSvc - ok
21:50:35.0165 0x0f7c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
21:50:35.0167 0x0f7c  Appinfo - ok
21:50:35.0173 0x0f7c  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
21:50:35.0176 0x0f7c  Apple Mobile Device Service - ok
21:50:35.0184 0x0f7c  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:50:35.0189 0x0f7c  AppMgmt - ok
21:50:35.0197 0x0f7c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:50:35.0201 0x0f7c  arc - ok
21:50:35.0210 0x0f7c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:50:35.0216 0x0f7c  arcsas - ok
21:50:35.0219 0x0f7c  [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
21:50:35.0228 0x0f7c  asahci64 - ok
21:50:35.0239 0x0f7c  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:50:35.0242 0x0f7c  aspnet_state - ok
21:50:35.0245 0x0f7c  AsrCDDrv - ok
21:50:35.0248 0x0f7c  [ 0C3F9E39C0B10D351026D580D9FF6F86, 0A19F09FD2EF200BED07CDBC4AAF41261A0C0468F680A5AAEBCD26B371676D53 ] AsrRamDisk      C:\Windows\system32\DRIVERS\AsrRamDisk.sys
21:50:35.0256 0x0f7c  AsrRamDisk - ok
21:50:35.0260 0x0f7c  [ 30F92A4B666E1E53C418B2D3024FDF6E, 164639CD210201FFEE76E7F63A9484419BF396EA416AAACDECFC501349A790AB ] AsrVDrive       C:\Windows\system32\DRIVERS\AsrVDrive.sys
21:50:35.0268 0x0f7c  AsrVDrive - ok
21:50:35.0271 0x0f7c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:50:35.0272 0x0f7c  AsyncMac - ok
21:50:35.0274 0x0f7c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:50:35.0275 0x0f7c  atapi - ok
21:50:35.0289 0x0f7c  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
21:50:35.0293 0x0f7c  atksgt - ok
21:50:35.0313 0x0f7c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:50:35.0331 0x0f7c  AudioEndpointBuilder - ok
21:50:35.0350 0x0f7c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
21:50:35.0358 0x0f7c  AudioSrv - ok
21:50:35.0367 0x0f7c  [ 81862C2A991036C85FDA23FFDC140F92, 32E6671729A9FFB4A187A4E22F69EB44BCF35AD4BBD5003E046914AACFD58557 ] avmike          C:\Program Files\FRITZ!Fernzugang\avmike.exe
21:50:35.0372 0x0f7c  avmike - ok
21:50:35.0381 0x0f7c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:50:35.0386 0x0f7c  AxInstSV - ok
21:50:35.0411 0x0f7c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
21:50:35.0429 0x0f7c  b06bdrv - ok
21:50:35.0441 0x0f7c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
21:50:35.0450 0x0f7c  b57nd60a - ok
21:50:35.0460 0x0f7c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
21:50:35.0464 0x0f7c  BDESVC - ok
21:50:35.0470 0x0f7c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:50:35.0472 0x0f7c  Beep - ok
21:50:35.0503 0x0f7c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
21:50:35.0525 0x0f7c  BFE - ok
21:50:35.0559 0x0f7c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
21:50:35.0588 0x0f7c  BITS - ok
21:50:35.0594 0x0f7c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:50:35.0597 0x0f7c  blbdrive - ok
21:50:35.0741 0x0f7c  [ 11A065F7F81C5A619A63D69E01696DD5, D2F9272C3901A0E09283EA1D030568801EA2EE13460FFDC93E10CDE0EC1E9982 ] Bluetooth Device Manager C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
21:50:35.0842 0x0f7c  Bluetooth Device Manager - ok
21:50:35.0883 0x0f7c  [ 0DA7BE0FC312B7A153D600F854539EE7, 4601C061D8BC5F7950FF340E1A765AEFE98529F062D959735B3E38798305544D ] Bluetooth Media Service C:\Program Files\Motorola\Bluetooth\audiosrv.exe
21:50:35.0909 0x0f7c  Bluetooth Media Service - ok
21:50:35.0933 0x0f7c  [ 8C28FBB99C69ACD711533DD93C362E53, 1AC99638677EFB74BA1922AA5D29812115F80FD07C2018573E3E794A834E4397 ] Bluetooth OBEX Service C:\Program Files\Motorola\Bluetooth\obexsrv.exe
21:50:35.0953 0x0f7c  Bluetooth OBEX Service - ok
21:50:35.0975 0x0f7c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
21:50:35.0992 0x0f7c  Bonjour Service - ok
21:50:35.0995 0x0f7c  Boonty Games - ok
21:50:36.0005 0x0f7c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:50:36.0009 0x0f7c  bowser - ok
21:50:36.0017 0x0f7c  [ D4F84730BE7FEB435D119792F84EA934, AE66026CEF3E3F71A210C903E55C327955872B22F01E80FC3410B0AA1355062C ] BRDriver64      C:\ProgramData\BitRaider\BRDriver64.sys
21:50:36.0033 0x0f7c  BRDriver64 - ok
21:50:36.0039 0x0f7c  BRDriver64_1_3_3_E02B25FC - ok
21:50:36.0043 0x0f7c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:50:36.0045 0x0f7c  BrFiltLo - ok
21:50:36.0049 0x0f7c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:50:36.0051 0x0f7c  BrFiltUp - ok
21:50:36.0060 0x0f7c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
21:50:36.0064 0x0f7c  Browser - ok
21:50:36.0082 0x0f7c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:50:36.0098 0x0f7c  Brserid - ok
21:50:36.0102 0x0f7c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:50:36.0104 0x0f7c  BrSerWdm - ok
21:50:36.0115 0x0f7c  [ 448917845F097FCE9D4554C3D2001EF3, BDCBEC01579D7CF28963E4E13CDC5B26E4B69CA24FA2CC4D6E24CAE0DDBCB3FE ] BRSptStub       C:\ProgramData\BitRaider\BRSptStub.exe
21:50:36.0169 0x0f7c  BRSptStub - ok
21:50:36.0192 0x0f7c  [ 78561B78811A147B99CB47EBBD2D2847, 4EF1ED64CAF0549B43A660FF70D5035DFD59CCD22E7353150E8A13944C936520 ] BRSptSvc        C:\ProgramData\BitRaider\BRSptSvc.exe
21:50:36.0245 0x0f7c  BRSptSvc - ok
21:50:36.0248 0x0f7c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:50:36.0249 0x0f7c  BrUsbMdm - ok
21:50:36.0252 0x0f7c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:50:36.0254 0x0f7c  BrUsbSer - ok
21:50:36.0258 0x0f7c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
21:50:36.0259 0x0f7c  BthEnum - ok
21:50:36.0263 0x0f7c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:50:36.0265 0x0f7c  BTHMODEM - ok
21:50:36.0270 0x0f7c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
21:50:36.0275 0x0f7c  BthPan - ok
21:50:36.0290 0x0f7c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
21:50:36.0303 0x0f7c  BTHPORT - ok
21:50:36.0308 0x0f7c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
21:50:36.0311 0x0f7c  bthserv - ok
21:50:36.0315 0x0f7c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
21:50:36.0319 0x0f7c  BTHUSB - ok
21:50:36.0324 0x0f7c  [ BD00C9233D7F165D5584EB2586FC5514, 8833B325D48F1477E7CFCFD26DA417A856FF4CDA8B0AA8983E1D1AFD7E1CF571 ] btmaudio        C:\Windows\system32\drivers\btmaud.sys
21:50:36.0328 0x0f7c  btmaudio - ok
21:50:36.0334 0x0f7c  [ B038DB761B33D1B7CE5A75D500D7B0DF, 0B65D12D1D83925C86A3C0A4166F6B4356B5FA7243381E74E44C13D306C742A1 ] BTMCOM          C:\Windows\system32\Drivers\btmcom.sys
21:50:36.0339 0x0f7c  BTMCOM - ok
21:50:36.0361 0x0f7c  [ 468501C714451C29163810B6E9A8782C, 5F81ECA24B67B12E737FCFE528BB5715355F7DFDB97F1B01A4A06F487A635268 ] BTMUSB          C:\Windows\system32\Drivers\btmusb.sys
21:50:36.0373 0x0f7c  BTMUSB - ok
21:50:36.0378 0x0f7c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:50:36.0381 0x0f7c  cdfs - ok
21:50:36.0391 0x0f7c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:50:36.0396 0x0f7c  cdrom - ok
21:50:36.0405 0x0f7c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:50:36.0408 0x0f7c  CertPropSvc - ok
21:50:36.0417 0x0f7c  [ 75A561F505EA4D0A13EEFBB8CBDB1C35, C422F9E3D5122BA9E3BDB556A9DA1A357AB0CFBD84DC01A612B253D79EFA0DA6 ] certsrv         C:\Program Files\FRITZ!Fernzugang\certsrv.exe
21:50:36.0421 0x0f7c  certsrv - ok
21:50:36.0430 0x0f7c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:50:36.0434 0x0f7c  circlass - ok
21:50:36.0442 0x0f7c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
21:50:36.0448 0x0f7c  CLFS - ok
21:50:36.0453 0x0f7c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:50:36.0456 0x0f7c  clr_optimization_v2.0.50727_32 - ok
21:50:36.0463 0x0f7c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:50:36.0466 0x0f7c  clr_optimization_v2.0.50727_64 - ok
21:50:36.0475 0x0f7c  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:50:36.0477 0x0f7c  clr_optimization_v4.0.30319_32 - ok
21:50:36.0487 0x0f7c  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:50:36.0495 0x0f7c  clr_optimization_v4.0.30319_64 - ok
21:50:36.0503 0x0f7c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:50:36.0504 0x0f7c  CmBatt - ok
21:50:36.0507 0x0f7c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:50:36.0508 0x0f7c  cmdide - ok
21:50:36.0520 0x0f7c  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
21:50:36.0528 0x0f7c  CNG - ok
21:50:36.0531 0x0f7c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:50:36.0533 0x0f7c  Compbatt - ok
21:50:36.0538 0x0f7c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:50:36.0540 0x0f7c  CompositeBus - ok
21:50:36.0541 0x0f7c  COMSysApp - ok
21:50:36.0545 0x0f7c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:50:36.0548 0x0f7c  crcdisk - ok
21:50:36.0557 0x0f7c  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:50:36.0563 0x0f7c  CryptSvc - ok
21:50:36.0582 0x0f7c  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
21:50:36.0594 0x0f7c  CSC - ok
21:50:36.0627 0x0f7c  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
21:50:36.0647 0x0f7c  CscService - ok
21:50:36.0660 0x0f7c  [ 35D1B1D879926DA06B740547428A45B7, 467915863EAFF1F5C8BFFB3C3FAF6CAAC8E621EFBF399B796F420C7443B3B022 ] ctxusbm         C:\Windows\system32\DRIVERS\ctxusbm.sys
21:50:36.0673 0x0f7c  ctxusbm - ok
21:50:36.0695 0x0f7c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:50:36.0712 0x0f7c  DcomLaunch - ok
21:50:36.0732 0x0f7c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
21:50:36.0741 0x0f7c  defragsvc - ok
21:50:36.0750 0x0f7c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:50:36.0754 0x0f7c  DfsC - ok
21:50:36.0760 0x0f7c  dgderdrv - ok
21:50:36.0771 0x0f7c  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
21:50:36.0788 0x0f7c  dg_ssudbus - ok
21:50:36.0802 0x0f7c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:50:36.0811 0x0f7c  Dhcp - ok
21:50:36.0842 0x0f7c  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
21:50:36.0863 0x0f7c  DiagTrack - ok
21:50:36.0869 0x0f7c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
21:50:36.0871 0x0f7c  discache - ok
21:50:36.0877 0x0f7c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:50:36.0881 0x0f7c  Disk - ok
21:50:36.0892 0x0f7c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:50:36.0899 0x0f7c  Dnscache - ok
21:50:36.0911 0x0f7c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:50:36.0918 0x0f7c  dot3svc - ok
21:50:36.0929 0x0f7c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
21:50:36.0935 0x0f7c  DPS - ok
21:50:36.0942 0x0f7c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:50:36.0943 0x0f7c  drmkaud - ok
21:50:36.0959 0x0f7c  [ 1ED08A6264C5C92099D6D1DAE5E8F530, 4045AE77859B1DBF13972451972EAAF6F3C97BEA423E9E78F1C2F14330CD47CA ] DrvAgent64      C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
21:50:36.0973 0x0f7c  DrvAgent64 - ok
21:50:37.0010 0x0f7c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:50:37.0022 0x0f7c  DXGKrnl - ok
21:50:37.0027 0x0f7c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
21:50:37.0031 0x0f7c  EapHost - ok
21:50:37.0147 0x0f7c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
21:50:37.0272 0x0f7c  ebdrv - ok
21:50:37.0277 0x0f7c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
21:50:37.0278 0x0f7c  EFS - ok
21:50:37.0301 0x0f7c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:50:37.0320 0x0f7c  ehRecvr - ok
21:50:37.0330 0x0f7c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
21:50:37.0335 0x0f7c  ehSched - ok
21:50:37.0339 0x0f7c  [ BDD265EEB37DF5953A547FE412E2472F, 17EB4FD54D62207937F8CA7454837DBF1EEC867AEDAF201FC2E839A3ED357F4F ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
21:50:37.0339 0x0f7c  ElbyCDIO - ok
21:50:37.0361 0x0f7c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:50:37.0379 0x0f7c  elxstor - ok
21:50:37.0383 0x0f7c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:50:37.0384 0x0f7c  ErrDev - ok
21:50:37.0405 0x0f7c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
21:50:37.0417 0x0f7c  EventSystem - ok
21:50:37.0423 0x0f7c  ewusbmbb - ok
21:50:37.0426 0x0f7c  ew_hwusbdev - ok
21:50:37.0435 0x0f7c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:50:37.0444 0x0f7c  exfat - ok
21:50:37.0454 0x0f7c  Fabs - ok
21:50:37.0462 0x0f7c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:50:37.0468 0x0f7c  fastfat - ok
21:50:37.0491 0x0f7c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
21:50:37.0510 0x0f7c  Fax - ok
21:50:37.0514 0x0f7c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:50:37.0515 0x0f7c  fdc - ok
21:50:37.0518 0x0f7c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
21:50:37.0519 0x0f7c  fdPHost - ok
21:50:37.0522 0x0f7c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:50:37.0524 0x0f7c  FDResPub - ok
21:50:37.0528 0x0f7c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:50:37.0530 0x0f7c  FileInfo - ok
21:50:37.0534 0x0f7c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:50:37.0537 0x0f7c  Filetrace - ok
21:50:37.0628 0x0f7c  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
21:50:37.0765 0x0f7c  FirebirdServerMAGIXInstance - ok
21:50:37.0792 0x0f7c  [ 3D9B36631032FDE0FFEA0DC0260E4E35, 48B574A67D3FA015EBD078715CEC3E2B63B939D379CD4B40BFBB80397A2C58B3 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
21:50:37.0809 0x0f7c  FLEXnet Licensing Service - ok
21:50:37.0837 0x0f7c  [ 52C0312AB35EB7187015FB6A99136BB5, 54A45B0BF8108D018C86FD0542DA92E7A6F58CDB92C9E3674E115CD770031732 ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
21:50:37.0889 0x0f7c  FLEXnet Licensing Service 64 - ok
21:50:37.0892 0x0f7c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:50:37.0894 0x0f7c  flpydisk - ok
21:50:37.0909 0x0f7c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:50:37.0919 0x0f7c  FltMgr - ok
21:50:37.0933 0x0f7c  [ FDD776FAC4159A2983940D1E411FE9F3, 3B147B4D3C5CC67117D65152FA8BD3A603728C92B023AE45CD166E6FF3F474C5 ] fltsrv          C:\Windows\system32\DRIVERS\fltsrv.sys
21:50:37.0948 0x0f7c  fltsrv - ok
21:50:37.0971 0x0f7c  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
21:50:37.0989 0x0f7c  FontCache - ok
21:50:37.0993 0x0f7c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:50:37.0994 0x0f7c  FontCache3.0.0.0 - ok
21:50:37.0998 0x0f7c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:50:37.0999 0x0f7c  FsDepends - ok
21:50:38.0003 0x0f7c  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk     C:\Windows\SysWOW64\FsUsbExDisk.SYS
21:50:38.0005 0x0f7c  FsUsbExDisk - ok
21:50:38.0009 0x0f7c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:50:38.0011 0x0f7c  Fs_Rec - ok
21:50:38.0020 0x0f7c  [ 13799CB7521A39724FFDEA2E5D9C8305, 14FDF6273CEAD3E4E391F538D0FF4E3E258FC34B1B1074C73B72961E640377E0 ] FTDIBUS         C:\Windows\system32\drivers\ftdibus.sys
21:50:38.0038 0x0f7c  FTDIBUS - ok
21:50:38.0042 0x0f7c  [ F1544BBC7E08BB5B9E9E97996C3FA04B, 2D998E4DCF7EA918B537119583BE678121148DB314BDC338925D8588A30F4BE0 ] FTSER2K         C:\Windows\system32\drivers\ftser2k.sys
21:50:38.0044 0x0f7c  FTSER2K - ok
21:50:38.0054 0x0f7c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:50:38.0061 0x0f7c  fvevol - ok
21:50:38.0067 0x0f7c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:50:38.0074 0x0f7c  gagp30kx - ok
21:50:38.0078 0x0f7c  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
21:50:38.0087 0x0f7c  gdrv - ok
21:50:38.0091 0x0f7c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
21:50:38.0092 0x0f7c  GEARAspiWDM - ok
21:50:38.0115 0x0f7c  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
21:50:38.0131 0x0f7c  GfExperienceService - ok
21:50:38.0134 0x0f7c  GLogin - ok
21:50:38.0160 0x0f7c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:50:38.0183 0x0f7c  gpsvc - ok
21:50:38.0187 0x0f7c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:50:38.0189 0x0f7c  hcw85cir - ok
21:50:38.0200 0x0f7c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:50:38.0208 0x0f7c  HdAudAddService - ok
21:50:38.0213 0x0f7c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:50:38.0217 0x0f7c  HDAudBus - ok
21:50:38.0221 0x0f7c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:50:38.0223 0x0f7c  HidBatt - ok
21:50:38.0232 0x0f7c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:50:38.0237 0x0f7c  HidBth - ok
21:50:38.0243 0x0f7c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:50:38.0248 0x0f7c  HidIr - ok
21:50:38.0251 0x0f7c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
21:50:38.0253 0x0f7c  hidserv - ok
21:50:38.0256 0x0f7c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:50:38.0257 0x0f7c  HidUsb - ok
21:50:38.0261 0x0f7c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:50:38.0264 0x0f7c  hkmsvc - ok
21:50:38.0273 0x0f7c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:50:38.0280 0x0f7c  HomeGroupListener - ok
21:50:38.0288 0x0f7c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:50:38.0294 0x0f7c  HomeGroupProvider - ok
21:50:38.0302 0x0f7c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:50:38.0306 0x0f7c  HpSAMD - ok
21:50:38.0326 0x0f7c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:50:38.0339 0x0f7c  HTTP - ok
21:50:38.0342 0x0f7c  huawei_cdcacm - ok
21:50:38.0345 0x0f7c  huawei_enumerator - ok
21:50:38.0349 0x0f7c  hwdatacard - ok
21:50:38.0354 0x0f7c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:50:38.0356 0x0f7c  hwpolicy - ok
21:50:38.0363 0x0f7c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:50:38.0365 0x0f7c  i8042prt - ok
21:50:38.0381 0x0f7c  [ 7548066DF68A8A1A56B043359F915F37, 6225DDE554E45858374CBD284A85A00F773089A667C08492187A637232B8BD9A ] IAANTMON        C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
21:50:38.0391 0x0f7c  IAANTMON - ok
21:50:38.0410 0x0f7c  [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
21:50:38.0422 0x0f7c  iaStor - ok
21:50:38.0438 0x0f7c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:50:38.0452 0x0f7c  iaStorV - ok
21:50:38.0464 0x0f7c  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
21:50:38.0470 0x0f7c  IDriverT - ok
21:50:38.0507 0x0f7c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:50:38.0540 0x0f7c  idsvc - ok
21:50:38.0547 0x0f7c  IEEtwCollectorService - ok
21:50:38.0552 0x0f7c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:50:38.0557 0x0f7c  iirsp - ok
21:50:38.0562 0x0f7c  [ 67999A9D34A0B2479381E7A61AFC37AB, 7A1F72B2AD859345E1F092CE80C269767E4EF9931146B7F01E891EC12CCA684F ] ikbevent        C:\Windows\system32\DRIVERS\ikbevent.sys
21:50:38.0570 0x0f7c  ikbevent - ok
21:50:38.0608 0x0f7c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
21:50:38.0640 0x0f7c  IKEEXT - ok
21:50:38.0644 0x0f7c  [ DDAE90DD5BDAC53C8C5CD5B82FC1F1B4, A7019D2335CB46DCD9ABDB896622254E58AB265EC3D72A92B1C4890D45DEE85F ] imsevent        C:\Windows\system32\DRIVERS\imsevent.sys
21:50:38.0652 0x0f7c  imsevent - ok
21:50:38.0870 0x0f7c  [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
21:50:38.0922 0x0f7c  IntcAzAudAddService - ok
21:50:38.0929 0x0f7c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:50:38.0932 0x0f7c  intelide - ok
21:50:38.0935 0x0f7c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:50:38.0938 0x0f7c  intelppm - ok
21:50:38.0943 0x0f7c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:50:38.0946 0x0f7c  IPBusEnum - ok
21:50:38.0951 0x0f7c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:50:38.0954 0x0f7c  IpFilterDriver - ok
21:50:38.0975 0x0f7c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:50:38.0996 0x0f7c  iphlpsvc - ok
21:50:39.0001 0x0f7c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:50:39.0006 0x0f7c  IPMIDRV - ok
21:50:39.0011 0x0f7c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:50:39.0018 0x0f7c  IPNAT - ok
21:50:39.0039 0x0f7c  [ A4857E8B1DEB9740FB5ADEDF05ED69E0, 24FC7A188D32B08CE4F10EEEF17F37C45DB5433158A7A97A07D43F6BEE58DFFC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
21:50:39.0050 0x0f7c  iPod Service - ok
21:50:39.0055 0x0f7c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:50:39.0056 0x0f7c  IRENUM - ok
21:50:39.0061 0x0f7c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:50:39.0064 0x0f7c  isapnp - ok
21:50:39.0077 0x0f7c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:50:39.0085 0x0f7c  iScsiPrt - ok
21:50:39.0088 0x0f7c  [ 970995B7C36F4408ED31C3BF204FE1F5, 466C5FA3A26E997009E33EA9B0923BFE7FCC9D367444F31C1BEB3D6EACDB6BA9 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
21:50:39.0097 0x0f7c  ISCT - ok
21:50:39.0104 0x0f7c  [ 6F60B7AD044924B8C1E32D692C593612, 93EFBC2EC24E7B4B908010955F1B9A6DC231C7A4B55BE0D2DC6103E2A5457EC6 ] ISCTAgent       C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
21:50:39.0107 0x0f7c  ISCTAgent - ok
21:50:39.0111 0x0f7c  [ 6BCEF45131C8B8E1C558BE540B190B3C, DFFED7FD9DCC15808184E65065DE6138FE010AC01217E5016B2D20A5B89AC570 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
21:50:39.0112 0x0f7c  iusb3hcs - ok
21:50:39.0127 0x0f7c  [ F080EADA8715F811B58BD35BB774F2F9, 06D5A70CBA89561A71B9CB64D7A298767F098395411A7022F414C7D0AC89A44D ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
21:50:39.0132 0x0f7c  iusb3hub - ok
21:50:39.0163 0x0f7c  [ 0F1756D9396740F053221FA6260FCE66, 0B722BF6BCF66BBD49DE0E92555742976AB33319CF504461A50181BF7A77E886 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
21:50:39.0172 0x0f7c  iusb3xhc - ok
21:50:39.0178 0x0f7c  [ 7F928D5A5D1D843AAECE688E96963575, 2DF0C012A016A3E3BA92493B948C32F692AB571504DDB5385B9FDADD21A10565 ] jrdusbser       C:\Windows\system32\DRIVERS\jrdusbser.sys
21:50:39.0180 0x0f7c  jrdusbser - ok
21:50:39.0184 0x0f7c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:50:39.0185 0x0f7c  kbdclass - ok
21:50:39.0189 0x0f7c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
21:50:39.0190 0x0f7c  kbdhid - ok
21:50:39.0193 0x0f7c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
21:50:39.0193 0x0f7c  KeyIso - ok
21:50:39.0197 0x0f7c  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:50:39.0202 0x0f7c  KSecDD - ok
21:50:39.0209 0x0f7c  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:50:39.0212 0x0f7c  KSecPkg - ok
21:50:39.0215 0x0f7c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
21:50:39.0216 0x0f7c  ksthunk - ok
21:50:39.0232 0x0f7c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:50:39.0245 0x0f7c  KtmRm - ok
21:50:39.0255 0x0f7c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:50:39.0263 0x0f7c  LanmanServer - ok
21:50:39.0271 0x0f7c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:50:39.0277 0x0f7c  LanmanWorkstation - ok
21:50:39.0327 0x0f7c  [ 67AF2CCEBC523ABA4969C906DB99D57E, FD02C81502A9E6D2909C2854D7204C38EFBED8F0AD3DC9AA6FF6BFEDBECF1547 ] LavasoftTcpService C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
21:50:39.0370 0x0f7c  LavasoftTcpService - ok
21:50:39.0376 0x0f7c  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
21:50:39.0377 0x0f7c  LGBusEnum - ok
21:50:39.0381 0x0f7c  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
21:50:39.0383 0x0f7c  LGVirHid - ok
21:50:39.0387 0x0f7c  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
21:50:39.0389 0x0f7c  LHidFilt - ok
21:50:39.0393 0x0f7c  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
21:50:39.0393 0x0f7c  lirsgt - ok
21:50:39.0397 0x0f7c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:50:39.0400 0x0f7c  lltdio - ok
21:50:39.0416 0x0f7c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:50:39.0429 0x0f7c  lltdsvc - ok
21:50:39.0431 0x0f7c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:50:39.0432 0x0f7c  lmhosts - ok
21:50:39.0435 0x0f7c  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
21:50:39.0436 0x0f7c  LMouFilt - ok
21:50:39.0448 0x0f7c  [ 75F29D77B0540FCF47EE3BE000BBABDA, 3FFDDC42D51FABAA7F3BFD088F008DE39F3479B25214260D98336F00B6336BFA ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:50:39.0457 0x0f7c  LMS - ok
21:50:39.0463 0x0f7c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:50:39.0466 0x0f7c  LSI_FC - ok
21:50:39.0473 0x0f7c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:50:39.0478 0x0f7c  LSI_SAS - ok
21:50:39.0483 0x0f7c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:50:39.0487 0x0f7c  LSI_SAS2 - ok
21:50:39.0495 0x0f7c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:50:39.0501 0x0f7c  LSI_SCSI - ok
21:50:39.0506 0x0f7c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:50:39.0510 0x0f7c  luafv - ok
21:50:39.0512 0x0f7c  lvpopf64 - ok
21:50:39.0515 0x0f7c  LVPr2M64 - ok
21:50:39.0518 0x0f7c  [ 6D5EA90F86F9B28CD44AF6BA9BE03BF9, 6A92EF21EB7543389649900BAB241A846DFE9CADF785D7352052C003AA717E5F ] LVUSBS64        C:\Windows\system32\drivers\LVUSBS64.sys
21:50:39.0520 0x0f7c  LVUSBS64 - ok
21:50:39.0522 0x0f7c  LVUVC64 - ok
21:50:39.0527 0x0f7c  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
21:50:39.0528 0x0f7c  MBfilt - ok
21:50:39.0534 0x0f7c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:50:39.0539 0x0f7c  Mcx2Svc - ok
21:50:39.0543 0x0f7c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:50:39.0545 0x0f7c  megasas - ok
21:50:39.0557 0x0f7c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:50:39.0565 0x0f7c  MegaSR - ok
21:50:39.0570 0x0f7c  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
21:50:39.0571 0x0f7c  MEIx64 - ok
21:50:39.0575 0x0f7c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
21:50:39.0578 0x0f7c  MMCSS - ok
21:50:39.0596 0x0f7c  [ 1CE0621B591913C12BECAA5B50E88BB2, 115068C57570140C9389BD923A4E68236ACEBB4F733DA09D05AEEDAD7317AB46 ] Mobile Partner. RunOuc C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe
21:50:39.0629 0x0f7c  Mobile Partner. RunOuc - ok
21:50:39.0634 0x0f7c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
21:50:39.0637 0x0f7c  Modem - ok
21:50:39.0645 0x0f7c  Modem Device Helper - ok
21:50:39.0648 0x0f7c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:50:39.0651 0x0f7c  monitor - ok
21:50:39.0655 0x0f7c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:50:39.0656 0x0f7c  mouclass - ok
21:50:39.0664 0x0f7c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:50:39.0666 0x0f7c  mouhid - ok
21:50:39.0671 0x0f7c  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:50:39.0674 0x0f7c  mountmgr - ok
21:50:39.0686 0x0f7c  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
21:50:39.0694 0x0f7c  MpFilter - ok
21:50:39.0707 0x0f7c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:50:39.0718 0x0f7c  mpio - ok
21:50:39.0728 0x0f7c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:50:39.0732 0x0f7c  mpsdrv - ok
21:50:39.0757 0x0f7c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:50:39.0777 0x0f7c  MpsSvc - ok
21:50:39.0786 0x0f7c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:50:39.0792 0x0f7c  MRxDAV - ok
21:50:39.0801 0x0f7c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:50:39.0806 0x0f7c  mrxsmb - ok
21:50:39.0820 0x0f7c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:50:39.0830 0x0f7c  mrxsmb10 - ok
21:50:39.0837 0x0f7c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:50:39.0843 0x0f7c  mrxsmb20 - ok
21:50:39.0848 0x0f7c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:50:39.0848 0x0f7c  msahci - ok
21:50:39.0860 0x0f7c  [ 41FB1D61DF09C36CCAB0B04EEC66F6D5, C6D0F6B8429656C56A142F95AF0B4A85DD4B78A735664C8775F49C3B04C564B7 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe
21:50:39.0870 0x0f7c  MSCamSvc - ok
21:50:39.0879 0x0f7c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:50:39.0887 0x0f7c  msdsm - ok
21:50:39.0895 0x0f7c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
21:50:39.0902 0x0f7c  MSDTC - ok
21:50:39.0909 0x0f7c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:50:39.0911 0x0f7c  Msfs - ok

Silverdrow · 05.06.2015, 20:57

TDSSKiller Teil 2:

Code:

ATTFilter

21:50:39.0914 0x0f7c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:50:39.0915 0x0f7c  mshidkmdf - ok
21:50:39.0922 0x0f7c  [ BB590070D606AE6F008341FC9A7B2AD7, CF1073A093E679C5BCA19681789FBB85A8286E356F2C0609E0B446DF65A86E29 ] MSHUSBVideo     C:\Windows\system32\Drivers\nx6000.sys
21:50:39.0923 0x0f7c  MSHUSBVideo - ok
21:50:39.0927 0x0f7c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:50:39.0931 0x0f7c  msisadrv - ok
21:50:39.0942 0x0f7c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:50:39.0951 0x0f7c  MSiSCSI - ok
21:50:39.0953 0x0f7c  msiserver - ok
21:50:39.0957 0x0f7c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:50:39.0959 0x0f7c  MSKSSRV - ok
21:50:39.0968 0x0f7c  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
21:50:39.0969 0x0f7c  MsMpSvc - ok
21:50:39.0972 0x0f7c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:50:39.0973 0x0f7c  MSPCLOCK - ok
21:50:39.0977 0x0f7c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:50:39.0978 0x0f7c  MSPQM - ok
21:50:39.0995 0x0f7c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:50:40.0006 0x0f7c  MsRPC - ok
21:50:40.0011 0x0f7c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:50:40.0012 0x0f7c  mssmbios - ok
21:50:40.0015 0x0f7c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:50:40.0016 0x0f7c  MSTEE - ok
21:50:40.0019 0x0f7c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:50:40.0020 0x0f7c  MTConfig - ok
21:50:40.0024 0x0f7c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
21:50:40.0027 0x0f7c  Mup - ok
21:50:40.0044 0x0f7c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
21:50:40.0057 0x0f7c  napagent - ok
21:50:40.0060 0x0f7c  NasPmService - ok
21:50:40.0073 0x0f7c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:50:40.0083 0x0f7c  NativeWifiP - ok
21:50:40.0116 0x0f7c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:50:40.0143 0x0f7c  NDIS - ok
21:50:40.0148 0x0f7c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:50:40.0151 0x0f7c  NdisCap - ok
21:50:40.0155 0x0f7c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:50:40.0156 0x0f7c  NdisTapi - ok
21:50:40.0161 0x0f7c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:50:40.0164 0x0f7c  Ndisuio - ok
21:50:40.0171 0x0f7c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:50:40.0176 0x0f7c  NdisWan - ok
21:50:40.0180 0x0f7c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:50:40.0183 0x0f7c  NDProxy - ok
21:50:40.0188 0x0f7c  [ 2C723E42FC8D7B0209492828F921FB50, 2ECF9F4D91F317432FB5A6D01D8271BB7E2A5B8A6CA9EF2F2036890D2B072E52 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:50:40.0189 0x0f7c  Net Driver HPZ12 - ok
21:50:40.0193 0x0f7c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:50:40.0194 0x0f7c  NetBIOS - ok
21:50:40.0206 0x0f7c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:50:40.0216 0x0f7c  NetBT - ok
21:50:40.0218 0x0f7c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
21:50:40.0219 0x0f7c  Netlogon - ok
21:50:40.0232 0x0f7c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
21:50:40.0241 0x0f7c  Netman - ok
21:50:40.0250 0x0f7c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:40.0253 0x0f7c  NetMsmqActivator - ok
21:50:40.0258 0x0f7c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:40.0260 0x0f7c  NetPipeActivator - ok
21:50:40.0282 0x0f7c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
21:50:40.0300 0x0f7c  netprofm - ok
21:50:40.0310 0x0f7c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:40.0312 0x0f7c  NetTcpActivator - ok
21:50:40.0317 0x0f7c  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:50:40.0319 0x0f7c  NetTcpPortSharing - ok
21:50:40.0326 0x0f7c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:50:40.0329 0x0f7c  nfrd960 - ok
21:50:40.0341 0x0f7c  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
21:50:40.0342 0x0f7c  NisDrv - ok
21:50:40.0358 0x0f7c  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
21:50:40.0367 0x0f7c  NisSrv - ok
21:50:40.0383 0x0f7c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:50:40.0395 0x0f7c  NlaSvc - ok
21:50:40.0401 0x0f7c  nlsX86cc - ok
21:50:40.0406 0x0f7c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:50:40.0410 0x0f7c  Npfs - ok
21:50:40.0511 0x0f7c  [ 49697C2C761ACB5C0DE99CC8FE93E95B, 02EEA7FB21D28B235A05FE0A6061170F366470EF6E45C9B21D7C8C0E7C728FC5 ] NPF_devolo      C:\Windows\sysWOW64\drivers\npf_devolo.sys
21:50:40.0512 0x0f7c  NPF_devolo - ok
21:50:40.0522 0x0f7c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
21:50:40.0526 0x0f7c  nsi - ok
21:50:40.0532 0x0f7c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:50:40.0536 0x0f7c  nsiproxy - ok
21:50:40.0604 0x0f7c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:50:40.0657 0x0f7c  Ntfs - ok
21:50:40.0661 0x0f7c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
21:50:40.0662 0x0f7c  Null - ok
21:50:40.0665 0x0f7c  NVHDA - ok
21:50:40.0841 0x0f7c  [ 017E0B4AEFCB291E7CF1CD4BF120A7A8, 5C4B8D1AF91DE041F48E06E58ED71EFDD168942259F39012EB1CC957908B554C ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:50:40.0976 0x0f7c  nvlddmkm - ok
21:50:41.0025 0x0f7c  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
21:50:41.0050 0x0f7c  NvNetworkService - ok
21:50:41.0062 0x0f7c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:50:41.0069 0x0f7c  nvraid - ok
21:50:41.0078 0x0f7c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:50:41.0085 0x0f7c  nvstor - ok
21:50:41.0097 0x0f7c  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
21:50:41.0097 0x0f7c  NvStreamKms - ok
21:50:41.0105 0x0f7c  NvStreamSvc - ok
21:50:41.0132 0x0f7c  [ 5141D408272B3681ED6A0E8CCF771EF9, C55304DC5EE588F747DF3B26ED08DE12106B79C686DCD22030F5523FC3F62727 ] nvsvc           C:\Windows\system32\nvvsvc.exe
21:50:41.0148 0x0f7c  nvsvc - ok
21:50:41.0156 0x0f7c  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
21:50:41.0166 0x0f7c  nvvad_WaveExtensible - ok
21:50:41.0175 0x0f7c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:50:41.0181 0x0f7c  nv_agp - ok
21:50:41.0196 0x0f7c  [ 9ED2D6751813F5589710A8122CD227B2, 6CC824DFF403E0C43FE036E40EFDD0FD4B95D908EF3C687E21D9AD54491DFE81 ] NWIM            C:\Windows\system32\DRIVERS\avmnwim.sys
21:50:41.0201 0x0f7c  NWIM - ok
21:50:41.0221 0x0f7c  [ 18D041C4E99653D5C782AD2B3E4AAE04, B991AF5CFCF9174E050D5034FAB044C0FB01CBC0C0FB01F0ACF2C52B227BF33D ] nwtsrv          C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
21:50:41.0224 0x0f7c  nwtsrv - ok
21:50:41.0250 0x0f7c  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:50:41.0262 0x0f7c  odserv - ok
21:50:41.0268 0x0f7c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:50:41.0272 0x0f7c  ohci1394 - ok
21:50:41.0281 0x0f7c  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:50:41.0288 0x0f7c  ose - ok
21:50:41.0301 0x0f7c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:50:41.0314 0x0f7c  p2pimsvc - ok
21:50:41.0352 0x0f7c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
21:50:41.0373 0x0f7c  p2psvc - ok
21:50:41.0386 0x0f7c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:50:41.0395 0x0f7c  Parport - ok
21:50:41.0407 0x0f7c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:50:41.0413 0x0f7c  partmgr - ok
21:50:41.0430 0x0f7c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:50:41.0439 0x0f7c  PcaSvc - ok
21:50:41.0464 0x0f7c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
21:50:41.0486 0x0f7c  pci - ok
21:50:41.0497 0x0f7c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:50:41.0507 0x0f7c  pciide - ok
21:50:41.0529 0x0f7c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:50:41.0547 0x0f7c  pcmcia - ok
21:50:41.0574 0x0f7c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:50:41.0580 0x0f7c  pcw - ok
21:50:41.0611 0x0f7c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:50:41.0634 0x0f7c  PEAUTH - ok
21:50:41.0697 0x0f7c  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:50:41.0738 0x0f7c  PeerDistSvc - ok
21:50:41.0746 0x0f7c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
21:50:41.0750 0x0f7c  PerfHost - ok
21:50:41.0804 0x0f7c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
21:50:41.0844 0x0f7c  pla - ok
21:50:41.0862 0x0f7c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:50:41.0876 0x0f7c  PlugPlay - ok
21:50:41.0881 0x0f7c  [ 171E6D91A20AAC8D02172A64E82CE90B, 0D51F00D6C0376CD12893620E0A15E687263048CFE20E953F6BB4B7D6CDC3F50 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:50:41.0883 0x0f7c  Pml Driver HPZ12 - ok
21:50:41.0885 0x0f7c  PnkBstrA - ok
21:50:41.0888 0x0f7c  PnkBstrB - ok
21:50:41.0893 0x0f7c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:50:41.0895 0x0f7c  PNRPAutoReg - ok
21:50:41.0908 0x0f7c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:50:41.0912 0x0f7c  PNRPsvc - ok
21:50:41.0933 0x0f7c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:50:41.0945 0x0f7c  PolicyAgent - ok
21:50:41.0956 0x0f7c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
21:50:41.0962 0x0f7c  Power - ok
21:50:41.0969 0x0f7c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:50:41.0973 0x0f7c  PptpMiniport - ok
21:50:41.0978 0x0f7c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:50:41.0981 0x0f7c  Processor - ok
21:50:41.0994 0x0f7c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:50:42.0000 0x0f7c  ProfSvc - ok
21:50:42.0003 0x0f7c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
21:50:42.0004 0x0f7c  ProtectedStorage - ok
21:50:42.0015 0x0f7c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:50:42.0019 0x0f7c  Psched - ok
21:50:42.0090 0x0f7c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:50:42.0147 0x0f7c  ql2300 - ok
21:50:42.0156 0x0f7c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:50:42.0160 0x0f7c  ql40xx - ok
21:50:42.0172 0x0f7c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
21:50:42.0181 0x0f7c  QWAVE - ok
21:50:42.0185 0x0f7c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:50:42.0186 0x0f7c  QWAVEdrv - ok
21:50:42.0189 0x0f7c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:50:42.0191 0x0f7c  RasAcd - ok
21:50:42.0195 0x0f7c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:50:42.0198 0x0f7c  RasAgileVpn - ok
21:50:42.0204 0x0f7c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
21:50:42.0209 0x0f7c  RasAuto - ok
21:50:42.0215 0x0f7c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:50:42.0219 0x0f7c  Rasl2tp - ok
21:50:42.0232 0x0f7c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
21:50:42.0241 0x0f7c  RasMan - ok
21:50:42.0246 0x0f7c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:50:42.0249 0x0f7c  RasPppoe - ok
21:50:42.0255 0x0f7c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:50:42.0260 0x0f7c  RasSstp - ok
21:50:42.0277 0x0f7c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:50:42.0288 0x0f7c  rdbss - ok
21:50:42.0291 0x0f7c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:50:42.0292 0x0f7c  rdpbus - ok
21:50:42.0295 0x0f7c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:50:42.0296 0x0f7c  RDPCDD - ok
21:50:42.0304 0x0f7c  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:50:42.0311 0x0f7c  RDPDR - ok
21:50:42.0315 0x0f7c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:50:42.0316 0x0f7c  RDPENCDD - ok
21:50:42.0319 0x0f7c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:50:42.0321 0x0f7c  RDPREFMP - ok
21:50:42.0326 0x0f7c  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:50:42.0328 0x0f7c  RdpVideoMiniport - ok
21:50:42.0338 0x0f7c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:50:42.0345 0x0f7c  RDPWD - ok
21:50:42.0357 0x0f7c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:50:42.0365 0x0f7c  rdyboost - ok
21:50:42.0371 0x0f7c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
21:50:42.0374 0x0f7c  RemoteAccess - ok
21:50:42.0382 0x0f7c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:50:42.0388 0x0f7c  RemoteRegistry - ok
21:50:42.0397 0x0f7c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
21:50:42.0402 0x0f7c  RFCOMM - ok
21:50:42.0407 0x0f7c  [ F434ED31C7A686CD30AF54C0B91946EE, 75BAD3174395EC606CBD0034D46B74DC69F44AC3A819A4F0EC67DAE829DAC7E3 ] Rockusb         C:\Windows\system32\DRIVERS\rockusb.sys
21:50:42.0418 0x0f7c  Rockusb - ok
21:50:42.0424 0x0f7c  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
21:50:42.0425 0x0f7c  ROOTMODEM - ok
21:50:42.0433 0x0f7c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:50:42.0435 0x0f7c  RpcEptMapper - ok
21:50:42.0438 0x0f7c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
21:50:42.0440 0x0f7c  RpcLocator - ok
21:50:42.0458 0x0f7c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
21:50:42.0465 0x0f7c  RpcSs - ok
21:50:42.0471 0x0f7c  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCap        C:\Windows\system32\DRIVERS\rrnetcap.sys
21:50:42.0472 0x0f7c  RRNetCap - ok
21:50:42.0480 0x0f7c  [ 2ABD2B3BA2EF0C3BA82284C2A5E28675, 2CDE31DEB899BAC801A9E4EFE15582B80D9B35921C4B92CB2E1E6BEFB7E3EB9C ] RRNetCapMP      C:\Windows\system32\DRIVERS\rrnetcap.sys
21:50:42.0481 0x0f7c  RRNetCapMP - ok
21:50:42.0488 0x0f7c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:50:42.0493 0x0f7c  rspndr - ok
21:50:42.0498 0x0f7c  [ C8D0CA461D647165DD5C8DE1FF5EA822, 3DBA1109097D5DA1A68E721AA89CCB0C1D1CA44932314E729F3342DA76CA0AB0 ] rsvcdwdr        C:\Windows\system32\DRIVERS\rsvcdwdr.sys
21:50:42.0504 0x0f7c  rsvcdwdr - ok
21:50:42.0529 0x0f7c  [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
21:50:42.0536 0x0f7c  RTL8167 - ok
21:50:42.0541 0x0f7c  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:50:42.0546 0x0f7c  s3cap - ok
21:50:42.0548 0x0f7c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
21:50:42.0549 0x0f7c  SamSs - ok
21:50:42.0558 0x0f7c  [ 5EFBBFCC6ADAC121C8E2FE76641ED329, 0EAB16C7F54B61620277977F8C332737081A46BC6BBDE50742B6904BDD54F502 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\WNt500x64\Sandra.sys
21:50:42.0569 0x0f7c  SANDRA - ok
21:50:42.0573 0x0f7c  [ 40CBBCAFFDCFD3661119A2D3F892820C, 848C9C3F48EBF31690A9B3E3DC005A077AD4A487543548553B35FC1A5E17ADDE ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe
21:50:42.0588 0x0f7c  SandraAgentSrv - ok
21:50:42.0596 0x0f7c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:50:42.0600 0x0f7c  sbp2port - ok
21:50:42.0609 0x0f7c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:50:42.0616 0x0f7c  SCardSvr - ok
21:50:42.0620 0x0f7c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:50:42.0622 0x0f7c  scfilter - ok
21:50:42.0662 0x0f7c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
21:50:42.0694 0x0f7c  Schedule - ok
21:50:42.0700 0x0f7c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:50:42.0702 0x0f7c  SCPolicySvc - ok
21:50:42.0709 0x0f7c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:50:42.0715 0x0f7c  SDRSVC - ok
21:50:42.0718 0x0f7c  [ F406DE2D176D03485606F0794A4B64DD, 2544A6B9F0E518AECD44D9BE21DCBAC0F007669BA47BF68295C8F6A292255B3B ] SearchProtectionService C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
21:50:42.0719 0x0f7c  SearchProtectionService - ok
21:50:42.0723 0x0f7c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:50:42.0724 0x0f7c  secdrv - ok
21:50:42.0728 0x0f7c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
21:50:42.0731 0x0f7c  seclogon - ok
21:50:42.0734 0x0f7c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
21:50:42.0737 0x0f7c  SENS - ok
21:50:42.0740 0x0f7c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:50:42.0743 0x0f7c  SensrSvc - ok
21:50:42.0746 0x0f7c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:50:42.0748 0x0f7c  Serenum - ok
21:50:42.0754 0x0f7c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:50:42.0758 0x0f7c  Serial - ok
21:50:42.0764 0x0f7c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:50:42.0766 0x0f7c  sermouse - ok
21:50:42.0777 0x0f7c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
21:50:42.0784 0x0f7c  SessionEnv - ok
21:50:42.0788 0x0f7c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:50:42.0789 0x0f7c  sffdisk - ok
21:50:42.0791 0x0f7c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:50:42.0792 0x0f7c  sffp_mmc - ok
21:50:42.0796 0x0f7c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:50:42.0798 0x0f7c  sffp_sd - ok
21:50:42.0803 0x0f7c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:50:42.0805 0x0f7c  sfloppy - ok
21:50:42.0820 0x0f7c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:50:42.0832 0x0f7c  SharedAccess - ok
21:50:42.0849 0x0f7c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:50:42.0861 0x0f7c  ShellHWDetection - ok
21:50:42.0868 0x0f7c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:50:42.0871 0x0f7c  SiSRaid2 - ok
21:50:42.0876 0x0f7c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:50:42.0879 0x0f7c  SiSRaid4 - ok
21:50:42.0892 0x0f7c  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
21:50:42.0898 0x0f7c  SkypeUpdate - ok
21:50:42.0905 0x0f7c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:50:42.0912 0x0f7c  Smb - ok
21:50:42.0928 0x0f7c  [ FBE0201AB61E18934C812C34D31A4403, 549E51FC11CCA30B21970C90F4799D6CB94481CDC623B8C319F16DAEFC8A190B ] snapman         C:\Windows\system32\DRIVERS\snapman.sys
21:50:42.0956 0x0f7c  snapman - ok
21:50:42.0960 0x0f7c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:50:42.0962 0x0f7c  SNMPTRAP - ok
21:50:42.0965 0x0f7c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:50:42.0966 0x0f7c  spldr - ok
21:50:42.0989 0x0f7c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
21:50:43.0009 0x0f7c  Spooler - ok
21:50:43.0109 0x0f7c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
21:50:43.0218 0x0f7c  sppsvc - ok
21:50:43.0224 0x0f7c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:50:43.0227 0x0f7c  sppuinotify - ok
21:50:43.0230 0x0f7c  sptd - ok
21:50:43.0249 0x0f7c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:50:43.0264 0x0f7c  srv - ok
21:50:43.0280 0x0f7c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:50:43.0292 0x0f7c  srv2 - ok
21:50:43.0305 0x0f7c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:50:43.0311 0x0f7c  srvnet - ok
21:50:43.0320 0x0f7c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:50:43.0326 0x0f7c  SSDPSRV - ok
21:50:43.0332 0x0f7c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:50:43.0336 0x0f7c  SstpSvc - ok
21:50:43.0346 0x0f7c  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
21:50:43.0370 0x0f7c  ssudmdm - ok
21:50:43.0376 0x0f7c  [ 29207B1D7FC5692C2FEACF5AAB5DC066, 8C14749EC67F29D5C9E3FA9A3E99BC4C23122453227319022255A1D2F890EAD7 ] ssudnflt        C:\Windows\system32\DRIVERS\ssudnflt.sys
21:50:43.0380 0x0f7c  ssudnflt - ok
21:50:43.0402 0x0f7c  [ 9D7B6B2011ACCB3688F958E2D0F1F603, 4DA1B5F17FA1094779556DD085BE21529B02658228D61645EB436DB25CC11631 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:50:43.0416 0x0f7c  Steam Client Service - ok
21:50:43.0419 0x0f7c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:50:43.0421 0x0f7c  stexstor - ok
21:50:43.0424 0x0f7c  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:50:43.0426 0x0f7c  StillCam - ok
21:50:43.0447 0x0f7c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
21:50:43.0463 0x0f7c  stisvc - ok
21:50:43.0469 0x0f7c  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:50:43.0471 0x0f7c  storflt - ok
21:50:43.0473 0x0f7c  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
21:50:43.0475 0x0f7c  StorSvc - ok
21:50:43.0478 0x0f7c  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:50:43.0480 0x0f7c  storvsc - ok
21:50:43.0482 0x0f7c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:50:43.0483 0x0f7c  swenum - ok
21:50:43.0503 0x0f7c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
21:50:43.0521 0x0f7c  swprv - ok
21:50:43.0811 0x0f7c  [ 0FE29D81F372CA2DCE9E49736A3BD3E6, 10ED93BEE7ECBD2AF5E7AB0197CC82A5424FD63A2ED90F0417B266AD06E5F32C ] syncagentsrv    C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
21:50:44.0036 0x0f7c  syncagentsrv - ok
21:50:44.0091 0x0f7c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
21:50:44.0140 0x0f7c  SysMain - ok
21:50:44.0147 0x0f7c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:50:44.0151 0x0f7c  TabletInputService - ok
21:50:44.0165 0x0f7c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:50:44.0176 0x0f7c  TapiSrv - ok
21:50:44.0181 0x0f7c  [ 93F0F5EF8A4CA261372DF98B31B2BD05, 8CE4C01EF8BB6A2A11324D4ED1320760D78852A96570EEC5252FCEC2E50C597D ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
21:50:44.0186 0x0f7c  tbhsd - ok
21:50:44.0189 0x0f7c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
21:50:44.0191 0x0f7c  TBS - ok
21:50:44.0256 0x0f7c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:50:44.0319 0x0f7c  Tcpip - ok
21:50:44.0407 0x0f7c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:50:44.0432 0x0f7c  TCPIP6 - ok
21:50:44.0440 0x0f7c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:50:44.0442 0x0f7c  tcpipreg - ok
21:50:44.0449 0x0f7c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:50:44.0453 0x0f7c  TDPIPE - ok
21:50:44.0517 0x0f7c  [ 07330E30921C70E9D9B416EE43A06349, 398500C12E685BCF732C7F80A2C0E95181E5377A0E6C14CF9A3EE8580083A556 ] tdrpman         C:\Windows\system32\DRIVERS\tdrpman.sys
21:50:44.0605 0x0f7c  tdrpman - ok
21:50:44.0609 0x0f7c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:50:44.0611 0x0f7c  TDTCP - ok
21:50:44.0616 0x0f7c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:50:44.0619 0x0f7c  tdx - ok
21:50:44.0743 0x0f7c  [ 1C90314A7085467E3DD31EED3A365423, BB1B363C7B1D9088DB6BC70AA4902FD6DD6B92B16B3D31D51F38E68710730AE9 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
21:50:45.0160 0x0f7c  TeamViewer - ok
21:50:45.0168 0x0f7c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:50:45.0169 0x0f7c  TermDD - ok
21:50:45.0183 0x0f7c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
21:50:45.0194 0x0f7c  TermService - ok
21:50:45.0199 0x0f7c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
21:50:45.0201 0x0f7c  Themes - ok
21:50:45.0206 0x0f7c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
21:50:45.0207 0x0f7c  THREADORDER - ok
21:50:45.0250 0x0f7c  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib             C:\Windows\system32\DRIVERS\tib.sys
21:50:45.0320 0x0f7c  tib - ok
21:50:45.0331 0x0f7c  [ 3C29FB9FC9B4C511AD69DC50257FEC75, 4906DADE076FD363C53044C805602EEA4D0EF6E92041C693E1BED2286614B36E ] tib_mounter     C:\Windows\system32\DRIVERS\tib_mounter.sys
21:50:45.0350 0x0f7c  tib_mounter - ok
21:50:45.0354 0x0f7c  [ 3B43F4F67F3C539C3BBF40A552A12B5E, 565593B9AD01CA02205FC53F6B8A8955CB26901397C3581C3C514F01B69B86BD ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
21:50:45.0356 0x0f7c  TomTomHOMEService - ok
21:50:45.0364 0x0f7c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
21:50:45.0369 0x0f7c  TrkWks - ok
21:50:45.0381 0x0f7c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:50:45.0388 0x0f7c  TrustedInstaller - ok
21:50:45.0394 0x0f7c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:50:45.0397 0x0f7c  tssecsrv - ok
21:50:45.0402 0x0f7c  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:50:45.0404 0x0f7c  TsUsbFlt - ok
21:50:45.0409 0x0f7c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:50:45.0412 0x0f7c  tunnel - ok
21:50:45.0417 0x0f7c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:50:45.0420 0x0f7c  uagp35 - ok
21:50:45.0435 0x0f7c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:50:45.0448 0x0f7c  udfs - ok
21:50:45.0453 0x0f7c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:50:45.0455 0x0f7c  UI0Detect - ok
21:50:45.0460 0x0f7c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:50:45.0463 0x0f7c  uliagpkx - ok
21:50:45.0467 0x0f7c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:50:45.0469 0x0f7c  umbus - ok
21:50:45.0473 0x0f7c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:50:45.0475 0x0f7c  UmPass - ok
21:50:45.0485 0x0f7c  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:50:45.0494 0x0f7c  UmRdpService - ok
21:50:45.0498 0x0f7c  [ 9DC07E73A4ABB9ACF692113B36A5009F, CA7176FC219515D58DCFA66EC61880ECE5617275C9B83701BB74D8B60E733D34 ] UnlockerDriver5 C:\Program Files\Unlocker\UnlockerDriver5.sys
21:50:45.0506 0x0f7c  UnlockerDriver5 - ok
21:50:45.0521 0x0f7c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
21:50:45.0533 0x0f7c  upnphost - ok
21:50:45.0538 0x0f7c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
21:50:45.0549 0x0f7c  USBAAPL64 - ok
21:50:45.0556 0x0f7c  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
21:50:45.0561 0x0f7c  usbaudio - ok
21:50:45.0567 0x0f7c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:50:45.0571 0x0f7c  usbccgp - ok
21:50:45.0578 0x0f7c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:50:45.0583 0x0f7c  usbcir - ok
21:50:45.0588 0x0f7c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
21:50:45.0590 0x0f7c  usbehci - ok
21:50:45.0602 0x0f7c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:50:45.0611 0x0f7c  usbhub - ok
21:50:45.0616 0x0f7c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:50:45.0619 0x0f7c  usbohci - ok
21:50:45.0622 0x0f7c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:50:45.0624 0x0f7c  usbprint - ok
21:50:45.0627 0x0f7c  [ 54EAFFD31C377C8C1055D33E6B6B4B27, F7A7F49D3A20075134389FC38E43F889E5391C25B0524AC59755B15CBEC92490 ] usbrndis6       C:\Windows\system32\DRIVERS\usb80236.sys
21:50:45.0628 0x0f7c  usbrndis6 - ok
21:50:45.0634 0x0f7c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:50:45.0638 0x0f7c  USBSTOR - ok
21:50:45.0642 0x0f7c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:50:45.0645 0x0f7c  usbuhci - ok
21:50:45.0655 0x0f7c  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:50:45.0662 0x0f7c  usbvideo - ok
21:50:45.0666 0x0f7c  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\drivers\usb8023x.sys
21:50:45.0668 0x0f7c  usb_rndisx - ok
21:50:45.0672 0x0f7c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
21:50:45.0674 0x0f7c  UxSms - ok
21:50:45.0677 0x0f7c  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
21:50:45.0678 0x0f7c  VaultSvc - ok
21:50:45.0682 0x0f7c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:50:45.0684 0x0f7c  vdrvroot - ok
21:50:45.0702 0x0f7c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
21:50:45.0718 0x0f7c  vds - ok
21:50:45.0722 0x0f7c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:50:45.0724 0x0f7c  vga - ok
21:50:45.0726 0x0f7c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:50:45.0728 0x0f7c  VgaSave - ok
21:50:45.0740 0x0f7c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:50:45.0751 0x0f7c  vhdmp - ok
21:50:45.0755 0x0f7c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:50:45.0757 0x0f7c  viaide - ok
21:50:45.0766 0x0f7c  [ 35E8A18D1C558D5C2FF2FFED2FD396F6, 5516AC03964DD33CF239AB3FB1D41BAB7454DB35FB38C45907614C3DB8F23391 ] vididr          C:\Windows\system32\DRIVERS\vididr.sys
21:50:45.0785 0x0f7c  vididr - ok
21:50:45.0793 0x0f7c  [ 0DCD5C8F2E0B3650C4A29F6569C074FD, 8FB24D79ADE1541C5DD6241A3395EF2E6575A8376111294CD5C87ECA798EDCFD ] vidsflt         C:\Windows\system32\DRIVERS\vidsflt.sys
21:50:45.0810 0x0f7c  vidsflt - ok
21:50:45.0818 0x0f7c  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:50:45.0824 0x0f7c  vmbus - ok
21:50:45.0827 0x0f7c  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:50:45.0829 0x0f7c  VMBusHID - ok
21:50:45.0834 0x0f7c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:50:45.0837 0x0f7c  volmgr - ok
21:50:45.0851 0x0f7c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:50:45.0863 0x0f7c  volmgrx - ok
21:50:45.0875 0x0f7c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:50:45.0885 0x0f7c  volsnap - ok
21:50:45.0898 0x0f7c  [ ABD9B4A7E2D0AE51A3B8DF1AF3152D61, 1EAA4D8D35008E4D5C4AEA91C3ABD3D5BB5F8DF2D95D35792B3F3BB31EABB7CF ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
21:50:45.0906 0x0f7c  vpcbus - ok
21:50:45.0911 0x0f7c  [ 8ACDA395841538CE9713A67FE8B2A3EB, D74D6AF8059C1CD59A5DDB03095BC46FF7808DA358FB64D71B53940DEE6356D9 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
21:50:45.0912 0x0f7c  vpcnfltr - ok
21:50:45.0917 0x0f7c  [ 31924E31BC315773E6D149B157DB46D5, 8E2A8785D2D7327F9DE046E6245F233280395AA42D5BAD1048021109628840C2 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
21:50:45.0921 0x0f7c  vpcusb - ok
21:50:45.0934 0x0f7c  [ C5B651E52540E6F46DA66574C74B4898, 4292E1D574FB0AF1D61F17F88D82A1A77738A3F7ECECB49FF20997FEC99078B2 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
21:50:45.0939 0x0f7c  vpcvmm - ok
21:50:45.0947 0x0f7c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:50:45.0952 0x0f7c  vsmraid - ok
21:50:46.0000 0x0f7c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
21:50:46.0047 0x0f7c  VSS - ok
21:50:46.0051 0x0f7c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
21:50:46.0053 0x0f7c  vwifibus - ok
21:50:46.0064 0x0f7c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
21:50:46.0074 0x0f7c  W32Time - ok
21:50:46.0078 0x0f7c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:50:46.0079 0x0f7c  WacomPen - ok
21:50:46.0084 0x0f7c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:50:46.0086 0x0f7c  WANARP - ok
21:50:46.0092 0x0f7c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:50:46.0094 0x0f7c  Wanarpv6 - ok
21:50:46.0154 0x0f7c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:50:46.0221 0x0f7c  WatAdminSvc - ok
21:50:46.0268 0x0f7c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
21:50:46.0310 0x0f7c  wbengine - ok
21:50:46.0320 0x0f7c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:50:46.0328 0x0f7c  WbioSrvc - ok
21:50:46.0371 0x0f7c  [ 8F105ADE434064ADFBBFBE198513B84F, 613F6C224D5FE079C038C2813BC92F769877AEC8E0071026B63D2A548371880E ] WCMVCAM         C:\Windows\system32\DRIVERS\wcmvcam64.sys
21:50:46.0383 0x0f7c  WCMVCAM - ok
21:50:46.0400 0x0f7c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:50:46.0412 0x0f7c  wcncsvc - ok
21:50:46.0417 0x0f7c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:50:46.0421 0x0f7c  WcsPlugInService - ok
21:50:46.0423 0x0f7c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:50:46.0424 0x0f7c  Wd - ok
21:50:46.0462 0x0f7c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:50:46.0494 0x0f7c  Wdf01000 - ok
21:50:46.0501 0x0f7c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:50:46.0504 0x0f7c  WdiServiceHost - ok
21:50:46.0509 0x0f7c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:50:46.0511 0x0f7c  WdiSystemHost - ok
21:50:46.0520 0x0f7c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
21:50:46.0528 0x0f7c  WebClient - ok
21:50:46.0538 0x0f7c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:50:46.0547 0x0f7c  Wecsvc - ok
21:50:46.0551 0x0f7c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:50:46.0555 0x0f7c  wercplsupport - ok
21:50:46.0559 0x0f7c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
21:50:46.0563 0x0f7c  WerSvc - ok
21:50:46.0565 0x0f7c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:50:46.0566 0x0f7c  WfpLwf - ok
21:50:46.0568 0x0f7c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:50:46.0569 0x0f7c  WIMMount - ok
21:50:46.0571 0x0f7c  WinDefend - ok
21:50:46.0576 0x0f7c  WinHttpAutoProxySvc - ok
21:50:46.0588 0x0f7c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:50:46.0596 0x0f7c  Winmgmt - ok
21:50:46.0644 0x0f7c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
21:50:46.0688 0x0f7c  WinRM - ok
21:50:46.0695 0x0f7c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
21:50:46.0697 0x0f7c  WinUsb - ok
21:50:46.0730 0x0f7c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:50:46.0759 0x0f7c  Wlansvc - ok
21:50:46.0763 0x0f7c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:50:46.0765 0x0f7c  WmiAcpi - ok
21:50:46.0776 0x0f7c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:50:46.0783 0x0f7c  wmiApSrv - ok
21:50:46.0786 0x0f7c  WMPNetworkSvc - ok
21:50:46.0791 0x0f7c  [ 495284CF894336E9512ED7C9ACB3548E, 55D05E94B96F67C50662C4695267CB18994112D086CAED2E493469C7F133F2BE ] WOTUpdater      C:\Users\***\AppData\LocalLow\WOT\IE\WOTUpdater.exe
21:50:46.0821 0x0f7c  WOTUpdater - ok
21:50:46.0824 0x0f7c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:50:46.0827 0x0f7c  WPCSvc - ok
21:50:46.0832 0x0f7c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:50:46.0835 0x0f7c  WPDBusEnum - ok
21:50:46.0838 0x0f7c  [ 7CA09731EB7FC99B910C7F239E57720F, 502F8917A0811F37C39B2B3F5E9B4F38A0E899C30CB29D3ECD87A50FF228E536 ] WPRO_41_2001    C:\Windows\system32\drivers\WPRO_41_2001.sys
21:50:46.0838 0x0f7c  WPRO_41_2001 - ok
21:50:46.0842 0x0f7c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:50:46.0844 0x0f7c  ws2ifsl - ok
21:50:46.0849 0x0f7c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
21:50:46.0853 0x0f7c  wscsvc - ok
21:50:46.0855 0x0f7c  WSearch - ok
21:50:46.0897 0x0f7c  [ 14882A15F5CE7B8EADC8E7F54FD5B53B, 75CE9845C6EE66B070EA3D11F5B49935B9D0A607DCC93D3105130F3987E39443 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:50:46.0936 0x0f7c  wuauserv - ok
21:50:46.0942 0x0f7c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:50:46.0945 0x0f7c  WudfPf - ok
21:50:46.0957 0x0f7c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:50:46.0965 0x0f7c  WUDFRd - ok
21:50:46.0970 0x0f7c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:50:46.0974 0x0f7c  wudfsvc - ok
21:50:46.0984 0x0f7c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:50:46.0993 0x0f7c  WwanSvc - ok
21:50:47.0006 0x0f7c  ================ Scan global ===============================
21:50:47.0009 0x0f7c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
21:50:47.0015 0x0f7c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
21:50:47.0023 0x0f7c  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
21:50:47.0029 0x0f7c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
21:50:47.0037 0x0f7c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
21:50:47.0043 0x0f7c  [ Global ] - ok
21:50:47.0043 0x0f7c  ================ Scan MBR ==================================
21:50:47.0044 0x0f7c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
21:50:47.0072 0x0f7c  \Device\Harddisk4\DR4 - ok
21:50:47.0073 0x0f7c  [ 4C54042F5B2569C9DDCF173120D730F9 ] \Device\Harddisk1\DR1
21:50:47.0108 0x0f7c  \Device\Harddisk1\DR1 - ok
21:50:47.0111 0x0f7c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
21:50:47.0132 0x0f7c  \Device\Harddisk2\DR2 - ok
21:50:47.0135 0x0f7c  [ B1F7D7F6E4FBE98E578562A22A94D02C ] \Device\Harddisk0\DR0
21:50:47.0201 0x0f7c  \Device\Harddisk0\DR0 - ok
21:50:47.0203 0x0f7c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
21:50:47.0285 0x0f7c  \Device\Harddisk3\DR3 - ok
21:50:47.0285 0x0f7c  ================ Scan VBR ==================================
21:50:47.0288 0x0f7c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk4\DR4\Partition1
21:50:47.0288 0x0f7c  \Device\Harddisk4\DR4\Partition1 - ok
21:50:47.0291 0x0f7c  [ 00268EEB88473E6087521611913F952D ] \Device\Harddisk4\DR4\Partition2
21:50:47.0340 0x0f7c  \Device\Harddisk4\DR4\Partition2 - ok
21:50:47.0343 0x0f7c  [ 5A2D26691964C4705B2EA276B6ABCE76 ] \Device\Harddisk1\DR1\Partition1
21:50:47.0398 0x0f7c  \Device\Harddisk1\DR1\Partition1 - ok
21:50:47.0401 0x0f7c  [ D51A2AD1EE9D1B73B5640FEF4590D950 ] \Device\Harddisk1\DR1\Partition2
21:50:47.0469 0x0f7c  \Device\Harddisk1\DR1\Partition2 - ok
21:50:47.0472 0x0f7c  [ A700BE8B1CA14CD7D3A1F481FC0DE8DC ] \Device\Harddisk1\DR1\Partition3
21:50:47.0511 0x0f7c  \Device\Harddisk1\DR1\Partition3 - ok
21:50:47.0514 0x0f7c  [ CC83FB6CD99E8ACAA193E8F03CF5F7E0 ] \Device\Harddisk1\DR1\Partition4
21:50:47.0535 0x0f7c  \Device\Harddisk1\DR1\Partition4 - ok
21:50:47.0538 0x0f7c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition1
21:50:47.0538 0x0f7c  \Device\Harddisk2\DR2\Partition1 - ok
21:50:47.0541 0x0f7c  [ 5728DF91DFBBC849DE63F39B0F64EDB3 ] \Device\Harddisk2\DR2\Partition2
21:50:47.0623 0x0f7c  \Device\Harddisk2\DR2\Partition2 - ok
21:50:47.0626 0x0f7c  [ 2D64EB29D59535E8CB5AEF1D72A58DC7 ] \Device\Harddisk0\DR0\Partition1
21:50:47.0628 0x0f7c  \Device\Harddisk0\DR0\Partition1 - ok
21:50:47.0630 0x0f7c  [ A18766868C577FEDB21F88FD08422B88 ] \Device\Harddisk3\DR3\Partition1
21:50:47.0699 0x0f7c  \Device\Harddisk3\DR3\Partition1 - ok
21:50:47.0700 0x0f7c  ================ Scan generic autorun ======================
21:50:47.0712 0x0f7c  [ 5AF1E9600E3FF841E522703A4993ED0C, 5189530793747C40B0E3548DA40058989C88A69C593C3E54E6548CFB89B9CE10 ] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
21:50:47.0719 0x0f7c  IAAnotif - ok
21:50:48.0140 0x0f7c  [ 160B5E0566713EB5CAB2EC12C36ACF52, 3B9FC94989CED565C339A0A5E79CE61B180BA14D46759A1F27DC3561E3384E31 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
21:50:48.0546 0x0f7c  RtHDVCpl - ok
21:50:48.0576 0x0f7c  [ F5A5DBADCD24BDF33BFDAA789E39C876, A0D931FA339CA1FB6198BF5DF327ECEB0881796FFF92BDE0F9FC2C233C46E83C ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
21:50:48.0582 0x0f7c  AdobeAAMUpdater-1.0 - ok
21:50:48.0599 0x0f7c  [ 5DC1B8466B880D4491128801497DA3AE, 525BE0C9CEFC1F03095AF5596F764472CDA339FC0C79D7CBAC5559F6B646198C ] C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe
21:50:48.0612 0x0f7c  Launch LgDeviceAgent - ok
21:50:48.0719 0x0f7c  [ AD5A5F8A3E53C600F05BFB6587E4A045, DD53B394D0873BE47B4C2854910EC57B103380C8AC13F4AC22BE7792C3F9CC92 ] C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
21:50:48.0807 0x0f7c  Launch LCDMon - ok
21:50:48.0955 0x0f7c  [ 4342DBCE85E513B093CEDA1671B21B31, C362989CB73EFBCFFBC7F79A4014E9CED0177FDD791CE23B0AE70FB0DC4F28A9 ] C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
21:50:49.0095 0x0f7c  Launch LGDCore - ok
21:50:49.0099 0x0f7c  InstallerLauncher - ok
21:50:49.0121 0x0f7c  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
21:50:49.0140 0x0f7c  MSC - ok
21:50:49.0146 0x0f7c  [ D0B542256A968DFCB8896C140FCE6047, 3F92A9871B521BCCCDFE6D9BFF88930B26C5DB86F6F6578554A3F2ECC5C5EBA0 ] C:\Program Files\iTunes\iTunesHelper.exe
21:50:49.0150 0x0f7c  iTunesHelper - ok
21:50:49.0192 0x0f7c  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
21:50:49.0229 0x0f7c  NvBackend - ok
21:50:49.0234 0x0f7c  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
21:50:49.0236 0x0f7c  ShadowPlay - ok
21:50:49.0278 0x0f7c  [ 4D5D968FE6AE6BF94A807F73F7FF6B3D, 3D5D5D775EE251C2B903AA8DA804AE4D1632DD59A8A0A36C545FE984FCFE06DD ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
21:50:49.0315 0x0f7c  BrMfcWnd - ok
21:50:49.0322 0x0f7c  [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
21:50:49.0327 0x0f7c  ControlCenter3 - ok
21:50:49.0332 0x0f7c  [ FA87C6A22F3339B9EDC2F2079BC1E996, 86084094C9576D0BF48B299E048649D930214EDEC9B7462C9242D360A720AB00 ] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
21:50:49.0337 0x0f7c  LifeCam - ok
21:50:49.0342 0x0f7c  [ 72292AE254AD01236143E750D8952D03, A7CD415F424F99FC72A64C9F95A2D2BB863628F53969E53482F56D17C76C4C33 ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
21:50:49.0344 0x0f7c  Adobe Photo Downloader - ok
21:50:49.0560 0x0f7c  [ B8434467D90B65E5A2D697C7FF511802, A0F5D234A1CA1384160FB63AF40B169B4649DF7D77534DE1B16E1063EC922A87 ] C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
21:50:49.0761 0x0f7c  TrueImageMonitor.exe - ok
21:50:49.0812 0x0f7c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:50:49.0853 0x0f7c  Sidebar - ok
21:50:49.0859 0x0f7c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:50:49.0864 0x0f7c  mctadmin - ok
21:50:49.0909 0x0f7c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
21:50:49.0921 0x0f7c  Sidebar - ok
21:50:49.0927 0x0f7c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
21:50:49.0928 0x0f7c  mctadmin - ok
21:50:49.0936 0x0f7c  [ 4EA63B2AF94A69E5D89D25D45BF8C8D8, D666BC52A093643F21D99C55928851DDE5862DD47FA56C845019B31C6066D7B7 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
21:50:49.0940 0x0f7c  TomTomHOME.exe - ok
21:50:49.0963 0x0f7c  [ 22B942E574747FDB85EBDED8C25422CB, 6684A348A4DB456092FC1FAF949BF84E052FDA9AE0D8FA121033C8929F688165 ] C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
21:50:49.0978 0x0f7c  Web Companion - ok
21:50:49.0979 0x0f7c  Waiting for KSN requests completion. In queue: 107
21:50:50.0979 0x0f7c  Waiting for KSN requests completion. In queue: 107
21:50:51.0979 0x0f7c  Waiting for KSN requests completion. In queue: 107
21:50:52.0990 0x0f7c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
21:50:53.0003 0x0f7c  Win FW state via NFP2: disabled
21:50:55.0358 0x0f7c  ============================================================
21:50:55.0358 0x0f7c  Scan finished
21:50:55.0358 0x0f7c  ============================================================
21:50:55.0365 0x06ac  Detected object count: 0
21:50:55.0365 0x06ac  Actual detected object count: 0

schrauber · 06.06.2015, 16:23

hi,

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Silverdrow · 06.06.2015, 22:33

Hallo Schrauber,
das war jetzt etwas seltsam, Microsoft Essential / Maleware lässt sich leider nicht so leicht deaktvieren.
Ich habe dieses dann deinstalliert (Netz off) und trotzdem kam die Meldung von ComboFix, das Essential und Antimaleware aktiviert wären. Nun ja hier der Log

Code:

ATTFilter

ComboFix 15-05-31.01 - *** 06.06.2015  22:35:14.1.4 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.49.1031.18.16347.14554 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
 ADS - Windows: deleted 0 bytes in 1 streams. 
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\1430217639.bdinstall.bin
c:\users\***\AppData\Local\Adobe\SecurityScan_Release.exe
c:\users\***\AppData\Local\assembly\tmp
c:\windows\IsUn0407.exe
c:\windows\iun6002.exe
c:\windows\msdownld.tmp
c:\windows\SysWow64\AdobePDF.dll
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_ACEDRV11
-------\Service_acedrv11
-------\Service_Boonty Games
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-05-06 bis 2015-06-06  ))))))))))))))))))))))))))))))
.
.
2015-06-06 20:39 . 2015-06-06 20:39	--------	d-----w-	c:\users\hedev\AppData\Local\temp
2015-06-06 20:39 . 2015-06-06 20:39	--------	d-----w-	c:\users\Default\AppData\Local\temp
2015-06-05 19:22 . 2015-06-05 19:22	--------	d-----w-	c:\programdata\Malwarebytes
2015-06-05 19:21 . 2015-06-06 05:36	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-06-05 19:21 . 2015-06-05 19:21	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-05 19:21 . 2015-06-05 19:21	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-06-05 18:47 . 2015-06-05 18:47	--------	d-----w-	c:\program files\FileZilla FTP Client
2015-06-05 16:59 . 2015-06-05 17:00	--------	d-----w-	C:\FRST
2015-06-03 22:49 . 2015-04-11 03:19	69888	----a-w-	c:\windows\system32\drivers\stream.sys
2015-06-03 22:47 . 2015-06-03 22:47	--------	d-----w-	c:\users\***\AppData\Local\GWX
2015-06-03 14:33 . 2015-04-21 16:26	968704	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2015-06-02 17:55 . 2015-06-02 17:55	--------	d-----w-	c:\windows\SysWow64\wbem\en-US
2015-06-02 17:55 . 2015-06-02 17:55	--------	d-----w-	c:\windows\system32\wbem\en-US
2015-06-01 14:43 . 2015-06-01 14:43	--------	d-----w-	c:\programdata\boost_interprocess
2015-06-01 14:43 . 2015-04-03 13:21	48784	----a-w-	c:\windows\SysWow64\nvaudcap32v.dll
2015-06-01 14:43 . 2015-04-03 13:21	38032	----a-w-	c:\windows\system32\drivers\nvvad64v.sys
2015-05-31 19:34 . 2015-05-31 19:34	--------	d-----w-	c:\users\***\AppData\Local\Lavasoft
2015-05-31 19:34 . 2015-05-25 08:24	429392	----a-w-	c:\windows\system32\LavasoftTcpService64.dll
2015-05-31 19:34 . 2015-05-25 08:24	347976	----a-w-	c:\windows\SysWow64\LavasoftTcpService.dll
2015-05-31 19:34 . 2015-05-31 19:34	--------	d-----w-	c:\program files (x86)\Lavasoft
2015-05-31 19:32 . 2015-05-31 19:32	--------	d-----w-	c:\users\***\AppData\Roaming\Lavasoft
2015-05-31 19:32 . 2015-05-31 19:32	--------	d-----w-	c:\programdata\Lavasoft
2015-05-31 19:32 . 2015-05-31 19:32	--------	d-----w-	c:\program files (x86)\Cheat Engine 6.4
2015-05-31 19:32 . 2015-05-31 19:32	--------	d-----w-	c:\users\***\AppData\Roaming\OpenCandy
2015-05-22 17:24 . 2015-05-22 17:24	--------	d-----w-	c:\programdata\AVM
2015-05-22 17:24 . 2015-05-22 17:25	--------	d-----w-	c:\program files\FRITZ!Fernzugang
2015-05-22 17:16 . 2015-05-22 17:16	--------	d-----w-	c:\users\***\AppData\Roaming\AVM
2015-05-22 17:14 . 2015-05-22 17:16	--------	d-----w-	c:\program files (x86)\FRITZ!Fernzugang einrichten
2015-05-22 17:01 . 2015-05-22 17:01	--------	d-----w-	c:\users\***\AppData\Local\Vitalwerks
2015-05-22 17:01 . 2015-05-22 17:01	--------	d-----w-	c:\program files (x86)\No-IP
2015-05-20 13:04 . 2015-05-20 13:05	--------	d-----w-	c:\windows\Entropia Universe
2015-05-19 08:48 . 2015-05-12 06:27	1898312	----a-w-	c:\windows\system32\nvdispco6435286.dll
2015-05-19 08:48 . 2015-05-12 06:27	1557648	----a-w-	c:\windows\system32\nvdispgenco6435286.dll
2015-05-13 23:17 . 2015-05-13 23:17	--------	d-----w-	c:\windows\PCHEALTH
2015-05-13 23:12 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 23:12 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-06 20:40 . 2012-12-13 15:02	34752	----a-w-	c:\windows\system32\drivers\WPRO_41_2001.sys
2015-05-28 07:04 . 2015-05-05 21:19	3379680	----a-w-	c:\windows\system32\nvapi64.dll
2015-05-28 07:04 . 2015-02-13 20:50	12852152	----a-w-	c:\windows\SysWow64\nvd3dum.dll
2015-05-28 07:04 . 2014-12-24 14:04	17486856	----a-w-	c:\windows\system32\nvwgf2umx.dll
2015-05-28 04:15 . 2014-04-25 18:24	937288	----a-w-	c:\windows\system32\nvvsvc.exe
2015-05-28 04:15 . 2014-04-25 18:24	62608	----a-w-	c:\windows\system32\nvshext.dll
2015-05-28 04:15 . 2014-04-25 18:24	385168	----a-w-	c:\windows\system32\nvmctray.dll
2015-05-28 04:15 . 2014-04-25 18:24	3491984	----a-w-	c:\windows\system32\nvsvc64.dll
2015-05-28 04:15 . 2014-04-25 18:24	2558608	----a-w-	c:\windows\system32\nvsvcr.dll
2015-05-28 04:15 . 2014-04-25 18:24	6872904	----a-w-	c:\windows\system32\nvcpl.dll
2015-05-27 10:48 . 2014-04-25 18:24	4408727	----a-w-	c:\windows\system32\nvcoproc.bin
2015-05-25 18:01 . 2015-06-03 22:50	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-05-23 01:47 . 2015-05-05 21:21	1320304	----a-w-	c:\windows\SysWow64\nvspcap.dll
2015-05-23 01:47 . 2015-05-05 21:21	1316000	----a-w-	c:\windows\SysWow64\nvspbridge.dll
2015-05-23 01:47 . 2015-05-05 21:21	1756424	----a-w-	c:\windows\system32\nvspbridge64.dll
2015-05-23 01:47 . 2015-05-05 21:21	1571696	----a-w-	c:\windows\system32\nvspcap64.dll
2015-05-21 07:26 . 2012-04-21 20:23	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-21 07:26 . 2011-05-13 07:25	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-13 23:17 . 2010-03-17 06:32	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-05-02 10:29 . 2015-05-02 10:29	107832	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2015-05-02 10:29 . 2015-05-02 10:29	682280	----a-w-	c:\windows\SysWow64\pbsvc.exe
2015-05-02 10:29 . 2010-11-04 17:35	66872	----a-w-	c:\windows\SysWow64\PnkBstrA.exe
2015-04-28 09:54 . 2015-04-28 09:54	0	----a-w-	c:\windows\SysWow64\REN2961.tmp
2015-04-28 09:53 . 2015-04-28 09:53	0	----a-w-	c:\windows\SysWow64\REN60E4.tmp
2015-04-19 10:05 . 2015-02-13 20:37	111016	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2015-04-09 00:58 . 2015-05-05 21:19	1895568	----a-w-	c:\windows\system32\nvdispco6435012.dll
2015-04-09 00:58 . 2015-05-05 21:19	1557648	----a-w-	c:\windows\system32\nvdispgenco6435012.dll
2015-04-03 13:21 . 2015-05-05 21:19	52880	----a-w-	c:\windows\system32\nvaudcap64v.dll
2015-03-17 15:36 . 2015-03-17 15:36	24744	----a-w-	c:\windows\system32\drivers\RrNetCapFilterDriver.sys
2015-03-14 03:21 . 2015-05-05 21:32	82944	----a-w-	c:\windows\system32\dwmapi.dll
2015-03-14 03:21 . 2015-05-05 21:32	1632768	----a-w-	c:\windows\system32\dwmcore.dll
2015-03-14 03:04 . 2015-05-05 21:32	67584	----a-w-	c:\windows\SysWow64\dwmapi.dll
2015-03-14 03:04 . 2015-05-05 21:32	1372160	----a-w-	c:\windows\SysWow64\dwmcore.dll
2015-03-10 03:25 . 2015-04-18 16:09	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-18 16:09	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-18 16:09	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-18 16:09	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Web Companion"="c:\program files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe" [2015-05-25 1376016]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]
"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]
"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-12-22 67752]
"TrueImageMonitor.exe"="c:\program files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" [2014-02-04 7843744]
"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" [2013-12-21 3478392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-10-02 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux9"=wdmaud.drv
.
R1 GLogin;GLogin; [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SearchProtectionService;IE Search Set;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe;c:\program files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [x]
R2 WCMVCAM;WebcamMax, WDM Video Capture;c:\windows\system32\DRIVERS\wcmvcam64.sys;c:\windows\SYSNATIVE\DRIVERS\wcmvcam64.sys [x]
R3 afcdp;afcdp;c:\windows\system32\DRIVERS\afcdp.sys;c:\windows\SYSNATIVE\DRIVERS\afcdp.sys [x]
R3 AlcatelOTDCWwan;AlcatelOTDC USB-NDIS miniport;c:\windows\system32\DRIVERS\AlcatelOTDCWwan.sys;c:\windows\SYSNATIVE\DRIVERS\AlcatelOTDCWwan.sys [x]
R3 ALCATELUSB;Alcatel HSPA Modem Service;c:\windows\system32\Drivers\AlcatelUsb.sys;c:\windows\SYSNATIVE\Drivers\AlcatelUsb.sys [x]
R3 AsrCDDrv;AsrCDDrv;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys;c:\windows\SysWOW64\Drivers\AsrCDDrv.sys [x]
R3 BRDriver64;BRDriver64;c:\programdata\BitRaider\BRDriver64.sys;c:\programdata\BitRaider\BRDriver64.sys [x]
R3 BRDriver64_1_3_3_E02B25FC;BRDriver64_1_3_3_E02B25FC;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys;c:\programdata\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [x]
R3 BRSptStub;BitRaider Mini-Support Service Stub Loader;c:\programdata\BitRaider\BRSptStub.exe;c:\programdata\BitRaider\BRSptStub.exe [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\BitRaider\BRSptSvc.exe;c:\programdata\BitRaider\BRSptSvc.exe [x]
R3 btmaudio;Motorola Bluetooth Audio Service;c:\windows\system32\drivers\btmaud.sys;c:\windows\SYSNATIVE\drivers\btmaud.sys [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 DrvAgent64;DrvAgent64;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS;c:\windows\SysWOW64\Drivers\DrvAgent64.SYS [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 jrdusbser;Modem Interface Device for Legacy Serial Communication;c:\windows\system32\DRIVERS\jrdusbser.sys;c:\windows\SYSNATIVE\DRIVERS\jrdusbser.sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]
R3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
R3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\drivers\LVUSBS64.sys;c:\windows\SYSNATIVE\drivers\LVUSBS64.sys [x]
R3 LVUVC64;Logitech QuickCam Fusion(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 Rockusb;Driver for Rockusb Device;c:\windows\system32\DRIVERS\rockusb.sys;c:\windows\SYSNATIVE\DRIVERS\rockusb.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 rsvcdwdr;rsvcdwdr;c:\windows\system32\DRIVERS\rsvcdwdr.sys;c:\windows\SYSNATIVE\DRIVERS\rsvcdwdr.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe;c:\program files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 ssudnflt;Remote NDIS Filter Driver;c:\windows\system32\DRIVERS\ssudnflt.sys;c:\windows\SYSNATIVE\DRIVERS\ssudnflt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 afcdpsrv;Acronis Nonstop Backup Service;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe;c:\program files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [x]
R4 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x]
R4 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
R4 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
R4 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R4 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [x]
R4 Modem Device Helper;Modem Device Helper;c:\program files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe;c:\program files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [x]
R4 NasPmService;NAS PM Service;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe;c:\program files (x86)\BUFFALO\NASNAVI\nassvc.exe [x]
R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 WOTUpdater;WOT Updater;c:\users\***\AppData\LocalLow\WOT\IE\WOTUpdater.exe;c:\users\***\AppData\LocalLow\WOT\IE\WOTUpdater.exe [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 AsrRamDisk;AsrRamDisk;c:\windows\system32\DRIVERS\AsrRamDisk.sys;c:\windows\SYSNATIVE\DRIVERS\AsrRamDisk.sys [x]
S0 fltsrv;Acronis Storage Filter Management;c:\windows\system32\DRIVERS\fltsrv.sys;c:\windows\SYSNATIVE\DRIVERS\fltsrv.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 tib;Acronis TIB Manager;c:\windows\system32\DRIVERS\tib.sys;c:\windows\SYSNATIVE\DRIVERS\tib.sys [x]
S0 tib_mounter;Acronis TIB Mounter;c:\windows\system32\DRIVERS\tib_mounter.sys;c:\windows\SYSNATIVE\DRIVERS\tib_mounter.sys [x]
S0 vididr;Acronis Virtual Disk;c:\windows\system32\DRIVERS\vididr.sys;c:\windows\SYSNATIVE\DRIVERS\vididr.sys [x]
S0 vidsflt;Acronis Disk Storage Filter;c:\windows\system32\DRIVERS\vidsflt.sys;c:\windows\SYSNATIVE\DRIVERS\vidsflt.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S2 avmike;AVM FRITZ!Fernzugang IKE Service;c:\program files\FRITZ!Fernzugang\avmike.exe;c:\program files\FRITZ!Fernzugang\avmike.exe [x]
S2 certsrv;AVM FRITZ!Fernzugang Cert Service;c:\program files\FRITZ!Fernzugang\certsrv.exe;c:\program files\FRITZ!Fernzugang\certsrv.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 ISCTAgent;ISCT Always Updated Agent;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe;c:\program files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [x]
S2 LavasoftTcpService;LavasoftTcpService;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe;c:\program files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\system32\nlssrv32.exe;c:\windows\SYSNATIVE\nlssrv32.exe [x]
S2 NPF_devolo;NetGroup Packet Filter Driver (devolo);c:\windows\sysWOW64\drivers\npf_devolo.sys;c:\windows\sysWOW64\drivers\npf_devolo.sys [x]
S2 nwtsrv;AVM FRITZ!Fernzugang Client;c:\program files\FRITZ!Fernzugang\nwtsrv.exe;c:\program files\FRITZ!Fernzugang\nwtsrv.exe [x]
S2 syncagentsrv;Acronis Sync Agent Service;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe;c:\program files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [x]
S2 TomTomHOMEService;TomTomHOMEService;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe;c:\program files (x86)\TomTom HOME 2\TomTomHOMEService.exe [x]
S3 AsrVDrive;AsrVDrive;c:\windows\system32\DRIVERS\AsrVDrive.sys;c:\windows\SYSNATIVE\DRIVERS\AsrVDrive.sys [x]
S3 ikbevent;Intel Upper keyboard Class Filter Driver;c:\windows\system32\DRIVERS\ikbevent.sys;c:\windows\SYSNATIVE\DRIVERS\ikbevent.sys [x]
S3 imsevent;Intel Upper Mouse Class Filter Driver;c:\windows\system32\DRIVERS\imsevent.sys;c:\windows\SYSNATIVE\DRIVERS\imsevent.sys [x]
S3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 MSHUSBVideo;NX6000/NX3000/VX2000/VX5000/VX5500/VX7000/Cinema Filter Driver;c:\windows\system32\Drivers\nx6000.sys;c:\windows\SYSNATIVE\Drivers\nx6000.sys [x]
S3 NWIM;AVM VPN Miniport;c:\windows\system32\DRIVERS\avmnwim.sys;c:\windows\SYSNATIVE\DRIVERS\avmnwim.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
S3 WPRO_41_2001;WinPcap Packet Driver (WPRO_41_2001);c:\windows\system32\drivers\WPRO_41_2001.sys;c:\windows\SYSNATIVE\drivers\WPRO_41_2001.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-21 07:26]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncError]
@="{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}"
[HKEY_CLASSES_ROOT\CLSID\{934BC6C0-FEC2-4df5-A100-961DE2C8A0ED}]
2013-10-01 08:32	2818216	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncInProgress]
@="{00F848DC-B1D4-4892-9C25-CAADC86A215D}"
[HKEY_CLASSES_ROOT\CLSID\{00F848DC-B1D4-4892-9C25-CAADC86A215D}]
2013-10-01 08:32	2818216	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AcronisSyncOk]
@="{71573297-552E-46fc-BE3D-3DFAF88D47B7}"
[HKEY_CLASSES_ROOT\CLSID\{71573297-552E-46fc-BE3D-3DFAF88D47B7}]
2013-10-01 08:32	2818216	----a-w-	c:\program files (x86)\Acronis\TrueImageHome\tishell64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-01-31 12446824]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
"Launch LgDeviceAgent"="c:\program files\Logitech\GamePanel Software\LgDevAgt.exe" [2010-08-03 415816]
"Launch LCDMon"="c:\program files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe" [2010-08-03 2412616]
"Launch LGDCore"="c:\program files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" [2010-08-03 4725320]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2015-02-13 169768]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-05-23 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-05-23 1571696]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mSearch Bar = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com
IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: citrix-mtu.com
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: localhost
Trusted Zone: mtu-online.com\citrix
Trusted Zone: mydlink.com\eu
Trusted Zone: rrpowersystems.com\webmail
Trusted Zone: soe.com
Trusted Zone: sony.com
Trusted Zone: webcompanion.com
TCP: DhcpNameServer = 192.168.178.1
DPF: {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} - hxxp://192.168.178.41/VDControl.CAB?2,0,0,89
DPF: {59A5A3CB-18D6-40A4-ABBC-60DBE7D98ED8} - hxxp://192.168.178.37/web/DLinkNVS322.cab
DPF: {A606CAC8-4804-4E7F-A63A-2D85B416AB96} - hxxps://eu.mydlink.com/8D/activeX/NVSWebAll.cab
.
.
------- Dateityp-Verknüpfung -------
.
inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1
txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AnyCaptureScreen - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-ASRockXTU - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Agent - c:\program files\Bitdefender\Bitdefender\pmbxag.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse - c:\program files\Bitdefender\Bitdefender\pwdmanui.exe
Wow6432Node-HKU-Default-Run-Bitdefender-Geldbörse-Anwendungs-Agent - c:\program files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-InstallerLauncher - c:\program files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe
AddRemove-EVE - g:\eve\Uninstall.exe
AddRemove-FRITZ! 2.0 - c:\windows\IsUn0407.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Wondershare Video Converter Ultimate_is1 - c:\program files (x86)\Wondershare\Video Converter Ultimate\unins000.exe
AddRemove-WYSIWYG_Web_Builder_7 - c:\windows\iun6002.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-905352029-3248617649-53037531-1000\Software\SecuROM\License information*]
"datasecu"=hex:cf,9c,0a,3b,0d,fe,e1,90,81,02,ea,96,be,2e,00,e9,eb,27,e8,43,b4,
   72,33,a5,2a,ce,5d,06,97,c8,08,1c,53,f9,95,b5,b4,79,dd,63,0c,8b,c0,a4,64,e1,\
"rkeysecu"=hex:d8,80,7d,96,4e,8c,52,70,fa,1d,1d,d7,ab,9b,33,1e
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\windows\SysWOW64\nlssrv32.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-06  23:09:44 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-06-06 21:09
.
Vor Suchlauf: 20 Verzeichnis(se), 70.059.110.400 Bytes frei
Nach Suchlauf: 28 Verzeichnis(se), 69.844.688.896 Bytes frei
.
- - End Of File - - 0BBD2CECD013C515826820FA7EC7C00A
B1F7D7F6E4FBE98E578562A22A94D02C

schrauber · 07.06.2015, 15:25

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Silverdrow · 07.06.2015, 22:53

Hallo hier die neuen logs

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 07.06.2015
Suchlauf-Zeit: 23:09:37
Logdatei: malewarebyte.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.07.05
Rootkit Datenbank: v2015.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: ***

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 531073
Verstrichene Zeit: 16 Min, 10 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 1
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D7F5E99C-B448-4121-8995-1E4A3E877A55}, In Quarantäne, [b32e9423f2981d19b506f78ca95c827e], 

Registrierungswerte: 1
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D7F5E99C-B448-4121-8995-1E4A3E877A55}|AppPath, C:\Users\***\AppData\Local\Conduit\CT2736476, In Quarantäne, [b32e9423f2981d19b506f78ca95c827e]

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 2
PUP.Optional.OpenCandy, C:\Users\***\AppData\Roaming\OpenCandy, In Quarantäne, [a1400cab6228d066d5461e97bf44ac54], 
PUP.Optional.OpenCandy, C:\Users\***\AppData\Roaming\OpenCandy\0770DFFDC6C24014907AAD3F1EF48B68, In Quarantäne, [a1400cab6228d066d5461e97bf44ac54], 

Dateien: 10
PUP.Optional.SilentInstall.A, C:\ProgramData\Martau\Total Uninstall 5\Backup\BrowseToSave.Analyzed.zip, In Quarantäne, [9e437542a0ea54e2febf6dd202ff6e92], 
PUP.Optional.SimplyTech.A, C:\ProgramData\Martau\Total Uninstall 5\Backup\DownTango Launcher.Analyzed.zip, In Quarantäne, [fce5b205a3e7ca6c8ec1b30dea178b75], 
PUP.Optiona.ConduitTB.Gen, C:\ProgramData\Martau\Total Uninstall 5\Backup\Freeware.de Toolbar.Analyzed.zip, In Quarantäne, [9150cdea107ab185a0ab7004e6207789], 
PUP.Optional.OptimizePro.A, C:\ProgramData\Martau\Total Uninstall 5\Backup\Optimizer Pro v3.0.Analyzed.zip, In Quarantäne, [7b66c8ef7c0e9d995d39af712dd326da], 
PUP.Optional.Conduit.A, C:\ProgramData\Martau\Total Uninstall 5\Backup\Search Protect by conduit.Analyzed.zip, In Quarantäne, [845d3285ee9cc076d954ca8ba75a5fa1], 
PUP.Optional.SearchProtect.A, C:\ProgramData\Martau\Total Uninstall 6\Backup\Search Protect.Analyzed(1).zip, In Quarantäne, [b42d96215139be78f065259df908946c], 
PUP.Optional.Conduit.A, C:\ProgramData\Martau\Total Uninstall 6\Backup\Search Protect.Analyzed.zip, In Quarantäne, [8e539a1db5d53bfbd8551e37aa57f60a], 
PUP.Optional.SimplyTech.A, C:\ProgramData\Martau\Total Uninstall 6\Backup\Zoo Toolbar 6.5.Analyzed.zip, In Quarantäne, [d908bcfb0b7fa09653783e8f000139c7], 
PUP.Pantsoff.PasswordFinder, C:\Users\***\AppData\Roaming\Microsoft\Windows\Templates\pantsoff.exe, In Quarantäne, [c71a694e02881026aad4480534d2b14f], 
PUP.Optional.OpenCandy, C:\Users\***\AppData\Roaming\OpenCandy\0770DFFDC6C24014907AAD3F1EF48B68\WebCompanionInstallerOC141001-0506.exe, In Quarantäne, [a1400cab6228d066d5461e97bf44ac54], 

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)

(end)AdwCleaner Logfile:

	Code: 

 ATTFilter

  
	# AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 23:37:13
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-05.1 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : *** - ***-PC
# Gestarted von : C:\Users\***\Desktop\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v


-\\ Chromium v


*************************

AdwCleaner[R0].txt - [6648 Bytes] - [21/12/2013 21:34:06]
AdwCleaner[R1].txt - [6960 Bytes] - [15/02/2015 13:41:15]
AdwCleaner[R2].txt - [1787 Bytes] - [07/06/2015 23:34:43]
AdwCleaner[S0].txt - [6375 Bytes] - [21/12/2013 21:35:38]
AdwCleaner[S1].txt - [5892 Bytes] - [15/02/2015 13:43:13]
AdwCleaner[S2].txt - [1653 Bytes] - [07/06/2015 23:37:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1712  Bytes] ##########
         
 --- --- ---


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.9 (06.06.2015:1)
OS: Windows 7 Professional x64
Ran by Silverdrow on 07.06.2015 at 23:40:26,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{9E571C81-21E7-496B-9E6B-127E60263022}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E571C81-21E7-496B-9E6B-127E60263022}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{9E571C81-21E7-496B-9E6B-127E60263022}



~~~ Files

Failed to delete: [File] C:\Windows\syswow64\wscm64.dll
Successfully deleted: [File] C:\Windows\syswow64\wscm32.dll
Successfully deleted: [File] C:\Windows\system32\LavasoftTcpService64.dll
Successfully deleted: [File] C:\Windows\system32\LavasoftTcpServiceOff.ini
Successfully deleted: [File] C:\Windows\syswow64\LavasoftTcpService.dll
Successfully deleted: [File] C:\Windows\syswow64\LavasoftTcpServiceOff.ini



~~~ Folders

Successfully deleted: [Folder] C:\Users\Silverdrow\appdata\local\crashrpt





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.06.2015 at 23:41:52,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Und hier das neue FRST Log

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by *** (administrator) on ***-PC on 07-06-2015 23:49:05
Running from C:\Users\**\Desktop
Loaded Profiles: *** (Available Profiles: *** & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
(Waterfox) C:\Program Files\Waterfox\waterfox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [67752 2006-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-905352029-3248617649-53037531-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-905352029-3248617649-53037531-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-905352029-3248617649-53037531-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-11-07] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-905352029-3248617649-53037531-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-905352029-3248617649-53037531-1000 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.178.41/VDControl.CAB?2,0,0,89
DPF: HKLM-x32 {59A5A3CB-18D6-40A4-ABBC-60DBE7D98ED8} hxxp://192.168.178.37/web/DLinkNVS322.cab
DPF: HKLM-x32 {A606CAC8-4804-4E7F-A63A-2D85B416AB96} https://eu.mydlink.com/8D/activeX/NVSWebAll.cab
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default
FF NewTab: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-905352029-3248617649-53037531-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-905352029-3248617649-53037531-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2012-07-25] (Amazon.com, Inc.)
FF Extension: YouTube Unblocker - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\youtubeunblocker@unblocker.yt [2015-05-20]
FF Extension: ColorfulTabs - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-28]
FF Extension: {4d0c81e9-3feb-4bb1-a10d-5f862740153e} - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{4d0c81e9-3feb-4bb1-a10d-5f862740153e}.xpi [2015-03-17]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-21]
FF Extension: Tab Mix Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-01-24]
FF Extension: Adblock Edge - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
S2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-11] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-11] (BitRaider, LLC)
S2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
S2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-05-05] (Macrovision Europe Ltd.) [File not signed]
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-05-05] (Macrovision Europe Ltd.) [File not signed]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2013-01-27] ()
S4 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S4 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [245760 2013-11-21] (BUFFALO INC.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [63488 2010-03-11] (Nalpeiron Ltd.) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-05-02] ()
S2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-05-02] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe [68760 2008-12-07] (SiSoftware) [File not signed]
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WOTUpdater; C:\Users\***\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows (R) Codename Longhorn DDK provider)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-03] ()
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-01-12] (BitRaider)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [40960 2010-03-01] (Motorola, Inc.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S1 GLogin; No ImagePath
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [59648 2012-11-26] (Fuzhou Rockchip Electronics Co,Ltd.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-11-22] (RapidSolution Software AG)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-01] (Duplex Secure Ltd.)
S3 ssudnflt; C:\Windows\System32\DRIVERS\ssudnflt.sys [19520 2011-02-18] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-04-25] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-04-25] (Acronis International GmbH)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-04-25] (Acronis International GmbH)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-06-07] ()
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 lvpopf64; system32\DRIVERS\lvpopf64.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 LVUVC64; system32\DRIVERS\lvuvc64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 23:41 - 2015-06-07 23:41 - 00001679 _____ C:\Users\***\Desktop\JRT.txt
2015-06-07 23:40 - 2015-06-07 23:40 - 00000207 _____ C:\Windows\tweaking.com-regbackup-***-PC-Windows-7-Professional-(64-bit).dat
2015-06-07 23:40 - 2015-06-07 23:40 - 00000000 ____D C:\RegBackup
2015-06-07 23:38 - 2015-06-07 23:39 - 00001779 _____ C:\Users\***\Desktop\AdwCleaner[S2].txt
2015-06-07 23:33 - 2015-06-07 23:33 - 02231296 _____ C:\Users\***\Desktop\AdwCleaner_4.206.exe
2015-06-07 23:31 - 2015-06-07 23:32 - 00003410 _____ C:\Users\***\Desktop\malewarebyte.txt
2015-06-07 23:07 - 2015-06-07 23:07 - 00001058 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-07 23:07 - 2015-06-07 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-07 23:07 - 2015-06-07 23:07 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-07 23:07 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-07 23:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-07 23:06 - 2015-06-07 23:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\***\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-06 23:26 - 2015-06-07 09:02 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-06 23:26 - 2015-06-07 09:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-06 23:26 - 2015-06-07 09:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-06 23:09 - 2015-06-06 23:36 - 00034757 _____ C:\ComboFix.txt
2015-06-06 22:34 - 2015-06-06 23:10 - 00000000 ____D C:\ComboFix
2015-06-06 22:34 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-06 22:34 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-06 22:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-06 22:27 - 2015-06-07 23:40 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-06-06 21:26 - 2015-06-06 23:09 - 00000000 ____D C:\Qoobox
2015-06-06 21:26 - 2015-06-06 23:08 - 00000000 ____D C:\Windows\erdnt
2015-06-06 20:06 - 2015-06-06 20:06 - 05628238 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2015-06-05 21:50 - 2015-06-05 21:50 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\***\Desktop\tdsskiller.exe
2015-06-05 21:22 - 2015-06-07 23:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-05 21:21 - 2015-06-07 23:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 21:21 - 2015-06-06 07:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-05 21:21 - 2015-06-05 21:46 - 00000000 ____D C:\Users\***\Desktop\mbar
2015-06-05 21:21 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-05 21:20 - 2015-06-05 21:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\***\Desktop\mbar-1.09.1.1004.exe
2015-06-05 20:47 - 2015-06-05 20:47 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-06-05 20:30 - 2015-06-05 20:31 - 00048185 _____ C:\Users\***\Desktop\Log.zip
2015-06-05 19:40 - 2015-06-05 19:55 - 00013973 _____ C:\Users\***\Desktop\Gmer.txt
2015-06-05 19:01 - 2015-06-05 19:01 - 00380416 _____ C:\Users\***\Desktop\Gmer-19357.exe
2015-06-05 19:00 - 2015-06-05 19:54 - 00122814 _____ C:\Users\***\Desktop\Addition.txt
2015-06-05 18:59 - 2015-06-07 23:49 - 00026720 _____ C:\Users\***\Desktop\FRST.txt
2015-06-05 18:59 - 2015-06-07 23:49 - 00000000 ____D C:\FRST
2015-06-05 18:59 - 2015-06-05 18:59 - 02108928 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2015-06-05 18:56 - 2015-06-05 19:44 - 00000598 _____ C:\Users\***\Desktop\defogger_disable.log
2015-06-05 18:56 - 2015-06-05 18:56 - 00000020 _____ C:\Users\***\defogger_reenable
2015-06-05 18:55 - 2015-06-05 18:55 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2015-06-05 15:40 - 2015-06-05 15:40 - 00002038 _____ C:\Users\***\Desktop\reparatur.reg
2015-06-05 11:06 - 2015-06-05 11:06 - 06477032 _____ (Tim Kosse) C:\Users\***\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-04 00:50 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-04 00:50 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-04 00:50 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-04 00:50 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-04 00:50 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-04 00:50 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-04 00:50 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-04 00:50 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-04 00:50 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-04 00:50 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-04 00:50 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-04 00:50 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-04 00:50 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-04 00:50 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-04 00:50 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-04 00:50 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-04 00:50 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-04 00:50 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-04 00:50 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-04 00:50 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-04 00:50 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-04 00:50 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-04 00:49 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-04 00:47 - 2015-06-04 00:47 - 00000000 ____D C:\Users\***\AppData\Local\GWX
2015-06-03 16:33 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-03 15:39 - 2015-06-03 15:41 - 278338176 _____ (Cyanide ) C:\Users\***\Documents\AGOT-patch-1.6.0.0-ALL.exe
2015-06-03 14:50 - 2015-06-03 14:50 - 00000793 _____ C:\Users\Public\Desktop\Game of Thrones.lnk
2015-06-03 14:50 - 2015-06-03 14:50 - 00000386 _____ C:\Windows\DirectX.log
2015-06-03 14:50 - 2015-06-03 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyanide
2015-06-02 20:33 - 2015-06-02 20:33 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-02 20:33 - 2015-06-02 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-02 20:33 - 2015-06-02 20:33 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-02 20:33 - 2015-06-02 20:33 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-02 20:33 - 2015-06-02 20:33 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-06-02 20:33 - 2015-06-02 20:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-06-02 20:33 - 2015-06-02 20:33 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-02 20:33 - 2015-06-02 20:33 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-02 20:33 - 2015-06-02 20:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-06-02 20:33 - 2015-06-02 20:33 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-02 20:32 - 2015-06-02 20:35 - 00009929 _____ C:\Windows\IE11_main.log
2015-06-02 19:51 - 2015-06-02 19:54 - 00009353 _____ C:\Windows\IE10_main.log
2015-06-02 19:47 - 2015-06-02 19:48 - 20020197 _____ C:\Users\***\Downloads\Silverlight514.zip
2015-06-01 16:48 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 16:48 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 16:43 - 2015-06-01 16:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 16:43 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 16:43 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\Users\***\AppData\Local\Lavasoft
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-05-31 21:33 - 2015-05-31 21:33 - 00000000 ____D C:\Users\***\Documents\My Cheat Tables
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\Users\***\AppData\Roaming\Lavasoft
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\ProgramData\Lavasoft
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-05-30 17:23 - 2015-05-30 17:24 - 00007400 _____ C:\Windows\DPINST.LOG
2015-05-24 01:49 - 2015-05-24 01:49 - 00004565 _____ C:\Users\***\.recently-used.xbel
2015-05-23 10:33 - 2015-05-23 10:33 - 04076719 _____ C:\Users\***\Downloads\FileZilla_3.2.7.1_win32-setup [1].exe
2015-05-23 01:35 - 2015-05-23 01:35 - 00000303 _____ C:\Users\***\Desktop\u1-pc.txt
2015-05-22 19:24 - 2015-05-22 19:25 - 00000000 ____D C:\Program Files\FRITZ!Fernzugang
2015-05-22 19:24 - 2015-05-22 19:24 - 00000000 ____D C:\ProgramData\AVM
2015-05-22 19:16 - 2015-05-22 19:16 - 00000000 ____D C:\Users\***\AppData\Roaming\AVM
2015-05-22 19:14 - 2015-05-22 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2015-05-22 19:14 - 2015-05-22 19:16 - 00000000 ____D C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Users\***\AppData\Local\Vitalwerks
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-05-22 17:15 - 2015-05-22 17:15 - 00003140 _____ C:\Windows\System32\Tasks\{9CEE33A6-FFD6-4A87-9115-D02EB29008DA}
2015-05-22 08:41 - 2015-05-22 08:41 - 06448912 _____ (Tim Kosse) C:\Users\***\Downloads\FileZilla_3.11.0_win64-setup.exe
2015-05-20 15:04 - 2015-05-20 15:05 - 00000788 _____ C:\Users\Public\Desktop\Entropia Universe.lnk
2015-05-20 15:04 - 2015-05-20 15:05 - 00000000 ____D C:\Windows\Entropia Universe
2015-05-20 15:04 - 2015-05-20 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Entropia Universe
2015-05-20 15:04 - 2015-05-20 15:04 - 00000000 ____D C:\Users\***\Documents\Entropia Universe
2015-05-19 10:48 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-19 10:48 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-14 01:17 - 2015-05-14 01:17 - 00000000 ____D C:\Windows\PCHEALTH
2015-05-14 01:12 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:12 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:11 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 01:11 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 01:11 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 01:11 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 01:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 01:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 01:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 01:11 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 01:11 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-07 23:49 - 2015-02-25 09:31 - 01661248 _____ C:\Windows\WindowsUpdate.log
2015-06-07 23:48 - 2012-04-21 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 23:45 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 23:45 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 23:42 - 2009-07-14 19:58 - 00705356 _____ C:\Windows\system32\perfh007.dat
2015-06-07 23:42 - 2009-07-14 19:58 - 00151650 _____ C:\Windows\system32\perfc007.dat
2015-06-07 23:42 - 2009-07-14 07:13 - 01631230 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-07 23:40 - 2015-04-20 21:32 - 00570055 _____ C:\Windows\setupact.log
2015-06-07 23:40 - 2015-02-15 13:14 - 02942406 _____ (Thisisu) C:\Users\***\Desktop\JRT.exe
2015-06-07 23:40 - 2012-12-13 17:02 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-06-07 23:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-07 23:37 - 2015-04-20 21:32 - 00036634 _____ C:\Windows\PFRO.log
2015-06-07 23:37 - 2013-12-21 21:33 - 00000000 ____D C:\AdwCleaner
2015-06-07 23:23 - 2014-05-04 10:21 - 00000000 ____D C:\Users\***\AppData\Local\Battle.net
2015-06-07 16:51 - 2015-03-07 08:21 - 00000000 ____D C:\Users\***\Desktop\Tor Browser
2015-06-07 09:05 - 2010-05-30 21:21 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2015-06-07 09:02 - 2013-01-18 20:51 - 00002155 _____ C:\Windows\epplauncher.mif
2015-06-06 23:08 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-06 22:39 - 2009-07-14 04:34 - 64487424 _____ C:\Windows\system32\config\components.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 38797312 _____ C:\Windows\system32\config\system.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 102760448 _____ C:\Windows\system32\config\software.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 00069632 _____ C:\Windows\system32\config\sam.bak
2015-06-05 21:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\schemas
2015-06-05 21:09 - 2010-07-13 20:26 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2015-06-05 20:47 - 2010-07-13 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-06-05 20:22 - 2010-07-13 20:26 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-06-05 18:56 - 2010-03-17 02:11 - 00000000 ____D C:\Users\***
2015-06-04 20:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-04 01:49 - 2015-04-18 19:59 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-04 01:49 - 2014-04-25 22:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-04 01:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 21:26 - 2015-04-03 23:00 - 00000000 ____D C:\Users\***\AppData\Roaming\MediaMonkey
2015-06-03 16:34 - 2015-04-04 09:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-03 16:34 - 2015-04-04 09:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-03 15:34 - 2012-12-14 16:11 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2015-06-03 15:33 - 2015-01-21 14:41 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2015-06-02 21:32 - 2015-04-28 15:19 - 00001405 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-01 16:49 - 2012-03-25 10:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 16:49 - 2010-03-18 00:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-31 17:19 - 2010-06-01 00:05 - 00000000 ____D C:\Users\***\AppData\Roaming\XnView
2015-05-28 09:04 - 2015-05-05 23:19 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2015-02-13 22:50 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-12-24 16:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-02-02 00:02 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2014-04-25 20:24 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-04-25 20:24 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-04-25 20:24 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-24 01:50 - 2011-04-09 13:05 - 00000000 ____D C:\Users\***\.gimp-2.6
2015-05-24 01:49 - 2011-04-09 13:10 - 00000000 ____D C:\Users\***\AppData\Roaming\gtk-2.0
2015-05-23 20:59 - 2014-06-10 07:54 - 00000431 _____ C:\Users\***\Desktop\Passwörter BC-C-B.txt
2015-05-23 03:47 - 2015-05-05 23:21 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-22 16:12 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 09:26 - 2012-04-21 22:23 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 09:26 - 2012-04-21 22:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-21 09:26 - 2011-05-13 09:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-19 10:48 - 2010-03-18 00:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-16 20:48 - 2013-06-23 19:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 12:00 - 2015-01-19 16:41 - 00000000 ____D C:\Program Files\Waterfox
2015-05-14 08:25 - 2009-07-14 06:45 - 05010216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 01:20 - 2013-08-15 01:05 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 01:20 - 2010-05-30 15:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-14 01:17 - 2010-03-17 08:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Files in the root of some directories =======

2011-11-15 08:28 - 2005-12-09 04:52 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI
2012-08-23 16:27 - 2015-01-03 00:01 - 11685888 _____ () C:\Users\***\AppData\Roaming\Sandra.mdb
2010-11-10 23:06 - 2014-09-24 16:30 - 0010752 _____ () C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-05 23:57 - 2013-01-05 23:57 - 0027520 _____ () C:\Users\***\AppData\Local\dt.dat
2012-02-02 21:01 - 2012-02-02 21:01 - 0000098 _____ () C:\Users\***\AppData\Local\fusioncache.dat
2014-05-05 16:19 - 2015-02-24 13:36 - 0004286 _____ () C:\Users\***\AppData\Local\mbt-actwiz.log
2015-02-25 10:19 - 2015-02-25 10:19 - 0001401 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2011-07-03 15:13 - 2014-03-13 22:49 - 0007600 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2011-10-22 14:07 - 2011-10-22 14:07 - 0017408 _____ () C:\Users\***\AppData\Local\WebpageIcons.db
2015-01-14 11:31 - 2015-01-14 11:35 - 0000083 ___SH () C:\ProgramData\.zreglib
2010-05-30 16:11 - 2010-05-30 16:11 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2013-09-01 21:02 - 2013-09-01 21:02 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 14:01

==================== End of log ============================

schrauber · 08.06.2015, 16:09

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Silverdrow · 09.06.2015, 14:55

Hier Eset und Checkup Log, es scheint soweit gut zu funktionieren. Ich muss das nochmal testen.
.... leider ist es immer noch so, das ich eine Fehlermeldung bei Updates erhalte.

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4654bcc54c099942a9b3265072439a95
# end=init
# utc_time=2015-06-09 07:29:42
# local_time=2015-06-09 09:29:42 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24239
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4654bcc54c099942a9b3265072439a95
# end=updated
# utc_time=2015-06-09 07:31:15
# local_time=2015-06-09 09:31:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4654bcc54c099942a9b3265072439a95
# engine=24239
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-09 01:04:14
# local_time=2015-06-09 03:04:14 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 194492 56842648 0 0
# scanned=1280592
# found=24
# cleaned=0
# scan_time=19978
sh=BB1A5AE5206E9995C35E517ECBA291C30CE4F7B7 ft=1 fh=34cca54ca63a6441 vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoombckbcnabpaghmokhaapnbngahck\10.23.0.822_0\nativeMessaging\TBMessagingHost.exe.vir"
sh=2C3FC85B96BA1D3BB669427725B5ABFD574611EE ft=1 fh=cb77d8395ec26427 vn="Variante von Win32/Toolbar.Conduit.AM evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoombckbcnabpaghmokhaapnbngahck\10.23.0.822_0\plugins\TBVerifier.dll.vir"
sh=B1C5D9DC9A6493C66CD50B3767157CCFC4B4985E ft=1 fh=da713123607f778d vn="Variante von Win32/Toolbar.Conduit.AA evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\***\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocoombckbcnabpaghmokhaapnbngahck\10.23.0.822_0\TBHostSupport\TBHostSupport.dll.vir"
sh=6FAE8BEE5D0424AB8162D2C76BC1ACCE7B844E9F ft=0 fh=0000000000000000 vn="Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip"
sh=CE4D1CDCC2E746CC51D818C20CA2274B402008BD ft=0 fh=0000000000000000 vn="Variante von Win32/ExpressDownloader.L evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip"
sh=1600F1DFD93DB2015CD45CD0783AA9F45CE2A7FA ft=0 fh=0000000000000000 vn="MSIL/Solvusoft.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip"
sh=3D62654FFDD4D2450664674767E65EF13A1C14D7 ft=0 fh=0000000000000000 vn="Variante von Win32/OutBrowse.BA evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip"
sh=98F0F52C716E757DA50AA6D00C063B2A985AAAC1 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip"
sh=843FE4E2710EFCDC8F9BF98108936C7B2EED296D ft=0 fh=0000000000000000 vn="Win32/SmartFileAdvisor.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip"
sh=1C8B7DB5B68AB3FFF3E76462C86D06EDD4D72A93 ft=0 fh=0000000000000000 vn="Win32/Systweak.O evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\ProgramData\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip"
sh=6FAE8BEE5D0424AB8162D2C76BC1ACCE7B844E9F ft=0 fh=0000000000000000 vn="Win32/InstalleRex.T evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip"
sh=CE4D1CDCC2E746CC51D818C20CA2274B402008BD ft=0 fh=0000000000000000 vn="Variante von Win32/ExpressDownloader.L evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip"
sh=1600F1DFD93DB2015CD45CD0783AA9F45CE2A7FA ft=0 fh=0000000000000000 vn="MSIL/Solvusoft.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip"
sh=3D62654FFDD4D2450664674767E65EF13A1C14D7 ft=0 fh=0000000000000000 vn="Variante von Win32/OutBrowse.BA evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip"
sh=98F0F52C716E757DA50AA6D00C063B2A985AAAC1 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip"
sh=843FE4E2710EFCDC8F9BF98108936C7B2EED296D ft=0 fh=0000000000000000 vn="Win32/SmartFileAdvisor.A evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip"
sh=1C8B7DB5B68AB3FFF3E76462C86D06EDD4D72A93 ft=0 fh=0000000000000000 vn="Win32/Systweak.O evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip"
sh=35C96F72A5D6A44FCE7CE68DF1BCAF7B48350091 ft=1 fh=a22e4ae349e54c97 vn="Variante von Win32/Speedchecker.B evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\***\Documents\PCSU_Update.exe"
sh=26E0B32F75A3FBFF7C1CC760928167177075804E ft=1 fh=92ec1bccd5a298f1 vn="Variante von Win32/InstallCore.ZD evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Download\FileZilla_3.2.7.1_win32-setup.exe"
sh=1E202237A92E4464FF6E49C8C367611E6C6AC9FA ft=1 fh=ea5d993e66fee90d vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Download\Fritz Fernzugang VPN - CHIP-Installer.exe"
sh=988340A4DA8782777C4ABBDF0EBB26CA957E2A71 ft=1 fh=6ad587602d012675 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="E:\Download\Microsoft Silverlight - CHIP-Installer.exe"
sh=31CC12F6FF4675CBAA60A21593FF078E00CEC436 ft=1 fh=0d42167ee8937879 vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="G:\AionEU\bin32\crysystem.dll"
sh=0F50DF4D9A2FDFFE277085DDC84360DFF5C8F40F ft=1 fh=73ff519cda78431a vn="Variante von Win32/Packed.Themida verdÃ¤chtige Datei" ac=I fn="G:\AionEU\bin32\game.dll"
sh=07992FFF2764B33841173F13B6370B8D640425A4 ft=1 fh=60c8468ea5670920 vn="Variante von Win32/DownloadSponsor.C evtl. unerwÃ¼nschte Anwendung" ac=I fn="H:\FritzBox Fernzugang einrichten - CHIP-Installer.exe"

---
 Results of screen317's Security Check version 1.002  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Microsoft Security Essentials   
 Antivirus up to date!  
`````````Anti-malware/Other Utilities Check:````````` 
 Ad-Aware 
 Java 8 Update 45  
 Adobe Flash Player 17.0.0.188  
 Adobe Reader XI  
````````Process Check: objlist.exe by Laurent````````  
 Microsoft Security Essentials MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Ad-Aware AAWService.exe is disabled! 
 Ad-Aware AAWTray.exe is disabled! 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

Und hier das neue FRST

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by *** (administrator) on ***-PC on 09-06-2015 15:26:17
Running from C:\Users\***\Desktop
Loaded Profiles: *** (Available Profiles: *** & Administrator)
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser path: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\avmike.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\certsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(AVM Berlin) C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Lavasoft) C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\BrccMCtl.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Waterfox) C:\Program Files\Waterfox\waterfox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-41 (the data entry has 36 more characters).
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-02-13] (Apple Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [LifeCam] => C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [135536 2010-12-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe Photo Downloader] => C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe [67752 2006-12-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843744 2014-02-04] (Acronis)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-12-21] (Adobe Systems Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-905352029-3248617649-53037531-1000\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe [1376016 2015-05-25] (Lavasoft)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2013-10-01] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-905352029-3248617649-53037531-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-905352029-3248617649-53037531-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-905352029-3248617649-53037531-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKLM-x32 - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_45\bin\ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-19] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2014-11-07] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-905352029-3248617649-53037531-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2013-12-20] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-905352029-3248617649-53037531-1000 -> No Name - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -  No File
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
DPF: HKLM-x32 {2D20E99C-1FD7-48EC-9FDF-CF3555B273D4} hxxp://192.168.178.41/VDControl.CAB?2,0,0,89
DPF: HKLM-x32 {59A5A3CB-18D6-40A4-ABBC-60DBE7D98ED8} hxxp://192.168.178.37/web/DLinkNVS322.cab
DPF: HKLM-x32 {A606CAC8-4804-4E7F-A63A-2D85B416AB96} https://eu.mydlink.com/8D/activeX/NVSWebAll.cab
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2014-11-27] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default
FF NewTab: google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-21] ()
FF Plugin: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-21] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @Citrix.com/npican -> C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll [2014-11-27] (Citrix Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-28] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2013-12-21] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin HKU\S-1-5-21-905352029-3248617649-53037531-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\***\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2013-11-25] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-905352029-3248617649-53037531-1000: amazon.com/AmazonMP3DownloaderPlugin -> C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll [2012-07-25] (Amazon.com, Inc.)
FF Extension: YouTube Unblocker - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\youtubeunblocker@unblocker.yt [2015-05-20]
FF Extension: ColorfulTabs - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{0545b830-f0aa-4d7e-8820-50a4629a56fe} [2015-05-28]
FF Extension: {4d0c81e9-3feb-4bb1-a10d-5f862740153e} - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{4d0c81e9-3feb-4bb1-a10d-5f862740153e}.xpi [2015-03-17]
FF Extension: Adblock Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-21]
FF Extension: Tab Mix Plus - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-01-24]
FF Extension: Adblock Edge - C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\ukoviu2a.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2015-05-16]
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [ccahoghmggldkcdjiebjkidpfongdfbl] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeActiveFileMonitor5.0; C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe [108712 2006-12-22] ()
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-20] (Apple Inc.)
R2 avmike; C:\Program Files\FRITZ!Fernzugang\avmike.exe [337824 2012-11-28] (AVM Berlin)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-01-11] (BitRaider, LLC)
S3 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2014-01-11] (BitRaider, LLC)
R2 certsrv; C:\Program Files\FRITZ!Fernzugang\certsrv.exe [143776 2012-11-28] (AVM Berlin)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S4 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S4 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2014-05-05] (Macrovision Europe Ltd.) [File not signed]
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2014-05-05] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [133632 2012-02-09] ()
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.2\LavasoftTcpService.exe [2751816 2015-05-25] (Lavasoft Limited)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S4 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [246112 2013-01-27] ()
S4 Modem Device Helper; C:\Program Files (x86)\T-Mobile\InternetManager_A\BackgroundService\ServiceManager.exe [51576 2013-01-11] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S4 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [245760 2013-11-21] (BUFFALO INC.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [50688 2011-04-13] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [63488 2010-03-11] (Nalpeiron Ltd.) [File not signed]
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
R2 nwtsrv; C:\Program Files\FRITZ!Fernzugang\nwtsrv.exe [191328 2013-06-10] (AVM Berlin)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [66048 2011-04-13] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2015-05-02] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [107832 2015-05-02] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP5a\RpcAgentSrv.exe [68760 2008-12-07] (SiSoftware) [File not signed]
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [19816 2015-05-25] ()
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5429520 2015-01-30] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S4 WOTUpdater; C:\Users\***\AppData\LocalLow\WOT\IE\WOTUpdater.exe [18432 2012-01-12] () [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AlcatelOTDCWwan; C:\Windows\System32\DRIVERS\AlcatelOTDCWwan.sys [159744 2013-01-11] (TCT International Mobile Ltd.)
S3 ALCATELUSB; C:\Windows\System32\Drivers\AlcatelUsb.sys [25088 2013-01-11] (Windows (R) Codename Longhorn DDK provider)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2014-12-23] (SlySoft, Inc.)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R3 AsrVDrive; C:\Windows\System32\DRIVERS\AsrVDrive.sys [23048 2011-01-26] (ASRock Inc.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-01-03] ()
S3 BRDriver64; C:\ProgramData\BitRaider\BRDriver64.sys [75048 2014-01-12] (BitRaider)
S3 btmaudio; C:\Windows\System32\drivers\btmaud.sys [40960 2010-03-01] (Motorola, Inc.)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () [File not signed]
S1 GLogin; No ImagePath
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [44992 2012-02-09] ()
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [123776 2013-01-11] (TCT International Mobile Ltd.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-01-03] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2013-03-04] (CACE Technologies)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
R3 NWIM; C:\Windows\System32\DRIVERS\avmnwim.sys [412024 2011-07-05] (AVM Berlin)
S3 Rockusb; C:\Windows\System32\DRIVERS\rockusb.sys [59648 2012-11-26] (Fuzhou Rockchip Electronics Co,Ltd.)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2011-11-22] (RapidSolution Software AG)
S3 rsvcdwdr; C:\Windows\System32\DRIVERS\rsvcdwdr.sys [45160 2011-11-22] (RapidSolution Software AG)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-05-01] (Duplex Secure Ltd.)
S3 ssudnflt; C:\Windows\System32\DRIVERS\ssudnflt.sys [19520 2011-02-18] (DEVGURU Co., LTD.(www.devguru.co.kr))
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-04-25] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2014-04-25] (Acronis International GmbH)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
R0 vidsflt; C:\Windows\System32\DRIVERS\vidsflt.sys [117024 2014-04-25] (Acronis International GmbH)
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2012-04-15] (Windows (R) Win 7 DDK provider)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2015-06-09] ()
S3 AsrCDDrv; \??\C:\Windows\SysWOW64\Drivers\AsrCDDrv.sys [X]
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 ewusbmbb; system32\DRIVERS\ewusbwwan.sys [X]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [X]
S3 huawei_cdcacm; system32\DRIVERS\ew_jucdcacm.sys [X]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [X]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [X]
S3 lvpopf64; system32\DRIVERS\lvpopf64.sys [X]
S3 LVPr2M64; system32\DRIVERS\LVPr2M64.sys [X]
S3 LVUVC64; system32\DRIVERS\lvuvc64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 15:25 - 2015-06-09 15:25 - 00000883 _____ C:\Users\***\Desktop\checkup.txt
2015-06-09 15:14 - 2015-06-09 15:14 - 00852639 _____ C:\Users\***\Desktop\SecurityCheck.exe
2015-06-09 09:27 - 2015-06-09 09:27 - 02870984 _____ (ESET) C:\Users\***\Desktop\esetsmartinstaller_deu.exe
2015-06-08 00:24 - 2015-06-08 00:24 - 00004125 _____ C:\Users\***\AppData\Local\recently-used.xbel
2015-06-07 23:41 - 2015-06-07 23:41 - 00001679 _____ C:\Users\***\Desktop\JRT.txt
2015-06-07 23:40 - 2015-06-07 23:40 - 00000207 _____ C:\Windows\tweaking.com-regbackup-***-PC-Windows-7-Professional-(64-bit).dat
2015-06-07 23:40 - 2015-06-07 23:40 - 00000000 ____D C:\RegBackup
2015-06-07 23:38 - 2015-06-07 23:39 - 00001779 _____ C:\Users\***\Desktop\AdwCleaner[S2].txt
2015-06-07 23:33 - 2015-06-07 23:33 - 02231296 _____ C:\Users\***\Desktop\AdwCleaner_4.206.exe
2015-06-07 23:31 - 2015-06-07 23:32 - 00003410 _____ C:\Users\***\Desktop\malewarebyte.txt
2015-06-07 23:07 - 2015-06-07 23:07 - 00001058 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-06-07 23:07 - 2015-06-07 23:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-06-07 23:07 - 2015-06-07 23:07 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-06-07 23:07 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-07 23:07 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-07 23:06 - 2015-06-07 23:07 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\***\Desktop\mbam-setup-2.1.6.1022.exe
2015-06-06 23:26 - 2015-06-07 09:02 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-06 23:26 - 2015-06-07 09:02 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-06 23:26 - 2015-06-07 09:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-06 23:09 - 2015-06-06 23:36 - 00034757 _____ C:\ComboFix.txt
2015-06-06 22:34 - 2015-06-06 23:10 - 00000000 ____D C:\ComboFix
2015-06-06 22:34 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-06 22:34 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-06 22:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-06 22:34 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-06 22:27 - 2015-06-09 08:38 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2015-06-06 21:26 - 2015-06-06 23:09 - 00000000 ____D C:\Qoobox
2015-06-06 21:26 - 2015-06-06 23:08 - 00000000 ____D C:\Windows\erdnt
2015-06-06 20:06 - 2015-06-06 20:06 - 05628238 ____R (Swearware) C:\Users\***\Desktop\ComboFix.exe
2015-06-05 21:50 - 2015-06-05 21:50 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\***\Desktop\tdsskiller.exe
2015-06-05 21:22 - 2015-06-07 23:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-05 21:21 - 2015-06-07 23:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-05 21:21 - 2015-06-06 07:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-05 21:21 - 2015-06-05 21:46 - 00000000 ____D C:\Users\***\Desktop\mbar
2015-06-05 21:21 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-05 21:20 - 2015-06-05 21:21 - 16502728 _____ (Malwarebytes Corp.) C:\Users\***\Desktop\mbar-1.09.1.1004.exe
2015-06-05 20:47 - 2015-06-05 20:47 - 00000000 ____D C:\Program Files\FileZilla FTP Client
2015-06-05 20:30 - 2015-06-05 20:31 - 00048185 _____ C:\Users\***\Desktop\Log.zip
2015-06-05 19:40 - 2015-06-05 19:55 - 00013973 _____ C:\Users\***\Desktop\Gmer.txt
2015-06-05 19:01 - 2015-06-05 19:01 - 00380416 _____ C:\Users\***\Desktop\Gmer-19357.exe
2015-06-05 19:00 - 2015-06-05 19:54 - 00122814 _____ C:\Users\***\Desktop\Addition.txt
2015-06-05 18:59 - 2015-06-09 15:26 - 00029211 _____ C:\Users\***\Desktop\FRST.txt
2015-06-05 18:59 - 2015-06-09 15:26 - 00000000 ____D C:\FRST
2015-06-05 18:59 - 2015-06-05 18:59 - 02108928 _____ (Farbar) C:\Users\***\Desktop\FRST64.exe
2015-06-05 18:56 - 2015-06-05 19:44 - 00000598 _____ C:\Users\***\Desktop\defogger_disable.log
2015-06-05 18:56 - 2015-06-05 18:56 - 00000020 _____ C:\Users\***\defogger_reenable
2015-06-05 18:55 - 2015-06-05 18:55 - 00050477 _____ C:\Users\***\Desktop\Defogger.exe
2015-06-05 15:40 - 2015-06-05 15:40 - 00002038 _____ C:\Users\***\Desktop\reparatur.reg
2015-06-05 11:06 - 2015-06-05 11:06 - 06477032 _____ (Tim Kosse) C:\Users\***\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-04 00:50 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-04 00:50 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-04 00:50 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-04 00:50 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-04 00:50 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-04 00:50 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-04 00:50 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-04 00:50 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-04 00:50 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-04 00:50 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-04 00:50 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-04 00:50 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-04 00:50 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-04 00:50 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-04 00:50 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-04 00:50 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-04 00:50 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-04 00:50 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-04 00:50 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-04 00:50 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-04 00:50 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-04 00:50 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-04 00:50 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-04 00:50 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-04 00:50 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-04 00:50 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-04 00:50 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-04 00:50 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-04 00:50 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-04 00:50 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-04 00:50 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-04 00:50 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-04 00:49 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-04 00:47 - 2015-06-04 00:47 - 00000000 ____D C:\Users\***\AppData\Local\GWX
2015-06-03 16:33 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-03 15:39 - 2015-06-03 15:41 - 278338176 _____ (Cyanide ) C:\Users\***\Documents\AGOT-patch-1.6.0.0-ALL.exe
2015-06-03 14:50 - 2015-06-03 14:50 - 00000793 _____ C:\Users\Public\Desktop\Game of Thrones.lnk
2015-06-03 14:50 - 2015-06-03 14:50 - 00000386 _____ C:\Windows\DirectX.log
2015-06-03 14:50 - 2015-06-03 14:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cyanide
2015-06-02 20:33 - 2015-06-02 20:33 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-02 20:33 - 2015-06-02 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-02 20:33 - 2015-06-02 20:33 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-02 20:33 - 2015-06-02 20:33 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-02 20:33 - 2015-06-02 20:33 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2015-06-02 20:33 - 2015-06-02 20:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2015-06-02 20:33 - 2015-06-02 20:33 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-02 20:33 - 2015-06-02 20:33 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-02 20:33 - 2015-06-02 20:33 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-06-02 20:33 - 2015-06-02 20:33 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2015-06-02 20:33 - 2015-06-02 20:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-06-02 20:33 - 2015-06-02 20:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-02 20:32 - 2015-06-02 20:35 - 00009929 _____ C:\Windows\IE11_main.log
2015-06-02 19:51 - 2015-06-02 19:54 - 00009353 _____ C:\Windows\IE10_main.log
2015-06-02 19:47 - 2015-06-02 19:48 - 20020197 _____ C:\Users\***\Downloads\Silverlight514.zip
2015-06-01 16:48 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-01 16:48 - 2015-05-28 09:04 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-01 16:48 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-01 16:43 - 2015-06-01 16:43 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-01 16:43 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-01 16:43 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\Users\***\AppData\Local\Lavasoft
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-05-31 21:34 - 2015-05-31 21:34 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2015-05-31 21:33 - 2015-05-31 21:33 - 00000000 ____D C:\Users\***\Documents\My Cheat Tables
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\Users\***\AppData\Roaming\Lavasoft
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\ProgramData\Lavasoft
2015-05-31 21:32 - 2015-05-31 21:32 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.4
2015-05-30 17:23 - 2015-05-30 17:24 - 00007400 _____ C:\Windows\DPINST.LOG
2015-05-23 10:33 - 2015-05-23 10:33 - 04076719 _____ C:\Users\***\Downloads\FileZilla_3.2.7.1_win32-setup [1].exe
2015-05-23 01:35 - 2015-05-23 01:35 - 00000303 _____ C:\Users\***\Desktop\u1-pc.txt
2015-05-22 19:24 - 2015-05-22 19:25 - 00000000 ____D C:\Program Files\FRITZ!Fernzugang
2015-05-22 19:24 - 2015-05-22 19:24 - 00000000 ____D C:\ProgramData\AVM
2015-05-22 19:16 - 2015-05-22 19:16 - 00000000 ____D C:\Users\***\AppData\Roaming\AVM
2015-05-22 19:14 - 2015-05-22 19:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Fernzugang
2015-05-22 19:14 - 2015-05-22 19:16 - 00000000 ____D C:\Program Files (x86)\FRITZ!Fernzugang einrichten
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\No-IP DUC
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Users\***\AppData\Local\Vitalwerks
2015-05-22 19:01 - 2015-05-22 19:01 - 00000000 ____D C:\Program Files (x86)\No-IP
2015-05-22 17:15 - 2015-05-22 17:15 - 00003140 _____ C:\Windows\System32\Tasks\{9CEE33A6-FFD6-4A87-9115-D02EB29008DA}
2015-05-22 08:41 - 2015-05-22 08:41 - 06448912 _____ (Tim Kosse) C:\Users\***\Downloads\FileZilla_3.11.0_win64-setup.exe
2015-05-20 15:04 - 2015-05-20 15:05 - 00000788 _____ C:\Users\Public\Desktop\Entropia Universe.lnk
2015-05-20 15:04 - 2015-05-20 15:05 - 00000000 ____D C:\Windows\Entropia Universe
2015-05-20 15:04 - 2015-05-20 15:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Entropia Universe
2015-05-20 15:04 - 2015-05-20 15:04 - 00000000 ____D C:\Users\***\Documents\Entropia Universe
2015-05-19 10:48 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-19 10:48 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-14 01:17 - 2015-05-14 01:17 - 00000000 ____D C:\Windows\PCHEALTH
2015-05-14 01:12 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:12 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:11 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-14 01:11 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-14 01:11 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-14 01:11 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-14 01:11 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-14 01:11 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-14 01:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-14 01:11 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-14 01:11 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 14:48 - 2012-04-21 22:23 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-09 09:28 - 2014-05-04 10:21 - 00000000 ____D C:\Users\***\AppData\Local\Battle.net
2015-06-09 09:10 - 2015-04-20 21:32 - 00600015 _____ C:\Windows\setupact.log
2015-06-09 08:53 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-09 08:53 - 2009-07-14 06:45 - 00015040 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-09 08:49 - 2015-02-25 09:31 - 01733260 _____ C:\Windows\WindowsUpdate.log
2015-06-09 08:48 - 2010-05-30 21:21 - 00000000 ____D C:\Users\***\AppData\Local\Adobe
2015-06-09 08:47 - 2015-01-21 14:41 - 00000000 ____D C:\Users\***\AppData\Roaming\vlc
2015-06-09 08:47 - 2012-12-14 16:11 - 00000000 ____D C:\Users\***\AppData\Local\CrashDumps
2015-06-09 08:44 - 2009-07-14 19:58 - 00705356 _____ C:\Windows\system32\perfh007.dat
2015-06-09 08:44 - 2009-07-14 19:58 - 00151650 _____ C:\Windows\system32\perfc007.dat
2015-06-09 08:44 - 2009-07-14 07:13 - 01631230 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 08:38 - 2015-04-20 21:32 - 00037728 _____ C:\Windows\PFRO.log
2015-06-09 08:38 - 2012-12-13 17:02 - 00034752 _____ C:\Windows\system32\Drivers\WPRO_41_2001.sys
2015-06-09 08:38 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-08 22:53 - 2015-04-03 23:00 - 00000000 ____D C:\Users\***\AppData\Roaming\MediaMonkey
2015-06-07 23:52 - 2010-03-17 02:11 - 00000000 ____D C:\Users\***
2015-06-07 23:40 - 2015-02-15 13:14 - 02942406 _____ (Thisisu) C:\Users\***\Desktop\JRT.exe
2015-06-07 23:37 - 2013-12-21 21:33 - 00000000 ____D C:\AdwCleaner
2015-06-07 16:51 - 2015-03-07 08:21 - 00000000 ____D C:\Users\***\Desktop\Tor Browser
2015-06-07 09:02 - 2013-01-18 20:51 - 00002155 _____ C:\Windows\epplauncher.mif
2015-06-06 23:08 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-06 22:39 - 2009-07-14 04:34 - 64487424 _____ C:\Windows\system32\config\components.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 38797312 _____ C:\Windows\system32\config\system.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 102760448 _____ C:\Windows\system32\config\software.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\default.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\security.bak
2015-06-06 22:39 - 2009-07-14 04:34 - 00069632 _____ C:\Windows\system32\config\sam.bak
2015-06-05 21:46 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\schemas
2015-06-05 21:09 - 2010-07-13 20:26 - 00000000 ____D C:\Users\***\AppData\Roaming\FileZilla
2015-06-05 20:47 - 2010-07-13 20:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-06-05 20:22 - 2010-07-13 20:26 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-06-04 20:19 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-04 01:49 - 2015-04-18 19:59 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-04 01:49 - 2014-04-25 22:41 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-04 01:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 16:34 - 2015-04-04 09:35 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-06-03 16:34 - 2015-04-04 09:35 - 00000000 ___SD C:\Windows\system32\GWX
2015-06-02 21:32 - 2015-04-28 15:19 - 00001405 _____ C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-01 16:49 - 2012-03-25 10:10 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-01 16:49 - 2010-03-18 00:29 - 00000000 ____D C:\ProgramData\NVIDIA
2015-05-31 17:19 - 2010-06-01 00:05 - 00000000 ____D C:\Users\***\AppData\Roaming\XnView
2015-05-28 09:04 - 2015-05-05 23:19 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2015-02-13 22:50 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2014-12-24 16:04 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-02-02 00:02 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 06:15 - 2014-04-25 20:24 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2014-04-25 20:24 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2014-04-25 20:24 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2014-04-25 20:24 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-24 01:50 - 2011-04-09 13:05 - 00000000 ____D C:\Users\***\.gimp-2.6
2015-05-24 01:49 - 2011-04-09 13:10 - 00000000 ____D C:\Users\***\AppData\Roaming\gtk-2.0
2015-05-23 20:59 - 2014-06-10 07:54 - 00000431 _____ C:\Users\***\Desktop\Passwörter BC-C-B.txt
2015-05-23 03:47 - 2015-05-05 23:21 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-05-05 23:21 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-22 16:12 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 09:26 - 2012-04-21 22:23 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-21 09:26 - 2012-04-21 22:23 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-21 09:26 - 2011-05-13 09:25 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-19 10:48 - 2010-03-18 00:29 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-16 20:48 - 2013-06-23 19:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 12:00 - 2015-01-19 16:41 - 00000000 ____D C:\Program Files\Waterfox
2015-05-14 08:25 - 2009-07-14 06:45 - 05010216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 01:20 - 2013-08-15 01:05 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 01:20 - 2010-05-30 15:00 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-14 01:17 - 2010-03-17 08:32 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 01:12 - 2013-03-14 01:13 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

==================== Files in the root of some directories =======

2011-11-15 08:28 - 2005-12-09 04:52 - 0000060 ____R () C:\Program Files (x86)\BRINST.INI
2012-08-23 16:27 - 2015-01-03 00:01 - 11685888 _____ () C:\Users\***\AppData\Roaming\Sandra.mdb
2010-11-10 23:06 - 2014-09-24 16:30 - 0010752 _____ () C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-01-05 23:57 - 2013-01-05 23:57 - 0027520 _____ () C:\Users\***\AppData\Local\dt.dat
2012-02-02 21:01 - 2012-02-02 21:01 - 0000098 _____ () C:\Users\***\AppData\Local\fusioncache.dat
2014-05-05 16:19 - 2015-02-24 13:36 - 0004286 _____ () C:\Users\***\AppData\Local\mbt-actwiz.log
2015-06-08 00:24 - 2015-06-08 00:24 - 0004125 _____ () C:\Users\***\AppData\Local\recently-used.xbel
2011-07-03 15:13 - 2014-03-13 22:49 - 0007600 _____ () C:\Users\***\AppData\Local\Resmon.ResmonCfg
2011-10-22 14:07 - 2011-10-22 14:07 - 0017408 _____ () C:\Users\***\AppData\Local\WebpageIcons.db
2015-01-14 11:31 - 2015-01-14 11:35 - 0000083 ___SH () C:\ProgramData\.zreglib
2010-05-30 16:11 - 2010-05-30 16:11 - 0000048 ____H () C:\ProgramData\ezsidmv.dat
2013-09-01 21:02 - 2013-09-01 21:02 - 0000089 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

Some files in TEMP:
====================
C:\Users\***\AppData\Local\Temp\Quarantine.exe
C:\Users\***\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 14:01

==================== End of log ============================

schrauber · 10.06.2015, 11:22

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

C:\ProgramData\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip

C:\Users\***\Documents\PCSU_Update.exe

E:\Download\FileZilla_3.2.7.1_win32-setup.exe

E:\Download\Fritz Fernzugang VPN - CHIP-Installer.exe

E:\Download\Microsoft Silverlight - CHIP-Installer.exe

G:\AionEU\bin32\crysystem.dll

G:\AionEU\bin32\game.dll

H:\FritzBox Fernzugang einrichten - CHIP-Installer.exe
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Zeig mal bitte ne aktuelle Fehlermeldung per Screenshot wenn Du updaten willst.

Silverdrow · 10.06.2015, 12:38

Also ich habe zwischenzeitlich mal meinen downloadordner wieder aufgeräumt.
Hier die Meldung

und hier der Fixlog

Code:

ATTFilter

Fix result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by *** at 2015-06-10 13:25:26 Run:1
Running from C:\Users\***\Desktop
Loaded Profiles: *** (Available Profiles: *** & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
C:\ProgramData\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip

C:\ProgramData\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip

C:\Users\All Users\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip

C:\Users\***\Documents\PCSU_Update.exe

E:\Download\FileZilla_3.2.7.1_win32-setup.exe

E:\Download\Fritz Fernzugang VPN - CHIP-Installer.exe

E:\Download\Microsoft Silverlight - CHIP-Installer.exe

G:\AionEU\bin32\crysystem.dll

G:\AionEU\bin32\game.dll

H:\FritzBox Fernzugang einrichten - CHIP-Installer.exe
Emptytemp:
*****************

C:\ProgramData\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip => moved successfully.
C:\ProgramData\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip => moved successfully.
C:\ProgramData\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip => moved successfully.
C:\ProgramData\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip => moved successfully.
C:\ProgramData\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip => moved successfully.
C:\ProgramData\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip => moved successfully.
C:\ProgramData\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip => moved successfully.
"C:\Users\All Users\Martau\Total Uninstall 5\Backup\OptimizerPro.Analyzed.zip" => File/Folder not found.
"C:\Users\All Users\Martau\Total Uninstall 5\Backup\YourFileDownloader.Analyzed.zip" => File/Folder not found.
"C:\Users\All Users\Martau\Total Uninstall 6\Backup\FileViewPro.Analyzed.zip" => File/Folder not found.
"C:\Users\All Users\Martau\Total Uninstall 6\Backup\no Name.Analyzed.zip" => File/Folder not found.
"C:\Users\All Users\Martau\Total Uninstall 6\Backup\Panda Security Toolbar.Analyzed.zip" => File/Folder not found.
"C:\Users\All Users\Martau\Total Uninstall 6\Backup\Smart File Advisor 1.2.0.Analyzed.zip" => File/Folder not found.
"C:\Users\All Users\Martau\Total Uninstall 6\Backup\WinThruster.Analyzed.zip" => File/Folder not found.
"C:\Users\***\Documents\PCSU_Update.exe" => File/Folder not found.
"E:\Download\FileZilla_3.2.7.1_win32-setup.exe" => File/Folder not found.
"E:\Download\Fritz Fernzugang VPN - CHIP-Installer.exe" => File/Folder not found.
"E:\Download\Microsoft Silverlight - CHIP-Installer.exe" => File/Folder not found.
G:\AionEU\bin32\crysystem.dll => moved successfully.
G:\AionEU\bin32\game.dll => moved successfully.
H:\FritzBox Fernzugang einrichten - CHIP-Installer.exe => moved successfully.
EmptyTemp: => 772 MB temporary data Removed.


The system needed a reboot.. 

==== End of Fixlog 13:26:03 ====

schrauber · 11.06.2015, 06:34

Screenshot vom Updateversuch?

11.06.2015, 06:34	#15
schrauber /// the machine /// TB-Ausbilder	Win 7: Updates von Anwenderprogrammen nicht möglich Screenshot vom Updateversuch? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Win 7: Updates von Anwenderprogrammen nicht möglich

Log-Analyse und Auswertung: Win 7: Updates von Anwenderprogrammen nicht möglich