Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Alle Fenster minimieren sich automatisch (https://www.trojaner-board.de/167641-alle-fenster-minimieren-automatisch.html)

killi199 06.06.2015 12:18
Alle Fenster minimieren sich automatisch
 
Hallo,

egal was ich mache ob nun im Browser oder in spielen, alle Programme minimieren sich nach einer gewissen zeit von selber ich muss dann jedesmal dieses Programm wieder anklicken damit es geöffnet ist.

FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by killi199 (administrator) on KILLI199-PC on 06-06-2015 10:43:36
Running from C:\Users\killi199\Downloads
Loaded Profiles: killi199 (Available Profiles: killi199)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\killi199\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(Dropbox, Inc.) C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ranorex GmbH) E:\Programme\RANOREX\Bin\Ranorex.Plugin.ChromeMsgHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\plugin-nm-server.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
() C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-RunApp.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-RunApp.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-01-17] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1684360 2015-05-26] (APN)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1384608 2012-07-12] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
HKLM\Software\Policies\Microsoft\Windows NT\SystemRestore: [DisableSR/DisableConfig]  <===== ATTENTION
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Google Update] => C:\Users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-01] (Google Inc.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Spotify Web Helper] => C:\Users\killi199\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-01] (Spotify Ltd)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-02-24] (Samsung)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Desura] => D:\Games\Erie\Desura\desura.exe -autostart
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [GoogleChromeAutoLaunch_C1592978CA7CAB0FA856FE53FD022B07] => C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe [6120544 2014-11-14] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Spotify] => C:\Users\killi199\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-01] (Spotify Ltd)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\system: [DisableClock] 0
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MountPoints2: {18b8388f-70ae-11e4-ac44-c86000def8d8} - V:\autorun.exe
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MountPoints2: {41df50c0-db9d-11e4-9cf1-c86000def8d8} - V:\start.exe
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MountPoints2: {42bfbbb6-166f-11e4-ad70-c86000def8d8} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MountPoints2: {9ab03798-2c49-11e4-9f62-806e6f6e6963} - E:\.\Bin\ASSETUP.exe
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MountPoints2: {a392ea06-ce1b-11e3-8438-c86000def8d8} - F:\iLinker.exe
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MountPoints2: {c59a9ee4-f4b5-11e4-b85d-c86000def8d8} - V:\Setup.exe
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MountPoints2: {e0aa8eea-2d24-11e4-b138-c86000def8d8} - F:\pushinst.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll File not found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012-12-07]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-12-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2012-12-04]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll [2015-03-10] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll [2015-03-10] (Kaspersky Lab ZAO)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=MD36F9CA9-B9CE-46F5-BC77-6807FE884E33&SearchSource=55&CUI=&UM=5&UP=SP356D3337-DEB1-49AB-9D9C-39A93EAC06A1&SSPV=
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1343689660-860429238-4075285064-1000 -> {4BFA2AC9-A130-4A7D-A063-B0C145395445} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=83D2F8F6-A995-42F3-BACA-9A0D6EFED7C3&apn_sauid=662B6D03-8E14-4C8C-A9FA-A6FCA8922C85
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Ranorex.Plugin.TridentIpc.RanorexAddon -> {504839B4-0C9A-4b5b-B00F-DEB2EEB870D7} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Hosts: 127.0.0.1 activation.cloud.techsmith.com

FireFox:
========
FF ProfilePath: C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-12] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @tools.google.com/Google Update;version=3 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @tools.google.com/Google Update;version=9 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\killi199\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-13] ()
FF user.js: detected! => C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default\user.js [2015-04-24]
FF Extension: Amazon-Icon - C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default\Extensions\amazon-icon@giga.de [2014-10-22]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-10]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR Profile: C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-10]
CHR Extension: (Ranorex Automation) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdlgaljianpgdlmfijpphbadibfncdm [2015-03-30]
CHR Extension: (Type Scout - Faster Typing! :)) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2014-08-28]
CHR Extension: (Bookmark Manager) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-22]
CHR Extension: ( Kaspersky Password Manager\r) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpfbladobbejblkbfleiljmikcfhkem [2015-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Skype Click to Call) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-11]
CHR Extension: (Until AM for Chrome) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2014-08-28]
CHR Extension: (Google Wallet) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (My Chrome Theme) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-08-28]
CHR Extension: (MIT App Inventor) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnbdacoddlfhpcgfnfijdglhdaaheok [2015-01-01]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2015-06-04]
CHR HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hlpfbladobbejblkbfleiljmikcfhkem] - https://chrome.google.com/webstore/detail/hlpfbladobbejblkbfleiljmikcfhkem
CHR HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ohkkgbjcojmjfnhegmphnheljncbegbc] - C:\Users\killi199\AppData\Local\CRE\ohkkgbjcojmjfnhegmphnheljncbegbc.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [egdlgaljianpgdlmfijpphbadibfncdm] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
CHR HKLM-x32\...\Chrome\Extension: [ohkkgbjcojmjfnhegmphnheljncbegbc] - C:\Users\killi199\AppData\Local\CRE\ohkkgbjcojmjfnhegmphnheljncbegbc.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [pljcgbedjplidkdjahbaalanadmjfgop] - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx [2015-06-04]
StartMenuInternet: Google Chrome.H4ZT3EEQXFVQ7TXEKCU5FGLDD4 - C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [178568 2015-04-28] (APN LLC.)
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S4 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S4 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [69632 2014-04-23] (Macrovision                                                    ) [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-04] (Electronic Arts)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-02] ()
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32600 2013-09-16] ()
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 cpuz138; C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [27320 2015-03-29] (CPUID)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-03-10] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-03-10] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 10:43 - 2015-06-06 10:44 - 00037013 _____ C:\Users\killi199\Downloads\FRST.txt
2015-06-06 10:41 - 2015-06-06 10:42 - 00000478 _____ C:\Users\killi199\Downloads\defogger_disable.log
2015-06-06 10:41 - 2015-06-06 10:41 - 00050477 _____ C:\Users\killi199\Downloads\Defogger.exe
2015-06-06 10:41 - 2015-06-06 10:41 - 00000000 _____ C:\Users\killi199\defogger_reenable
2015-06-06 09:42 - 2015-06-06 09:42 - 00000000 ___SD C:\32788R22FWJFW
2015-06-05 21:33 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-05 21:33 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-05 17:52 - 2015-06-05 17:58 - 17043270 _____ C:\Users\killi199\Downloads\aida64extreme520.zip
2015-06-05 17:28 - 2015-06-05 17:28 - 00222225 _____ C:\Users\killi199\Downloads\mw2-dedi.zip
2015-06-05 16:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-05 16:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-05 16:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-05 16:31 - 2015-06-05 16:32 - 00000000 ____D C:\Qoobox
2015-06-05 16:31 - 2015-06-05 16:31 - 00000000 ____D C:\Windows\erdnt
2015-06-05 16:29 - 2015-06-06 10:43 - 00000000 ____D C:\FRST
2015-06-05 16:28 - 2015-06-05 16:29 - 02108928 _____ (Farbar) C:\Users\killi199\Downloads\FRST64.exe
2015-06-04 17:41 - 2015-06-04 17:43 - 164983442 _____ C:\Users\killi199\Downloads\FTBDepartedServer.zip
2015-06-04 16:25 - 2015-06-04 16:29 - 167431232 _____ C:\Users\killi199\Downloads\Hexx_Reloaded_1.2.0b_Server.zip
2015-06-03 17:14 - 2015-06-03 17:14 - 00000000 ____D C:\Users\killi199\AppData\Local\GWX
2015-05-31 21:01 - 2015-05-31 21:01 - 08047384 _____ (TeamViewer GmbH) C:\Users\killi199\Downloads\TeamViewer_Setup_de.exe
2015-05-31 20:19 - 2015-05-31 20:41 - 20827501 _____ C:\Users\killi199\Downloads\Tekkit_Lite_Server_0.6.5.zip
2015-05-25 13:01 - 2015-05-25 13:01 - 06308944 _____ (Wargaming.net ) C:\Users\killi199\Downloads\WoT_internet_install_eu.exe
2015-05-25 13:01 - 2015-05-25 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-05-25 13:00 - 2015-05-25 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
2015-05-25 12:59 - 2015-05-25 12:59 - 07169912 _____ (Wargaming.net ) C:\Users\killi199\Downloads\WoWP_internet_install_eu.exe
2015-05-25 12:56 - 2015-05-25 12:56 - 03974614 _____ C:\Users\killi199\Downloads\flt-rct3u.rar
2015-05-25 12:54 - 2015-05-25 12:54 - 03625241 _____ C:\Users\killi199\Downloads\RCT3_u31.rar
2015-05-25 12:46 - 2015-05-25 12:46 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2015-05-25 12:42 - 2002-02-27 17:50 - 00197120 _____ C:\Windows\patchw32.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-05-25 12:29 - 2015-05-25 12:30 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Riot Games
2015-05-25 12:22 - 2015-05-25 12:23 - 30668968 _____ (Riot Games) C:\Users\killi199\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-05-23 16:10 - 2015-05-23 16:13 - 16196501 _____ C:\Users\killi199\Downloads\Rush 1.0.4.zip
2015-05-23 16:07 - 2015-05-23 16:07 - 00016209 _____ C:\Users\killi199\Downloads\CommandSigns.jar
2015-05-23 16:04 - 2015-05-23 16:04 - 00178476 _____ C:\Users\killi199\Downloads\Bedwars.jar
2015-05-23 13:05 - 2015-05-12 04:34 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-05-23 13:04 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-23 13:04 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 42718864 _____ C:\Windows\system32\nvcompiler.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 30478992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 22945424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 16145176 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 14455296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 13263568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 11790144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 10972304 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-05-23 13:04 - 2015-05-12 08:27 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01050256 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00982672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00502896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00176064 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-05-22 19:30 - 2015-05-22 19:30 - 01124544 _____ (Adobe Systems Incorporated) C:\Users\killi199\Downloads\flashplayer17au_ha_install.exe
2015-05-22 12:31 - 2015-05-22 13:55 - 00000000 ____D C:\Users\killi199\AppData\Local\Overwolf
2015-05-19 17:05 - 2015-05-19 17:05 - 00001821 _____ C:\Users\Public\Desktop\Apps.lnk
2015-05-19 17:05 - 2015-05-19 17:05 - 00001807 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\ProgramData\BlueStacks
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-05-13 13:53 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:53 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:25 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 13:25 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:25 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 13:25 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 13:25 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 13:25 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 13:25 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 13:25 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 13:25 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 13:25 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 13:25 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 13:25 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 13:25 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 13:25 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 13:25 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 13:25 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 13:25 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 13:25 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 13:25 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 13:25 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 13:25 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 13:25 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 13:25 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 13:25 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 13:25 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 13:25 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 13:25 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 13:25 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 13:25 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 13:25 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 13:25 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 13:25 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 13:25 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 13:25 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 13:25 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 13:25 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 13:25 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 13:25 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 13:25 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 13:25 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 13:25 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 13:25 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 13:25 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 13:25 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 13:25 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 13:25 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 13:25 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 13:25 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 13:25 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 13:25 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 13:25 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 13:25 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 13:25 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 13:25 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 13:25 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 13:25 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 13:25 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 13:25 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 13:25 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 13:25 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 13:25 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 13:25 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 13:25 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 13:25 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 13:24 - 2015-05-13 13:24 - 05022929 _____ C:\Users\killi199\Downloads\teamspeak3-server_linux-amd64-3.0.11.3.tar.gz
2015-05-13 13:24 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 13:24 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 13:24 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 13:24 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 13:24 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 13:24 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 13:24 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 13:24 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 13:24 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 13:24 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 13:24 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 13:24 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 13:24 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 13:24 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 13:24 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 13:24 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 13:24 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:24 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 13:24 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 13:24 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 13:24 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:24 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 13:24 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 13:24 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 13:24 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 13:24 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 13:24 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 13:24 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 13:24 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 13:24 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 13:24 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 13:24 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 13:24 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-08 20:22 - 2015-05-08 20:22 - 00559576 _____ C:\Users\killi199\Downloads\mcMMO.jar
2015-05-08 20:16 - 2015-05-08 20:16 - 00000000 ____D C:\Users\killi199\Tracing
2015-05-07 14:50 - 2015-05-07 14:53 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Cities Skylines MOD Pack 1
2015-05-07 14:50 - 2015-05-07 14:50 - 00000000 ____D C:\Users\killi199\AppData\Local\Colossal Order
2015-05-07 14:48 - 2015-05-07 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-06 10:41 - 2012-12-01 20:17 - 00000000 ____D C:\Users\killi199
2015-06-06 10:28 - 2012-12-25 14:26 - 00000000 ____D C:\Users\killi199\Documents\Outlook-Dateien
2015-06-06 10:25 - 2014-08-31 15:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-06 10:18 - 2014-03-01 22:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-06 10:18 - 2012-12-01 21:39 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA.job
2015-06-06 10:18 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-06 10:18 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-06 10:17 - 2012-12-07 21:38 - 00000000 ____D C:\Users\killi199\AppData\Local\Spotify
2015-06-06 10:16 - 2011-04-12 09:43 - 00702058 _____ C:\Windows\system32\perfh007.dat
2015-06-06 10:16 - 2011-04-12 09:43 - 00150958 _____ C:\Windows\system32\perfc007.dat
2015-06-06 10:16 - 2009-07-14 07:13 - 01622904 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-06 10:13 - 2012-12-07 21:20 - 00000000 ____D C:\Users\killi199\AppData\Local\LogMeIn Hamachi
2015-06-06 10:13 - 2012-12-01 20:16 - 01966910 _____ C:\Windows\WindowsUpdate.log
2015-06-06 10:11 - 2013-01-28 13:20 - 00000000 ____D C:\Users\killi199\AppData\Local\CrashDumps
2015-06-06 10:10 - 2014-08-27 20:28 - 00000000 ___RD C:\Users\killi199\Dropbox
2015-06-06 10:10 - 2014-03-01 22:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-06 10:10 - 2013-10-19 11:43 - 00003250 _____ C:\Windows\System32\Tasks\AIDA64 AutoStart
2015-06-06 10:10 - 2012-12-07 22:08 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-06 10:10 - 2012-12-07 21:40 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Skype
2015-06-06 10:10 - 2012-12-07 21:37 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Spotify
2015-06-06 10:10 - 2012-12-07 20:31 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Dropbox
2015-06-06 10:10 - 2012-12-04 19:49 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-06-06 10:10 - 2012-12-04 19:49 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-06-06 10:10 - 2012-12-01 20:52 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-06 10:10 - 2011-12-13 21:08 - 00417810 _____ C:\Windows\setupact.log
2015-06-06 10:10 - 2010-11-21 05:47 - 00218848 _____ C:\Windows\PFRO.log
2015-06-06 10:10 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-06 09:10 - 2012-12-07 22:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 01:55 - 2013-03-14 15:49 - 00000000 ____D C:\Users\killi199\Documents\TmForever
2015-06-05 22:41 - 2012-12-07 20:11 - 00000000 ____D C:\Users\killi199\Desktop\Spiele
2015-06-05 22:40 - 2012-12-01 22:25 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Ubisoft
2015-06-05 22:23 - 2013-11-21 16:10 - 00000000 ____D C:\Users\killi199\AppData\Local\NVIDIA Corporation
2015-06-05 21:37 - 2014-11-13 19:35 - 00000000 ____D C:\Users\killi199\Documents\Assassin's Creed Unity
2015-06-05 21:33 - 2015-03-27 22:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-05 21:33 - 2015-02-10 16:30 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-05 21:33 - 2012-12-01 20:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-05 18:54 - 2015-02-08 21:57 - 00000000 ____D C:\Users\killi199\AppData\Local\ftblauncher
2015-06-05 16:18 - 2012-12-01 21:39 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core.job
2015-06-04 21:23 - 2012-12-08 09:51 - 00000000 ____D C:\Users\killi199\AppData\Roaming\TS3Client
2015-06-04 20:47 - 2015-04-16 11:46 - 00000080 _____ C:\Users\killi199\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-04 20:06 - 2015-04-22 12:39 - 00000000 ____D C:\Users\killi199\Documents\Command and Conquer Generals Zero Hour Data
2015-06-04 20:00 - 2015-02-02 19:22 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Origin
2015-06-04 20:00 - 2015-02-02 19:22 - 00000000 ____D C:\ProgramData\Origin
2015-06-04 20:00 - 2013-03-09 11:55 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-04 17:41 - 2015-02-08 21:57 - 00000000 ____D C:\Users\killi199\AppData\Roaming\ftblauncher
2015-06-04 17:41 - 2015-02-08 21:54 - 06628862 _____ () C:\Users\killi199\Desktop\FTB_Launcher.exe
2015-06-04 16:34 - 2015-04-11 16:40 - 00000600 _____ C:\Users\killi199\AppData\Local\PUTTY.RND
2015-06-02 20:54 - 2013-08-27 20:34 - 00000000 ____D C:\Users\killi199\AppData\Roaming\.minecraft
2015-06-02 19:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-05-31 20:17 - 2013-03-10 20:12 - 00000000 ____D C:\Users\killi199\AppData\Roaming\.technic
2015-05-31 20:17 - 2013-02-11 18:49 - 04697768 _____ () C:\Users\killi199\Desktop\TechnicLauncher.exe
2015-05-28 16:29 - 2012-12-01 22:21 - 00914771 _____ C:\Windows\DirectX.log
2015-05-28 16:29 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-26 21:59 - 2014-10-09 13:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 23:06 - 2014-02-27 21:12 - 00000000 ____D C:\Users\killi199\AppData\Roaming\TeamViewer
2015-05-25 15:10 - 2012-12-07 22:03 - 00000000 ____D C:\Users\killi199\AppData\Roaming\ICQ
2015-05-25 13:02 - 2014-09-13 19:30 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-25 12:51 - 2013-10-19 20:36 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-25 12:49 - 2012-12-01 20:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-25 12:38 - 2013-01-28 18:39 - 00291944 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-05-25 12:38 - 2013-01-28 10:10 - 00291944 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-23 17:03 - 2015-04-24 20:10 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Mumble
2015-05-23 13:05 - 2012-12-01 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-05-23 13:05 - 2012-12-01 20:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-23 03:47 - 2015-02-10 16:30 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-21 20:30 - 2015-03-29 19:34 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-21 20:30 - 2015-03-29 19:34 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-05-21 20:30 - 2014-02-27 21:12 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-05-20 18:54 - 2012-12-04 18:53 - 00000000 ____D C:\Users\killi199\AppData\Local\Microsoft Help
2015-05-20 15:40 - 2015-04-04 15:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 15:40 - 2015-04-04 15:21 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 17:08 - 2014-08-04 19:44 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-05-19 17:05 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-05-19 16:13 - 2014-03-01 22:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 16:13 - 2014-03-01 22:24 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 16:13 - 2012-12-01 21:39 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA
2015-05-19 16:13 - 2012-12-01 21:39 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core
2015-05-17 20:21 - 2012-12-07 22:12 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 20:32 - 2009-07-14 06:45 - 00409208 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 20:31 - 2011-04-12 09:54 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-13 20:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 14:00 - 2012-12-04 18:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-13 13:58 - 2013-08-15 19:01 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 13:54 - 2011-12-13 20:35 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 08:52 - 2015-01-22 22:44 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-12 08:27 - 2014-04-30 09:38 - 15048816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-12 08:27 - 2014-01-23 17:45 - 17540416 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-12 08:27 - 2014-01-23 17:45 - 15858728 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-12 08:27 - 2012-12-01 20:52 - 03363224 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-12 08:27 - 2012-12-01 20:52 - 00112784 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-12 08:27 - 2012-12-01 20:52 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-12 08:27 - 2012-12-01 20:52 - 00031710 _____ C:\Windows\system32\nvinfo.pb
2015-05-12 08:27 - 2012-10-10 22:22 - 12849056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-12 08:27 - 2012-10-10 22:22 - 02971776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-12 05:30 - 2012-12-01 20:52 - 06872392 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-12 05:30 - 2012-12-01 20:52 - 03490448 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-12 05:30 - 2012-12-01 20:52 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-12 05:30 - 2012-12-01 20:52 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-12 05:30 - 2012-12-01 20:52 - 00385352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-12 05:30 - 2012-12-01 20:52 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-11 19:01 - 2012-12-01 20:52 - 04391871 _____ C:\Windows\system32\nvcoproc.bin
2015-05-09 14:58 - 2012-12-07 23:47 - 00000000 ____D C:\Fraps
2015-05-09 14:08 - 2012-12-07 20:34 - 00001029 _____ C:\Users\killi199\Desktop\Dropbox.lnk
2015-05-09 14:08 - 2012-12-07 20:32 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-05-08 20:16 - 2012-12-07 21:40 - 00000000 ____D C:\ProgramData\Skype

==================== Files in the root of some directories =======

2015-03-30 16:33 - 2015-04-07 21:56 - 0022446 _____ () C:\Users\killi199\AppData\Roaming\RanorexConfig5.xml
2015-03-30 16:37 - 2015-04-06 21:43 - 0000773 _____ () C:\Users\killi199\AppData\Roaming\RanorexUiConfig5.xml
2013-02-11 18:49 - 2013-02-11 18:49 - 0703117 _____ () C:\Users\killi199\AppData\Roaming\technic-launcher.jar
2012-12-28 17:13 - 2014-11-12 20:45 - 0005632 _____ () C:\Users\killi199\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-11 16:40 - 2015-06-04 16:34 - 0000600 _____ () C:\Users\killi199\AppData\Local\PUTTY.RND
2014-02-04 19:24 - 2014-02-04 19:24 - 0000017 _____ () C:\Users\killi199\AppData\Local\resmon.resmoncfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\killi199\AppData\Local\setup.txt
2014-08-30 16:40 - 2014-12-19 16:54 - 1341859 ____N () C:\Users\killi199\AppData\Local\Tempmusic.ogg
2014-12-23 15:11 - 2014-12-23 15:11 - 0000000 _____ () C:\Users\killi199\AppData\Local\{3628B4D8-CB71-4F5C-8E7D-635F8E2AC838}
2014-12-15 14:56 - 2014-12-15 14:57 - 0000000 _____ () C:\Users\killi199\AppData\Local\{71ACCD19-D9DA-4508-BE95-15DCB560025D}

Some files in TEMP:
====================
C:\Users\killi199\AppData\Local\Temp\2714.exe
C:\Users\killi199\AppData\Local\Temp\amazonicon_v10.exe
C:\Users\killi199\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\killi199\AppData\Local\Temp\drm_dialogs.dll
C:\Users\killi199\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph8rjjs.dll
C:\Users\killi199\AppData\Local\Temp\Execute2App.exe
C:\Users\killi199\AppData\Local\Temp\GUR5446.exe
C:\Users\killi199\AppData\Local\Temp\GUR868D.exe
C:\Users\killi199\AppData\Local\Temp\jansi-64-git-Spigot-4c7d0c0-96c2c39-1006540136134236505.dll
C:\Users\killi199\AppData\Local\Temp\jansi-64-git-Spigot-4c7d0c0-96c2c39-222387371476708913.dll
C:\Users\killi199\AppData\Local\Temp\jansi-64-git-Spigot-4c7d0c0-96c2c39-2240528531843703162.dll
C:\Users\killi199\AppData\Local\Temp\jansi-64-git-Spigot-4c7d0c0-96c2c39-6376202524551782632.dll
C:\Users\killi199\AppData\Local\Temp\jansi-64-git-Spigot-4c7d0c0-96c2c39-9148171886204359535.dll
C:\Users\killi199\AppData\Local\Temp\jna4164446773932614550.hunspell-win-x86-32.dll
C:\Users\killi199\AppData\Local\Temp\jna4178462125873541726.hunspell-win-x86-32.dll
C:\Users\killi199\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\killi199\AppData\Local\Temp\mirc738.exe
C:\Users\killi199\AppData\Local\Temp\msvcp90.dll
C:\Users\killi199\AppData\Local\Temp\msvcr90.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\killi199\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\killi199\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\killi199\AppData\Local\Temp\nvStInst.exe
C:\Users\killi199\AppData\Local\Temp\RanorexRecording.exe
C:\Users\killi199\AppData\Local\Temp\sdan.exe
C:\Users\killi199\AppData\Local\Temp\sdapk.exe
C:\Users\killi199\AppData\Local\Temp\sdaspwn.exe
C:\Users\killi199\AppData\Local\Temp\SIntf16.dll
C:\Users\killi199\AppData\Local\Temp\SIntf32.dll
C:\Users\killi199\AppData\Local\Temp\SIntfNT.dll
C:\Users\killi199\AppData\Local\Temp\SkypeSetup.exe
C:\Users\killi199\AppData\Local\Temp\sonarinst.exe
C:\Users\killi199\AppData\Local\Temp\ubiDF96.tmp.exe
C:\Users\killi199\AppData\Local\Temp\uninstall.exe
C:\Users\killi199\AppData\Local\Temp\ut2004-demo3334.exe
C:\Users\killi199\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\killi199\AppData\Local\Temp\_is24ED.exe
C:\Users\killi199\AppData\Local\Temp\_is83BF.exe
C:\Users\killi199\AppData\Local\Temp\_isC4B5.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-08 20:39

==================== End of log ============================
Da ich das alles nicht in eine Nachricht fassen kann werde ich auf diesen Post noch einmal antworten.

killi199 06.06.2015 12:19
Addition
Code:
scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by killi199 at 2015-06-06 10:44:20
Running from C:\Users\killi199\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1343689660-860429238-4075285064-500 - Administrator - Disabled)
Gast (S-1-5-21-1343689660-860429238-4075285064-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1343689660-860429238-4075285064-1008 - Limited - Enabled)
killi199 (S-1-5-21-1343689660-860429238-4075285064-1000 - Administrator - Enabled) => C:\Users\killi199

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Total Security (Enabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Total Security (Enabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark Demo (HKLM-x32\...\Steam App 231350) (Version:  - Futuremark)
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.3 - Futuremark)
Ace of Spades (HKLM-x32\...\{573576B6-2112-4679-BF42-C8D9CE2E4A29}) (Version: 0.75.014 - Ben Aksoy)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
Age of Conan: Unchained (HKLM-x32\...\Age of Conan_is1) (Version:  - Funcom)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires III (HKLM-x32\...\InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}) (Version: 1.00.0000 - Microsoft Game Studios)
Age of Empires III (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.00 - ASUSTeK Computer Inc.)
AIDA64 Extreme Edition v3.20 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
AirMech (HKLM-x32\...\Steam App 206500) (Version:  - )
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-4300-76A7-A758B70C1D00}) (Version: 12.29.0.224 - APN, LLC) <==== ATTENTION
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.8.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.4.000 - Asmedia Technology)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version:  - Ubisoft)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version:  - Ubisoft)
Assassin's Creed(R) III v1.05 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.05 - Ubisoft)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.25648 - Electronic Arts)
Battlefield Heroes (HKLM-x32\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version:  - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{CF297F45-BB2C-4454-AEDA-EFAB01AFDCE3}) (Version: 0.9.24.4196 - BlueStack Systems, Inc.)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version:  - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version:  - Sledgehammer Games)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 - Multiplayer (HKLM-x32\...\Steam App 42690) (Version:  - Infinity Ward)
Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version:  - Infinity Ward)
Camtasia Studio 8 (HKLM-x32\...\{FB05EAA3-D938-4EDA-9A38-88543E52680C}) (Version: 8.4.3.1792 - TechSmith Corporation)
Cannons Lasers Rockets (HKLM-x32\...\Steam App 265770) (Version:  - Net Games Laboratory)
Cities Skylines Deluxe MOD Edition (HKLM-x32\...\Cities Skylines Deluxe MOD Edition) (Version: 1.01 - Paradox Interactive)
Cities Skylines MOD Pack 1 (HKLM-x32\...\Cities Skylines MOD Pack 1 (v1.0)) (Version: v1.0 - ShadowEagle)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Counter-Strike 1.6 (HKLM-x32\...\Counter-Strike 1.6) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Craften Terminal 3.4.4990.30418 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.4.4990.30418 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dead Space (HKLM-x32\...\{025A585C-0C66-413D-80D2-4C05CB699771}) (Version: 1.0.0.222 - Electronic Arts)
Dead Space™ 2 (HKLM-x32\...\{C549C2A2-574F-4ABC-933C-BD11D027C16A}) (Version: 1.0.941.0 - Electronic Arts)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.36.45 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.3.2 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.8.1 - Electronic Arts)
Die Sims™ 3 Katy Perry Süße Welt (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.13.1 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.7.65.1020 - Electronic Arts Inc.)
Die*Sims™*3 Erstelle einen Sim (HKLM-x32\...\{89173B88-384A-459B-B687-9C0BBC934EF4}) (Version: 1.0.25 - Electronic Arts)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age™ II (HKLM-x32\...\{E1EB9F56-AFE2-4204-B28F-AD8DA793B9F4}) (Version: 1.04.8524.0 - Electronic Arts)
Dream of the Blood Moon (HKLM\...\UDK-2970e08e-e559-417b-a669-42f057d1dcbb) (Version:  - Epic Games, Inc.)
Dropbox (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)
English G 21 e-Workbook D3EA (HKLM-x32\...\{E3D5DF66-A53B-484B-8A4C-6147BDF7B353}) (Version: 1.00.000 - Cornelsen)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FalNET G19 Display Manager (HKLM-x32\...\FalNET G19 Display Manager_is1) (Version:  - FalNET)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Audio Converter version 5.0.43.605 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.43.605 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.5 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.5 - Ellora Assets Corporation)
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GEAR driver installer (HKLM-x32\...\{0590062B-1E79-4717-B1AC-45B6DCA43B36}) (Version: 4.001.7 - GEAR Software)
GIANTS Editor 6.0.2 64-bit (HKLM-x32\...\giants_editor_6.0.2_win64_is1) (Version: 6.0.2 - GIANTS Software GmbH)
Google Chrome (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - IO Interactive)
Hitman: Sniper Challenge (HKLM-x32\...\Steam App 205930) (Version:  - IO Interactive)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Network Connections 17.0.200.2 (HKLM\...\PROSetDX) (Version: 17.0.200.2 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.225 - Intel Corporation)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kaspersky Password Manager (HKLM-x32\...\InstallWIX_{E522EB0E-20CC-42A9-82EA-50968D01E7A2}) (Version: 8.0.1.1315 - Kaspersky Lab)
Kaspersky Password Manager (x32 Version: 8.0.1.1315 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{8ED07EBD-22AD-415A-B71E-C1AD86862C2E}) (Version: 15.0.1.415 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 15.0.1.415 - Kaspersky Lab) Hidden
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.1.0.0 - GIANTS Software)
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM-x32\...\{4614C36E-AABF-42AD-9419-0B8051547B96}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT - (Deutsch) Sprachenpaket (HKLM-x32\...\{611ED207-22E5-4543-B9D3-E73096759A4F}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM-x32\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LEGO MINDSTORMS NXT Software v2.0 (HKLM-x32\...\{5B7EDCF8-E6AD-4E99-972C-34BF1F07B349}) (Version: 2.0.114.0 - LEGO)
LEGO MINDSTORMS NXT Software v2.0 (HKLM-x32\...\{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}) (Version: 2.0.108.0 - LEGO)
LifeFrame2 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 2.0.22 - ASUS)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software 8.55 (HKLM\...\Logitech Gaming Software) (Version: 8.55.137 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version:  - Nadeo)
Mass Effect™ 2 (HKLM-x32\...\{E19B628D-A9BC-4519-B1D4-4C8C09074F7F}) (Version: 1.2.1604.0 - Electronic Arts)
Medal of Honor Allied Assault Warchest (HKLM-x32\...\{D61BA037-2326-4CEF-B3AC-252046D0476A}) (Version: 1.11.0.2 - Electronic Arts)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{1BC144A3-20EF-49DD-8EBB-E421E128E30F}) (Version: 1.2.8 - Thorvald Natvig)
My Game Long Name (HKLM\...\UDK-04d9d3d3-eb10-47f8-8092-382ee37d8416) (Version:  - Epic Games, Inc.)
MyFreeCodec (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\MyFreeCodec) (Version:  - )
NAVIGON Fresh 3.5.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.5.1 - NAVIGON)
Need for Speed™ Rivals (HKLM-x32\...\{E0A32336-AA27-4053-99B2-C3380B7B95AC}) (Version: 1.4.0.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - Nero AG)
Nero 12 Content Pack (HKLM-x32\...\{4E7AC009-5212-499F-942F-A5AA42AE359E}) (Version: 12.0.00400 - Nero AG)
NewFreeScreensaver nfsAquarium03 (HKLM-x32\...\Aquarium 03 New Free Screensaver_is1) (Version:  - Gekkon Ltd.)
NoLimits 2 Demo (remove only) (HKLM\...\NoLimits 2 Demo) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 352.86 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.5.28 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.28 - NVIDIA Corporation)
NVIDIA Grafiktreiber 352.86 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 352.86 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.1.10.2728 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Pinball Arcade (HKLM-x32\...\Steam App 238260) (Version:  - FarSight Studios)
PlanetSide 2 (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.3.0 - Electronic Arts)
Quake Live (HKLM-x32\...\Steam App 282440) (Version:  - id Software)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
Ranorex 5.3 (HKLM-x32\...\{195CE689-F182-4076-8DDE-80CC34C6EA83}) (Version: 5.3.1.22939 - Ranorex GmbH)
RCT3 Soaked (HKLM-x32\...\{EA926717-CE5A-4CB4-AB21-9E6E9565A458}) (Version: 1.00.000 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6570 - Realtek Semiconductor Corp.)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Rosetta Stone Ltd Services (HKLM-x32\...\{7BB2EF8A-5376-4BAE-96D0-38BE49501F40}) (Version: 3.2.17 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (HKLM-x32\...\com.rosettastone.rosettastonetotale) (Version: 4.1.15.1 - Rosetta Stone, Ltd)
Rosetta Stone TOTALe (x32 Version: 4.1.1 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (x32 Version: 4.1.15.1 - Rosetta Stone, Ltd) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.5.0.12104_15 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15024.8 - Samsung Electronics Co., Ltd.) Hidden
Samsung Link 1.8.0.1401171024 (HKLM\...\8474-7877-9059-0204) (Version: 1.8.0.1401171024 - Copyright 2013 SAMSUNG)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.28 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Railroads! (HKLM-x32\...\{EE3FBD3C-782E-4A90-9507-0ECFE1FECCE4}) (Version: 1.00 - Firaxis Games)
Sid Meier's Railroads! (x32 Version: 1.00 - Firaxis Games) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Spotify (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Survivors Viy (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Survivors Viy) (Version:  - )
Syndicate (HKLM-x32\...\{64CFBAAB-46F7-4628-8D9B-E656A8C11CDB}) (Version: 2.0.0.3 - Electronic Arts)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.42849 - TeamViewer)
Theme Hospital (HKLM-x32\...\{5118A4C2-C8A4-4CE5-AC37-F3E51C25402F}) (Version: 3.0.0.2 - Electronic Arts)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version:  - Nadeo)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Trials Fusion Demo (HKLM-x32\...\Steam App 294260) (Version:  - RedLynx, in collaboration with  Ubisoft Shanghai, Ubisoft Kiev)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultima 8 (HKLM-x32\...\{428C6B01-D292-46F9-9321-75668ED17DA2}) (Version: 1.0.0.1 - Electronic Arts)
Unity Web Player (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unreal Tournament 2004 Demo (HKLM-x32\...\UT2004-Demo) (Version:  - )
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
Viber (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Viber) (Version: 3.0.0.133634 - Viber Media Inc)
Virtual Audio Cable 4.10 (HKLM\...\Virtual Audio Cable 4.10) (Version:  - )
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.483 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - Blizzard Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
Watch_Dogs (HKLM-x32\...\Steam App 243470) (Version:  - Ubisoft)
Welcome App (Start-up experience) (x32 Version: 12.0.14000 - Nero AG) Hidden
WinCDEmu (HKLM-x32\...\WinCDEmu) (Version: 3.6 - Bazis)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Subways Vol. 3 (HKLM-x32\...\{3D294F77-AD11-45A5-B56B-E0D9C63C21FF}) (Version: 1.3 - aerosoft)
World of Tanks (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warplanes (HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C813eu}_is1) (Version:  - Wargaming.net)
Worms Revolution (HKLM-x32\...\Steam App 200170) (Version:  - Team17 Digital Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1343689660-860429238-4075285064-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

23-05-2015 15:35:05 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
23-05-2015 15:44:04 DirectX wurde installiert
23-05-2015 16:30:30 DirectX wurde installiert
24-05-2015 12:58:54 DirectX wurde installiert
25-05-2015 12:25:31 Installiert Assassin's Creed(R) III v1.03
25-05-2015 12:29:18 Installiert Assassin's Creed(R) III v1.04
25-05-2015 12:32:38 Installiert Assassin's Creed(R) III v1.05
25-05-2015 12:41:21 Installiert RollerCoaster Tycoon 3
25-05-2015 12:46:57 Installiert RCT3 Soaked
25-05-2015 12:49:35 Installiert RCT3 Wild
25-05-2015 23:19:38 Windows Update
26-05-2015 20:35:44 Windows Update
28-05-2015 16:29:08 DirectX wurde installiert
31-05-2015 20:05:32 Windows Update
05-06-2015 15:51:04 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2012-12-25 20:10 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activation.cloud.techsmith.com

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1B229501-F24A-44AF-91A5-36CF21535452} - System32\Tasks\ASUS\ASUS WiFi GO! Server Execute => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe [2012-07-12] (ASUSTeK Computer Inc.)
Task: {26B373BF-6576-4B33-941E-3C0A0344CAD8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA => C:\Users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {29660EFF-8E79-48F5-9B17-2E625194245D} - System32\Tasks\{887D833E-2A49-4DB3-9420-53CF2F942B6F} => pcalua.exe -a "C:\Program Files (x86)\BlueStacks\HD-RuntimeUninstaller.exe"
Task: {350FEBCA-F27D-4D18-80BB-AD9C83B746DF} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {56C5DEB0-D809-4C6F-A560-AC9FA75C1E8B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {5ACDA914-6B3A-43DF-BB5E-BD153743478B} - System32\Tasks\{8E3E3BEF-32CD-483D-9DE2-0F17B66467FD} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}\setup.exe" -c -runfromtemp -l0x0007 -removeonly
Task: {5E895F53-0C69-4F7D-84D4-40EC5132880E} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {83F9B034-4C13-475F-A571-6F4DCE418438} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2012-12-04] ()
Task: {898DCA4E-5918-4973-BBA4-7FCC12F1BF89} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {8EC63090-F52C-436F-BE6E-94C89DDD619A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {A0646629-319E-4E40-BE8D-9601374FC55D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {A11F4394-4B39-41B9-9ADA-8E868B56DB75} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01] (Google Inc.)
Task: {AA065E6F-388A-48AD-9F0C-2441247B3FF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01] (Google Inc.)
Task: {B73C325C-F380-4CC5-ABEA-0B3183BD5DD7} - System32\Tasks\{7FC97056-6B27-4FC1-AA2E-695252A0DC05} => D:\Games\Electronic Arts\Die Sims 3\Game\Bin\Sims3Launcher.exe
Task: {BA4DFAB3-1989-40EE-9BE3-F37097FB5FF1} - System32\Tasks\{F1D9A9F5-2949-489A-B3A0-DCC9A9E2F2DC} => pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {BD5DC3B8-4AB6-436B-A3A7-0BF5B38690FD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DFE0242F-4E90-4306-9928-1C6846542FC9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core => C:\Users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01] (Google Inc.)
Task: {EB58A489-22B1-4F32-A54C-C6385EC017E3} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {EDACF8A7-9159-4892-92B0-4BD718550771} - System32\Tasks\AIDA64 AutoStart => C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe [2013-09-16] (FinalWire Ltd.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core.job => C:\Users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA.job => C:\Users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2012-12-01 20:52 - 2015-05-12 05:30 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2014-07-28 20:29 - 2014-07-28 20:29 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-28 20:32 - 2014-07-28 20:32 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-28 20:29 - 2014-07-28 20:29 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-28 20:31 - 2014-07-28 20:31 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2013-09-25 16:27 - 2014-01-17 11:24 - 00013824 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2013-09-25 16:27 - 2014-01-17 11:24 - 00048640 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2013-12-21 12:25 - 2013-12-21 12:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 12:26 - 2013-12-21 12:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00030720 _____ () C:\Windows\system32\MediaDB64.dll
2013-10-22 10:52 - 2013-10-22 10:52 - 00908800 _____ () C:\Windows\system32\ContentDirectoryPresenter64.dll
2013-12-21 12:27 - 2013-12-21 12:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00049152 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00016896 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00058880 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll
2013-07-23 20:19 - 2013-07-23 20:19 - 00299520 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll
2015-02-10 16:30 - 2015-05-23 03:48 - 00721552 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-02-10 16:30 - 2015-05-23 03:48 - 00854160 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-10-16 15:47 - 2012-05-03 10:40 - 00258048 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2015-05-21 20:30 - 2015-05-20 19:39 - 00011536 _____ () C:\Program Files (x86)\TeamViewer\outlook\ManagedAggregator.dll
2013-02-15 04:36 - 2013-02-15 04:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2014-08-30 18:12 - 2014-08-30 18:12 - 01269952 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\kpcengine.2.3.dll
2014-10-16 15:47 - 2012-05-02 18:04 - 00233472 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\AudioProjection.dll
2014-10-16 15:47 - 2010-12-14 17:46 - 00067584 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\CoreAudioCap.dll
2014-10-16 15:47 - 2012-06-22 13:32 - 00184320 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\DLCapPP.dll
2014-10-16 15:47 - 2011-08-09 14:52 - 00425984 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\awiscale.DLL
2014-10-16 15:47 - 2012-04-25 14:57 - 00073728 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\IsSupported.dll
2014-10-16 15:47 - 2012-01-12 16:44 - 00475136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFiGO_HookKey.dll
2014-10-16 15:47 - 2012-04-20 16:24 - 00716800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiMoveHelp.dll
2014-10-16 15:47 - 2012-04-25 14:47 - 00659456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\PhoneCtrlAPI.dll
2015-04-07 19:42 - 2015-05-23 03:48 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 12:02 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-01-20 12:02 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 12:02 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-05-21 19:37 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-29 15:15 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 15:15 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 15:15 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 15:15 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 15:15 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2013-03-27 20:52 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-06-06 10:10 - 2015-06-06 10:10 - 00043008 _____ () c:\users\killi199\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph8rjjs.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\killi199\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\killi199\AppData\Roaming\Dropbox\bin\libEGL.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\killi199\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\killi199\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2015-05-26 20:24 - 2015-05-22 22:22 - 01281864 _____ () C:\Users\killi199\AppData\Local\Google\Chrome\Application\43.0.2357.81\libglesv2.dll
2015-05-26 20:24 - 2015-05-22 22:22 - 00080712 _____ () C:\Users\killi199\AppData\Local\Google\Chrome\Application\43.0.2357.81\libegl.dll
2014-10-16 15:47 - 2012-02-06 21:08 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\pngio.dll
2013-10-19 11:34 - 2013-09-16 23:25 - 00062280 _____ () C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida_lglcd3.dll
2014-10-16 15:47 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2015-05-26 20:24 - 2015-05-22 22:22 - 14982472 _____ () C:\Users\killi199\AppData\Local\Google\Chrome\Application\43.0.2357.81\PepperFlash\pepflashplayer.dll
2013-03-27 20:52 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\killi199\Downloads\Sphax_Hexxit _128x(1.1).zip:com.dropbox.attributes

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ksupmgr => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1343689660-860429238-4075285064-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AllShare Framework DMS => 2
MSCONFIG\Services: APNMCP => 2
MSCONFIG\Services: asComSvc => 2
MSCONFIG\Services: asHmComSvc => 2
MSCONFIG\Services: AsSysCtrlService => 2
MSCONFIG\Services: BstHdAndroidSvc => 3
MSCONFIG\Services: BstHdLogRotatorSvc => 3
MSCONFIG\Services: BstHdUpdaterSvc => 3
MSCONFIG\Services: DTSAudioSvc => 2
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: Futuremark SystemInfo Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: InstallShield Licensing Service => 3
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PnkBstrA => 2
MSCONFIG\Services: RosettaStoneDaemon => 2
MSCONFIG\Services: Samsung Link Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 2

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{546ACBC3-DB2A-4719-8A2A-418CACC201AE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{62396CB1-5CD9-4A02-A609-1FA813012451}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [TCP Query User{D09C5B3C-8970-4872-BF03-F277F274618E}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [UDP Query User{204D34FC-366C-45A2-BD79-B3CD8287ECA9}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{634DC749-A199-49D4-B878-2C0F38A51D1D}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{159DFC04-53B7-4D27-A5E6-E004AB3EC1C4}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{8B124198-8668-487E-9F88-78E96585C46B}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires Online\Spartan.exe
FirewallRules: [{3E1C0119-EFF0-4052-BB4D-60E39BCD7DAD}] => (Allow) C:\Program Files (x86)\Microsoft Games\Age of Empires Online\Spartan.exe
FirewallRules: [{D51203FC-E491-4825-BBE5-A0D2AFB263E5}] => (Allow) C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{AD158BE5-8C03-4062-A135-84C565A2AFF8}] => (Allow) C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{A69207CC-55FE-45F0-8139-64F41F6C7EAC}D:\games\wot\worldoftanks.exe] => (Allow) D:\games\wot\worldoftanks.exe
FirewallRules: [UDP Query User{918158B0-A8ED-4BF3-97E7-180980B32BC8}D:\games\wot\worldoftanks.exe] => (Allow) D:\games\wot\worldoftanks.exe
FirewallRules: [{3DB5FC20-F3FF-414E-960B-BF010F21DA50}] => (Allow) C:\Program Files (x86)\Microsoft Games\Microsoft Flight\Flight.exe
FirewallRules: [TCP Query User{5E3BD1F6-EE21-4B2A-B62C-DFDC921EDFCC}C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe] => (Allow) C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe
FirewallRules: [UDP Query User{CA212410-5933-494E-ADD0-F633A8592EC5}C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe] => (Allow) C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe
FirewallRules: [TCP Query User{65B0C6B0-AB4E-450A-9940-FC219FF067E0}C:\users\killi199\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\killi199\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D7695B03-4697-4E7B-93F1-8213A57A38EB}C:\users\killi199\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\killi199\appdata\roaming\spotify\spotify.exe
FirewallRules: [{51805E99-F72B-4318-914C-9A593CF7DFC6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8B05E58F-83C0-4353-9D7A-8D3F566706C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{EE216345-822A-4DFC-8BD1-005221FB5F4A}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{79C15420-49B2-4165-8D78-53EB19E866C8}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{FDAC3B48-5BC9-412C-A07B-DAE1CBC58CBC}C:\program files (x86)\icq7m\icq.exe] => (Allow) C:\program files (x86)\icq7m\icq.exe
FirewallRules: [UDP Query User{41AB5626-2C35-426C-83F0-8C401D3DF61B}C:\program files (x86)\icq7m\icq.exe] => (Allow) C:\program files (x86)\icq7m\icq.exe
FirewallRules: [{08A41836-4501-4F37-B9C4-3EF50791287D}] => (Allow) D:\Games\AgeofEmpire3\age3.exe
FirewallRules: [{9D2AA075-9975-4AF2-A07A-3C42FE9C2BD4}] => (Allow) D:\Games\AgeofEmpire3\age3.exe
FirewallRules: [TCP Query User{39E54405-D214-4677-A855-AC9E8C3CAF87}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{FDF1D084-A09F-4569-B73C-1C6775B31C72}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{367BE98B-1344-432C-AE6A-E63A6374D839}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{A188F8B0-9AD2-4B78-A58C-540A4B125D85}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{E08F508E-7ECC-4D0C-A684-542550D9936B}D:\games\wot\wotlauncher.exe] => (Allow) D:\games\wot\wotlauncher.exe
FirewallRules: [UDP Query User{8EC1E6A6-0384-4EB1-8FB7-2DD2C46B656C}D:\games\wot\wotlauncher.exe] => (Allow) D:\games\wot\wotlauncher.exe
FirewallRules: [{6E83C5B0-73C8-4B6D-AF73-19E0DA061872}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{441390CA-F8E2-4CB9-9050-CD5B8C5FAFF5}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\FarmingSimulator2013.exe
FirewallRules: [{78D79A11-699A-463F-B778-BEEA3A1708D0}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{36946A1C-213F-48A7-BE12-BB805FBDFDF5}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\FarmingSimulator2013Game.exe
FirewallRules: [{0524CC71-BE70-4E00-A82F-B672432EE2AC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{FD5697F4-5294-4F90-8766-A9C45E9ACC45}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{1903332D-8092-4750-A13B-DD23FC66156D}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{4463FF1A-1AA3-432C-80FE-07FE6A66AE5B}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [{0D282CE9-099E-4A52-A9C2-976C231268B1}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FADDC71C-E6CC-425A-8E0F-19FBB2B226D8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{566165C8-FAF4-4536-9823-6D8D8A9BF096}C:\users\killi199\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\killi199\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{CC06CE28-529A-4828-888E-035541354309}C:\users\killi199\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\killi199\appdata\roaming\spotify\spotify.exe
FirewallRules: [{EF42DF79-21CE-489E-AAF5-0BF8C2714D63}] => (Allow) D:\Games\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{BCE36AEA-67F2-44B9-A94A-1A6E2E54D24D}] => (Allow) D:\Games\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{5DC8E950-4CEE-48B8-BFC2-5C726C54E964}] => (Allow) D:\Games\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{2FE08F32-F421-4A7A-8E23-055D0CF496D7}] => (Allow) D:\Games\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{23945E9A-DF24-4838-A72F-62057485A1CB}] => (Allow) D:\Games\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{769F6C58-41E8-434E-9227-F8747EF7E20C}] => (Allow) D:\Games\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{B70FB798-E753-4129-A691-136F757AE422}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A69DF7CE-5A85-408D-83D5-63854BDEBD33}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5DAD67A0-A557-4449-BE02-8A5596EA2E88}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F2FABA40-2846-4CF3-8E8E-A94FA7218D06}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{FA946997-25B7-4A15-AE31-7F1AAF359A32}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [UDP Query User{43BBDFA4-F28A-4100-8974-E6EE8E205030}C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe] => (Allow) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{0352DBA4-05A4-4DFB-B1BD-A4E4E3644BFD}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{6648226E-7E47-408F-9992-5B795235EED6}] => (Block) C:\program files (x86)\ea games\battlefield heroes\bfheroes.exe
FirewallRules: [{5D140465-D0B6-438E-B16C-A17B0376A100}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{B02D0098-0F0D-47AF-A9E0-127A4346CBB5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{D6687551-F257-4A06-A520-96BA3584CFE1}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{88F7FA92-B870-4AC2-970E-305EA9B67EA7}C:\program files (x86)\tmnationsforever\tmforever.exe] => (Allow) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{04480B1D-D2E1-42A6-AF3D-5CB0BB70F380}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [{50DFA1D6-AC78-4DA4-920B-3919BD005C33}] => (Block) C:\program files (x86)\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{066333C3-9876-475B-AD8F-8A8AAD784571}C:\users\killi199\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\killi199\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{E8868726-3851-4ACC-A48D-FDA667FC3493}C:\users\killi199\appdata\roaming\dropbox\bin\dropbox.exe] => (Allow) C:\users\killi199\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{84E84B4F-A713-42D5-B2AB-7224B2C3B40A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{B64F37E2-80C5-40C5-9E09-C4BE5FF22FFE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [TCP Query User{BCF2EB3F-D96F-4188-AB25-9A3B356703A9}C:\users\killi199\desktop\spiele\survivers\survivers_beta_3.exe] => (Allow) C:\users\killi199\desktop\spiele\survivers\survivers_beta_3.exe
FirewallRules: [UDP Query User{AA807A20-EA72-4209-9CD4-594D0E855A23}C:\users\killi199\desktop\spiele\survivers\survivers_beta_3.exe] => (Allow) C:\users\killi199\desktop\spiele\survivers\survivers_beta_3.exe
FirewallRules: [{C05247BC-76D9-48B8-8025-CF0E3507EB1E}] => (Block) C:\users\killi199\desktop\spiele\survivers\survivers_beta_3.exe
FirewallRules: [{4600275B-5C6C-4216-95A0-AA80F7A3E352}] => (Block) C:\users\killi199\desktop\spiele\survivers\survivers_beta_3.exe
FirewallRules: [TCP Query User{015CCC2D-DC08-4095-8343-493288A41446}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{529E9373-B089-4F02-B2A0-6E71D0003DB7}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{D6A0E0C8-78AC-405A-8CC4-1E326B1A1B5F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{FB71B332-4A4B-4039-940D-52D5749C52AE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{2C83360D-626D-4AB8-AA08-95651BF0EA19}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{5E2910BB-CA07-4137-AE07-012C81B75730}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe
FirewallRules: [TCP Query User{332119C5-0C3F-4078-A1BB-BD3080A56554}C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe] => (Allow) C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe
FirewallRules: [UDP Query User{90996BB9-26FA-41C1-BF43-50F57F7A5249}C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe] => (Allow) C:\users\killi199\appdata\local\microsoft\age of empires online\spartan.exe
FirewallRules: [TCP Query User{03AF7C6A-7EE8-4897-83A0-1101FB0F5A4F}D:\games\ubisoft\anno 2070\anno5.exe] => (Allow) D:\games\ubisoft\anno 2070\anno5.exe
FirewallRules: [UDP Query User{9DE4E4CD-3EDD-4506-B4B0-94B920EE06AB}D:\games\ubisoft\anno 2070\anno5.exe] => (Allow) D:\games\ubisoft\anno 2070\anno5.exe
FirewallRules: [{2159BE82-72B7-495D-B3E6-3570BE05A71D}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{1F04A199-9B29-4CEE-89BB-7D958C4C281F}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneLtdServices.exe
FirewallRules: [{4C50B2A9-0ED2-4E1E-8734-50BBAD60361F}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [{415439C4-0EA6-4EA7-B338-2BA3815A76EC}] => (Allow) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
FirewallRules: [TCP Query User{01989070-43E9-4055-B7A0-2CB758C72143}C:\udk\dream of the blood moon\binaries\win32\udk.exe] => (Allow) C:\udk\dream of the blood moon\binaries\win32\udk.exe
FirewallRules: [UDP Query User{62FD56C0-1194-41DE-9074-B9FBC780319F}C:\udk\dream of the blood moon\binaries\win32\udk.exe] => (Allow) C:\udk\dream of the blood moon\binaries\win32\udk.exe
FirewallRules: [TCP Query User{864C4CA2-9BBF-4E57-BCDA-FF6E7341239E}D:\games\wot\wotlauncher.exe] => (Allow) D:\games\wot\wotlauncher.exe
FirewallRules: [UDP Query User{8F6E6C98-165D-4D89-94AF-122D3C48C266}D:\games\wot\wotlauncher.exe] => (Allow) D:\games\wot\wotlauncher.exe
FirewallRules: [{0C55544E-A3DE-422C-8742-7D7F42971F13}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{929141F5-8310-4D1C-8FB5-5D57B9109191}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{CFAC9AB5-A024-4925-8698-91EFFC7D1DCA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{843770EA-0F28-4F16-91A6-2C6E69B0FB2C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DF140CEB-B350-4BDD-B513-22F8E86858ED}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{17C08401-0F72-4316-A0AD-493C192847AF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{EB9DFA77-6CE2-46A4-BC52-AB86CD8F008D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{46C53595-5743-49B2-B005-BC6D66811F3B}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{1A3CD383-51EE-46D5-BA05-25F8AD41EB6F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{501E6858-DDE2-40BD-886B-E2743CAC51E0}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.18\AllShareFrameworkDMS.exe
FirewallRules: [{D0651FDC-B640-4FD4-A24F-1A733813BBEB}] => (Allow) LPort=8743
FirewallRules: [{4B2FE27C-A82A-4579-896E-C1B14FE2A03D}] => (Allow) LPort=8643
FirewallRules: [{E9778177-FFB6-42DE-A39B-6BE788EE2E80}] => (Allow) LPort=7676
FirewallRules: [{33FA3422-63A0-4253-A496-BFE231612710}] => (Allow) LPort=7679
FirewallRules: [{670F5C31-F562-45BC-BC65-40C11D0C30A3}] => (Allow) LPort=24234
FirewallRules: [{1AC4D0A7-E73E-450D-A1A8-3A3712D02E8C}] => (Allow) LPort=7900
FirewallRules: [{FD1A51F9-8563-444E-A00F-ECE8AD4BC52C}] => (Allow) LPort=1900
FirewallRules: [{1565BBE4-7885-4090-AFDE-8F9727F331D1}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe
FirewallRules: [{C622CCDF-E02E-4815-9DDD-919C8B2563C9}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed World\GameLauncher.exe
FirewallRules: [TCP Query User{AFA8E877-41D0-4725-8F85-136BCD478B28}D:\games\wot\worldoftanks.exe] => (Block) D:\games\wot\worldoftanks.exe
FirewallRules: [UDP Query User{48BAE7B2-8AF4-4EF9-AA81-CA1F1A925005}D:\games\wot\worldoftanks.exe] => (Block) D:\games\wot\worldoftanks.exe
FirewallRules: [{047F3304-7AC7-49B3-810B-974F2C94FB49}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14E3D980-8FDC-4BE9-91E3-1CF8467FCD35}] => (Allow) C:\Users\killi199\AppData\Local\Viber\Viber.exe
FirewallRules: [{1BAE1C2A-4F30-4265-937A-D9973FE5BEC0}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{FD98829C-0857-4909-A781-0EE1F6D82965}] => (Allow) C:\Program Files (x86)\2K Games\Firaxis Games\Sid Meier's Railroads!\RailRoads.exe
FirewallRules: [{1317D14A-31D8-4493-8F0D-890573FE0082}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{EF0929DE-1FC1-45CF-A74D-F95D097FDB4F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{DF0EE7D7-AE11-4EBD-BC3A-E387BAB44597}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A0CDCEC6-427E-4E10-BEF4-2A535964DF91}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{0E82D691-BA9A-4B2D-B391-076015BF2769}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{3F9CB9F7-4901-47E5-9869-10A034839F2A}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.20\AllShareFrameworkDMS.exe
FirewallRules: [{AB05DE38-F88B-403F-939C-29E4F5538A4E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{213C33B6-EEF1-48A5-A019-2A46AF86A163}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{DE58D97E-B035-481C-A2F4-683213EC3D02}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{42736C5B-6E5F-40D8-A156-9C3504696ADB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{95474D29-B162-44F4-96CD-3905E610ACDF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{255FA1E8-A656-4B23-80D8-CF9A31499893}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{54A18F2F-46A4-4DB7-B421-F25912B10B72}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{77A42AD8-7CB0-41A1-BEFF-75907283DF21}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{0107BF1A-9EF5-4581-BF9B-060054DA75E9}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{C54483CF-2981-4656-B042-ECFD685C3DE2}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.21\AllShareFrameworkDMS.exe
FirewallRules: [{1EC5CC5D-83F1-49F5-B7E2-1866D5772A4C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{238C7294-AD95-4B29-9145-F42EA3BB0E91}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{AAE4EA30-0491-4070-9E33-F85BFF2AA31F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{C1B52BC8-B9B8-48AF-98EE-FE4F04701D21}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [TCP Query User{3DC29F01-F678-40FD-9162-108BD10D9BFB}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [UDP Query User{B15E354E-E4AE-440A-AEA4-53A137F49219}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe] => (Allow) C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe
FirewallRules: [{093F309A-DE9E-482E-A53A-11CBF3FAD2CF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{82DFDF6D-9D4A-48AE-A149-E8F47CD834C2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{37405A0C-6252-4C27-A1D5-8A77222C5A40}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{233F80E5-9402-4A5C-86FE-74EF1723B04D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6F7F00D3-ACF9-4244-A60F-D97AA903D9BD}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{4B8F4DAD-C2A0-4635-9BE8-0DFBF9BF5414}] => (Allow) D:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{198702A5-FA57-4154-BAB3-F6868E01A893}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{BF4B3B14-5785-42EB-B8DC-E768F7526E9E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8CE14AAD-8686-408B-9511-16C1AFA6B1E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7A51BA71-504D-4505-AB9E-545DEC1EBAF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F5B9BCD8-09BA-4253-8DB1-A27BCDC4BC59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6D26879A-B699-4A4F-9EEA-224A697F6AC2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A2E7FDA9-418A-498F-91BF-64D8F0647F0B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{FE7801EF-DF6B-412C-B46A-9966EEFD653A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{190AD7A8-96B6-446E-BA74-D2A7BD882967}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{FCCD839E-CE8E-4AFD-8A40-10FFF76D5C00}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{45928324-9990-4085-8652-912BE4AC738A}] => (Allow) D:\Games\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{1A907170-3B7D-47B0-9121-0D6C48CD8224}] => (Allow) D:\Games\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{E314A8AB-A81A-4BBB-AB26-0F631122109E}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{6F4A99AE-A987-47FE-A2DF-20D184EB56BD}] => (Allow) LPort=2869
FirewallRules: [{A0721E4C-1884-493A-BEE2-2EFF48C22E11}] => (Allow) LPort=1900
FirewallRules: [{2A4A0108-F324-4FDB-9C4C-91DF12E14D2E}] => (Allow) D:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{571EA047-3751-47F7-A213-095C9532328D}] => (Allow) D:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EBEE78D8-BE0A-44BA-8ACE-1C530F029513}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{E3F7E25D-B439-4BF6-89AD-DC5FCC9D8EE2}] => (Allow) D:\Games\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{67196EEE-F434-4733-8A74-C1583FC605EA}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{1A64CA61-AEAE-486C-8DBD-AEF35E2B2E47}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{0B76E956-86FC-4D79-8D23-47F9133C3E8F}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{AC8B7E0C-0405-4246-AC11-85BE00DDFF98}] => (Allow) D:\Games\Steam\SteamApps\common\Hitman Sniper Challenge\HMSC.exe
FirewallRules: [{E8D0A4E0-560F-41FB-80E1-1D597C35E70E}] => (Allow) D:\Games\Steam\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{85B6B868-4A76-402A-A08A-E631DA0E4DD2}] => (Allow) D:\Games\Steam\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{6579BCB6-94D8-426F-98FB-4443AAB9F6DE}] => (Allow) D:\Games\Steam\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{7E267D0E-3BAB-4656-B481-144F9528AEAC}] => (Allow) D:\Games\Steam\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{ACC73794-BF17-4A22-85BA-7C4E5B0AF185}] => (Allow) D:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{0524C441-CCD0-47C8-9F53-41E190017CC2}] => (Allow) D:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{DA7775B1-9208-4F6C-9134-CAF3C6738A10}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{41223EA5-2CB2-41A4-B797-EB0D57842C21}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{FEEE0081-4055-43B0-9D3A-5E3C2DFF7251}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{57638027-F912-42BA-80A6-95A525203DC4}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{880BBBA7-9BDB-47E0-BDC6-DE88A5A4B987}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{F4FA0871-C1B6-4794-B352-F5EDC9759C0A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AirMech\AirMech.exe
FirewallRules: [{FE4E4D52-FC79-4C39-AED6-FE35ED8D2672}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{AC18C181-D94A-447F-A9AB-F10EDBEE2656}] => (Allow) D:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{F522F3B9-15DF-404C-81B4-FBB07D621087}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C75C7230-5162-4A99-ABEE-ED611BE2DA38}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{6678AD92-7E0D-4CC0-B400-1A385BEAE005}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{271341CA-F16B-4521-8E73-AC03AF7A14CB}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{2F674BF8-B9D5-47FE-8F9C-A4F4C24BB734}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{4C352046-3D88-4436-8440-193E81BDE845}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{EF54F0E4-9D2A-4767-B3E6-E61804A10E3B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BE6E3563-B761-4DEC-88F6-4982C5492627}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{8B4BAFD0-F079-4600-8D3A-65923C16D6DA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{82DE9289-3F61-4D6E-84E1-BCB2CDA5BCD5}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{0DB528BD-E9BF-4A0D-A41C-56A9352A46FD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{19A87C48-8747-4545-901E-993071287BCD}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{D30E3261-0972-4AE9-9A53-8D856B9D5C56}] => (Allow) D:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{5DB6BF48-F305-4AE0-B8B4-3370AEA91FA3}] => (Allow) D:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CBE548CA-8967-4D6D-A4EB-1BF53E341F3A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{32DFB9F9-DB24-43FD-A1A3-4D7CB8DF9F64}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{21757160-9A76-42EB-AFA7-D31FD494A348}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{E11E1AD0-629C-4C23-8DC9-281546AA603F}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{5DD86903-378B-4AFA-952B-957D9A3459EE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{437B2316-2F9F-4AE9-8BE8-7AE3066BB89B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1675\Agent.exe
FirewallRules: [{DEF5A3E6-91B8-444E-9EE4-CB3224B17CB1}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{9101D7AD-D92A-41EE-B4D9-6C0A4009DE90}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{690BE142-3A46-427E-A415-AE659C6F9434}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{3EE4EF8A-8508-4AEE-B8FF-6312EC8F2869}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{D2399518-8309-4906-AD7C-9D233252CBDA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{A3FD75E0-77B0-4AF7-A875-7FBF9E1EB3E6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2816\Agent.exe
FirewallRules: [{49CD56F2-9E82-46E7-B6E6-2D288708802F}] => (Allow) H:\Games\Starcraft2\StarCraft II\StarCraft II\StarCraft II.exe
FirewallRules: [{3F5446C7-9A30-4491-B7AB-7BBCCA7B786A}] => (Allow) H:\Games\Starcraft2\StarCraft II\StarCraft II\StarCraft II.exe
FirewallRules: [{2AEEC730-380D-4F45-95B8-0676B2AE4A0A}] => (Allow) H:\Games\Starcraft2\StarCraft II\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{C2048C36-F326-497B-9663-3E34291D7E2F}] => (Allow) H:\Games\Starcraft2\StarCraft II\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{FF73CDF8-1AD0-49A3-92C9-4ECFDA58D79D}] => (Allow) D:\Games\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{945B0EAA-F820-4328-AF48-9F6760FEFCB7}] => (Allow) D:\Games\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{5A7DF23C-4012-43B7-B6CA-470F3FE05EBE}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{D799F174-9AF3-48A6-9339-AC45FF746002}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2880\Agent.exe
FirewallRules: [{23527BF4-6AA8-44C4-B1CE-F73FE1B13E07}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{252A01F2-1A31-421C-8037-BCEFB5D9086A}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{A1161D83-D668-4697-A53E-1D43D62C15DB}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{37AF2B00-9E68-4959-AC1C-6CFAFF2CA041}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5sp.exe
FirewallRules: [{ABD39E7E-360A-4CCD-B163-1FE3C0A6AED2}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{55BAB77A-4E1C-4776-9009-1B7766A12A3F}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 3\iw5mp.exe
FirewallRules: [{817C8BB3-18E0-47AF-B939-5A4C5E179297}] => (Allow) H:\Games\Steam\SteamApps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{5DA2E0F2-4F23-4D6B-948A-9E9D47C60E63}] => (Allow) H:\Games\Steam\SteamApps\common\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{B44F86B7-7583-4904-A3E0-4B7306EEBA62}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{5FFCF7BD-87E6-4441-9ED3-40920CB92195}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\x64\FarmingSimulator2013Game.exe
FirewallRules: [{7F4EEB87-07D7-45A6-AF93-2874391614A4}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{D6675995-96A2-4470-8D2B-02511C4D6A8A}] => (Allow) D:\Games\LS2013\Landwirtschafts Simulator 2013\x86\FarmingSimulator2013Game.exe
FirewallRules: [{4213FB6E-96F5-4BBB-AA46-1C59C313CF0F}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{9133CC7F-BEEE-481D-84C1-25013C851CF1}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{D1D525C3-5E0D-451B-A08E-13D5B0DDE1F8}] => (Allow) H:\Games\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{F6973DC1-6750-4790-BF90-22EF21484C9B}] => (Allow) H:\Games\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B4243513-E0A8-4A8A-94B0-247D1AAF1E7D}] => (Allow) H:\Games\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{8FB4F0ED-F9D4-42AB-8BBE-9FA92D2139B9}] => (Allow) H:\Games\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{9993F269-0AFC-4878-8671-321B1C7B1361}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [{BA18DD15-8910-4744-86C6-507FFAE0B330}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
FirewallRules: [TelnetServer-TlntSvr-TCP-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [TelnetServer-Tlntadmn-RPC-In] => (Allow) %systemroot%\system32\tlntsvr.exe
FirewallRules: [{CA6734E2-EFA5-41E8-B7F2-AFE6FDF7B228}] => (Allow) H:\Games\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{FF2B83C8-B843-4C56-AB57-A96768845D22}] => (Allow) H:\Games\Steam\SteamApps\common\Arma 3\arma3.exe
FirewallRules: [{26846E9E-8B75-495A-B200-5CF950985524}] => (Allow) H:\Games\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{68B7DC0C-D6C0-4088-BBB7-B596F170E428}] => (Allow) H:\Games\Steam\SteamApps\common\Arma 3\arma3launcher.exe
FirewallRules: [{92128A12-53C1-4840-BD97-CDB22D2734EC}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{73D5ED45-BFEA-4214-AA6B-6B0FEE562D70}] => (Allow) C:\Program Files (x86)\Origin Games\Wing Commander III\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{9192932C-77A6-4193-BF0C-FDA17378AB36}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{DB9261C0-86F6-40B7-8AD7-D185C6026D0F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1AAB0EC-107C-4780-B9F8-5AA8C9CFEDA6}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{7CD39977-D1BC-469A-B835-26951F523763}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
FirewallRules: [{DD4900F5-67B1-48F0-AD57-84593E017682}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{F531C5E0-EA25-43C0-A84C-DA50273E9D55}] => (Allow) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
FirewallRules: [{792C04FC-E2A7-4649-A7F3-EAA407BEF9B7}] => (Allow) LPort=2869
FirewallRules: [{9F97D675-F05D-43A4-BB77-1928AF7CF8D7}] => (Allow) LPort=1900
FirewallRules: [{21D44780-1872-42F1-B63D-7B820B565D79}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{FDBECCEA-39DC-4294-AE66-97FFD0E97023}] => (Allow) E:\Games\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{A73BE99D-2A8C-4C5D-A8C2-773C2AA3D971}] => (Allow) E:\Games\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{E38FAEF9-8451-46C8-9DB4-87B9306CE9DA}] => (Allow) E:\Games\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{50BEDB23-05E9-428B-A7D3-046AB9064266}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{558467A4-8CAD-4892-9519-29EFFD09F5F3}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14_x86.exe
FirewallRules: [{0C868D2A-2ED4-4FE9-BBC2-4F1F140510E5}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{C330F7B6-4F59-49D8-ABCE-05B8C4E6E956}] => (Allow) C:\Program Files (x86)\Origin Games\Need for Speed(TM) Rivals\NFS14.exe
FirewallRules: [{6E5DA04E-6F8A-4525-B74E-F22ADC3BD4D3}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{277E2337-C7AA-4F0A-8634-83DC8B55276E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe
FirewallRules: [{3DDF7263-02FD-4904-9B21-8932E4309CC8}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{38C73479-06EC-46BE-8164-A99C238E6E79}] => (Allow) C:\Program Files (x86)\Origin Games\Dead Space\Dead Space.exe
FirewallRules: [{93E4D76F-0066-4890-8E2B-0F60F3B840E3}] => (Allow) H:\Games\Steam\SteamApps\common\CLR\clr.exe
FirewallRules: [{90EFA17C-6264-4979-A455-EEAC636257AA}] => (Allow) H:\Games\Steam\SteamApps\common\CLR\clr.exe
FirewallRules: [{847AD968-B375-42F1-BAC1-71C9551E2893}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{2698E601-7081-40FC-8822-442E7719F6BC}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4 Create A Sim Demo\Game\Bin\TS4CAS.exe
FirewallRules: [{22FA4C43-6DD2-413B-A9B0-6FD98C513EA7}] => (Allow) H:\Games\Anno2070\Anno5.exe
FirewallRules: [{F9AC1C5A-8722-4516-B7EF-9B728CC6770B}] => (Allow) H:\Games\Anno2070\Anno5.exe
FirewallRules: [{9C142473-7FC1-4B99-A5BA-6219BF827543}] => (Allow) H:\Games\Anno2070\AutoPatcher.exe
FirewallRules: [{EB520A5C-B1C8-4A19-8830-43829583C74C}] => (Allow) H:\Games\Anno2070\AutoPatcher.exe
FirewallRules: [{9CCEDC23-3C87-4868-9E27-A2D0CA898C42}] => (Allow) H:\Games\Anno2070\InitEngine.exe
FirewallRules: [{E27E9FD1-F767-4A5F-8F9C-2C0E7B2EDEA6}] => (Allow) H:\Games\Anno2070\InitEngine.exe
FirewallRules: [{C5A6834A-872A-4F7E-BA24-0FAD05366CA1}] => (Allow) E:\Games\Steam\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{84F9DAE7-C026-4820-A29C-F4A60597676A}] => (Allow) E:\Games\Steam\SteamApps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{5E04D639-9B47-4B48-A356-E434A14A538C}] => (Allow) E:\Games\Steam\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{164BC35A-251E-4D34-B393-C071EB03EA78}] => (Allow) E:\Games\Steam\SteamApps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{B64BBB64-808F-421C-A5E4-3EF9352711CF}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{7C04DFDF-5007-4194-95BA-9F54C9172BE2}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{0406E25F-0023-4A90-8FDE-1BFB358115D2}] => (Allow) E:\Games\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{320CA650-A5FA-427D-8773-A32E0154409A}] => (Allow) E:\Games\Steam\SteamApps\common\Age2HD\Launcher.exe
FirewallRules: [{708B145A-A304-444F-9F92-CA5164CDF4C6}] => (Allow) H:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{C93B7DC4-6660-4230-B6BA-4438EDA3400D}] => (Allow) H:\Games\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DDC500F8-6F66-44AB-8DC8-0FF0F67CFC46}] => (Allow) H:\Games\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{38E3DA64-4DD8-48E4-82F6-D772B31A2223}] => (Allow) H:\Games\Steam\SteamApps\common\Quake Live\quakelive_steam.exe
FirewallRules: [{71DFC278-A4E5-44C2-A30D-C0ADA03CDA3E}] => (Allow) LPort=2869
FirewallRules: [{D9B67C38-C077-4B0A-B2A5-E258A2DC9CD9}] => (Allow) LPort=1900
FirewallRules: [{3119F2F8-3001-4C2C-A15C-FE085D7A2649}] => (Allow) H:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{6D410E26-05A3-4985-8EC6-AC60F713D3C1}] => (Allow) H:\Games\Assassin's Creed IV Black Flag\AC4BFSP.exe
FirewallRules: [{293570E7-409A-4CF5-8B13-C496B3993F2F}] => (Allow) H:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{0F4AF88F-A1CD-4D82-9E0A-D132BCFEFE66}] => (Allow) H:\Games\Assassin's Creed IV Black Flag\AC4BFMP.exe
FirewallRules: [{52CFC084-DA7F-4505-9298-6F65F887162F}] => (Allow) H:\Games\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{DAE7AF4F-823D-4583-AC2C-EDF704F35EB5}] => (Allow) H:\Games\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{388AD264-0FCD-4A40-A5EB-ED867E2106B7}] => (Allow) H:\Games\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{FD985E47-7D2D-40DC-8714-0B0B5DA46A6A}] => (Allow) H:\Games\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{C6EE8A4E-906B-432C-BB50-212D7C445191}] => (Allow) H:\Games\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{867B4EE1-C0B9-48D0-A0A7-7E76CE5C92D2}] => (Allow) H:\Games\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{C21F775E-B649-422F-9074-DAEC6F6C3742}] => (Allow) H:\Games\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{FB9D2C91-B00F-4CA9-A216-D06E70D2FEF2}] => (Allow) H:\Games\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{3B95FD98-C97C-470C-B948-44947A05DB68}] => (Allow) H:\Games\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{5A5AC034-B0BE-4517-BEF1-864A9C917C1C}] => (Allow) H:\Games\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{0B0FDBB7-B706-4FCA-88E2-6DE80E2932B3}] => (Allow) H:\Games\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{D10082A8-00A5-402F-8301-8CCC5A96EA93}] => (Allow) H:\Games\Steam\SteamApps\common\Trials Fusion\datapack\trials_fusion.exe
FirewallRules: [{B2F780B2-C9EE-4824-A4A0-E9880E5B585A}] => (Allow) H:\Games\Steam\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{A9FD1E30-9B3B-45EC-9430-0070B8032407}] => (Allow) H:\Games\Steam\SteamApps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{0AA03B57-ED5E-42C6-B7D7-9C4A6E41BA50}] => (Allow) LPort=8317
FirewallRules: [{C945B27E-A7E0-40AB-9F53-192DA0DBF261}] => (Allow) H:\Games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{EA622656-E158-4DB0-B6B9-B6978E983DFC}] => (Allow) H:\Games\Assassin's Creed Unity\ACU.exe
FirewallRules: [{EDD964DD-78D5-42A3-B23F-E3D0DE7901B3}] => (Allow) E:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{EB09391A-E184-46F4-8BD4-C6F5F928B2CE}] => (Allow) E:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{A55BE414-3766-4948-9144-694AC55A1DE5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{93EB7D7A-F948-4179-8582-8B4BF2E2EA54}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{5D6D9439-0705-417D-85F0-B2E5B04FEA6A}] => (Allow) H:\Games\age\age3.exe
FirewallRules: [{58FF21EE-5EEE-498D-9E65-7D12F0D84E87}] => (Allow) H:\Games\age\age3.exe
FirewallRules: [{16FBDDE6-EB2C-4276-B818-BE58306861A8}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{76FBAC12-A074-411D-95C8-620A0540318D}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{07BDDAE3-9001-4192-B940-59EB1F728050}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{0C5419F8-733B-4273-BA69-DFDA62FA8443}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4_x86.exe
FirewallRules: [{E3A53157-A4C4-4844-AB98-6816EE1DC9C0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{15B78B95-EEE5-4927-A21F-4AFDE43B743A}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\bf4.exe
FirewallRules: [{F9D2E756-58EB-43DF-9915-349BD5A20BB5}] => (Allow) H:\Games\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{77D35072-E50D-4C32-8CFA-AD0163070193}] => (Allow) H:\Games\Steam\SteamApps\common\WormsRevolution\WormsRevolution.exe
FirewallRules: [{FED2455A-BB13-4693-898C-B8D3FEC4F5D4}] => (Allow) H:\Games\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{800B0FCB-23F2-4ADA-B774-07C113CC4FBF}] => (Allow) H:\Games\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{A101C083-177A-48D5-BD41-5F7B38C02FD8}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{4705A837-3202-41AA-888D-C00242472E9A}] => (Allow) C:\Program Files (x86)\Origin Games\Theme Hospital\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{B83CCB07-1638-4510-B3BE-1AB03CC50716}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{DDE18A54-F14D-4E5F-B270-9101FE507FEE}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{412D0655-0287-4406-B86D-F6902ED59863}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{2AD694C6-04BB-4AD0-AEBC-CD5926B2F9FA}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{F95444E0-DDF0-4EF0-88CE-08A5A2F68853}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{19D0ADA0-5225-4B0A-A177-92FB3BD4B02B}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{AA97E9A9-C4AC-405E-927E-99626A53BF80}] => (Allow) H:\Games\WarThunder\launcher.exe
FirewallRules: [{55B8E09A-F7F5-4EDD-911C-483115057955}] => (Allow) H:\Games\WarThunder\launcher.exe
FirewallRules: [{C2FAAB04-232E-4A45-81F9-C38A3F853933}] => (Allow) LPort=80
FirewallRules: [{096373DF-2E1A-4A2D-A8AF-A9E23ED8C84C}] => (Allow) LPort=443
FirewallRules: [{6BBB47C9-AAFF-441C-AB9A-95EA17AEA88C}] => (Allow) LPort=20010
FirewallRules: [{5FA659D1-D4B4-42B6-86A8-CBDDC105CF3D}] => (Allow) LPort=3478
FirewallRules: [{3AEFAAEF-9F87-4C82-A09B-0343B9115258}] => (Allow) LPort=7850
FirewallRules: [{4D4E829C-B3DA-42BE-8289-BC053B879B7E}] => (Allow) LPort=7852
FirewallRules: [{0E40F94E-7431-4251-8846-A6149E7BCE32}] => (Allow) LPort=7853
FirewallRules: [{A8E14976-75D9-43A2-A2BB-749C434C5624}] => (Allow) LPort=27022
FirewallRules: [{24623382-8CB8-4935-BB42-15D096236DF6}] => (Allow) LPort=6881
FirewallRules: [{BFEACFC2-2752-49F2-A3C2-3F58E3AB11D9}] => (Allow) LPort=33333
FirewallRules: [{C2D212A2-529E-482D-9491-AA26774295DC}] => (Allow) LPort=20443
FirewallRules: [{6B4600C4-020D-4C19-8AF1-2957E148499E}] => (Allow) LPort=8090
FirewallRules: [{51B2425B-37CA-41B1-8FE8-F6EEA3BDE56D}] => (Allow) H:\Games\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{7A319646-55F8-4782-B9FA-1ED52F44298E}] => (Allow) H:\Games\Origin\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{74627763-69E2-4C73-B82F-2373C09A54D1}] => (Allow) H:\Games\Origin\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{70EC3A5B-E884-4021-8C80-4C834CA228AB}] => (Allow) H:\Games\Origin\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{DA11FA22-35B9-4780-BC95-FDA178C80AC7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{29458F85-7C72-44C7-8B36-C82D3D8B7B64}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A8734A6A-3293-4E9E-8CD5-82B1B4151813}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{A11C1F3D-00D9-4885-82AE-8D73A531180B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6E650DD5-1DAB-48D1-B4C5-2519F97F5F3A}] => (Allow) H:\Games\Origin\BFH Beta 2\bfh.exe
FirewallRules: [{7BF2D522-520F-4F25-98A7-BA5398690BE8}] => (Allow) H:\Games\Origin\BFH Beta 2\bfh.exe
FirewallRules: [{F4EE3B0C-7524-47AB-A88B-B81BDF36E94F}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{E895CF4A-81D7-4B8B-BFAA-26445A3E7CCE}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_sp64_ship.exe
FirewallRules: [{EC0EC27C-11EF-4441-A460-836EBF64926A}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{1D1D82B8-808B-4694-9ECB-F00F6EDEB74E}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Advanced Warfare\s1_mp64_ship.exe
FirewallRules: [{19A6612C-FF68-4715-B290-7348F0DAF690}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{3EE2859E-2476-497E-9C0A-B3B79AAB69FF}] => (Allow) E:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{3C30B9D3-6AAC-4EF4-B52F-F33F59FDD0C8}] => (Allow) H:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{61D4E11E-E284-4D13-8EE8-FE8C6B07504D}] => (Allow) H:\Games\Origin\Battlefield 4\bf4_x86.exe
FirewallRules: [{FBB3A1EA-08FF-479C-8B2B-2A1C5100444A}] => (Allow) H:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{B774DDA8-7A4F-4A7F-A5EF-3B2A4A8A4DED}] => (Allow) H:\Games\Origin\Battlefield 4\bf4.exe
FirewallRules: [{C0E19766-8A96-49D8-8036-CC1D71BC2885}] => (Allow) H:\Games\Origin\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{53F0AEC6-E2A9-4AB7-B95C-0B181A41171E}] => (Allow) H:\Games\Origin\Syndicate (1993)\data\Game\DOSBox\LAUNCHER.exe
FirewallRules: [{DA2FD7AA-CBC3-4F3F-8A1A-CDFC456B6AE8}] => (Allow) H:\Games\Origin\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [{9A95E6B1-55D7-46BF-83EB-2EF5D6EFCB62}] => (Allow) H:\Games\Origin\Kingdoms of Amalur Reckoning\Reckoning.exe
FirewallRules: [TCP Query User{38818193-FE31-48B8-AFEF-07F7A424C04B}C:\users\killi199\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\killi199\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{A908707C-888E-4BB1-A1FB-BC4E14CE30BA}C:\users\killi199\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\killi199\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{ABD6215C-22C2-4E28-97C0-1D1653937B32}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{EFA666F9-8CA8-4307-BB5F-6BC49A30496A}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{667FFD2D-EE03-4A1A-9F3A-B9D3E2272220}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{20E556A5-987D-4154-90E0-E9B2D74EBBCF}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{282BFAD8-F5BE-489C-A7A1-4DD4445C8115}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{F6A6B414-55C2-4F59-B9D4-D1BE029CC537}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{EF1ACB68-B076-43E2-98ED-B207D77DDC73}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{C3B731AE-8882-4322-AD6C-E204CCAED7B1}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{695824D4-B123-449D-9123-C39D2B868ED4}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.exe
FirewallRules: [{7FDB0A83-1AFD-4059-9E66-DACC0E924472}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Warframe.x64.exe
FirewallRules: [{C7061E38-C54A-44AE-B332-E06CBF7DA419}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Tools\Launcher.exe
FirewallRules: [{31BAA1C4-41A7-417A-9EDB-B57A96232433}] => (Allow) H:\Games\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe
FirewallRules: [{2DAA2897-0B05-4DBA-A7AE-1629C78856C2}] => (Allow) H:\Games\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{E3CAE6A5-8261-4E9E-93A3-5C394FE89FB7}] => (Allow) H:\Games\Steam\SteamApps\common\3DMark\3DMarkLauncher.exe
FirewallRules: [{AEB6A35C-BFDE-452C-9B8B-313A225CD845}] => (Allow) H:\Games\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{48CB9E49-841D-473A-8945-8EB1C174B854}] => (Allow) H:\Games\Steam\SteamApps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{31C79AF3-F359-40FF-A5E6-9040B12C30E3}] => (Allow) LPort=31000
FirewallRules: [{4F6927AC-82BB-401F-B8ED-B0664B509844}] => (Allow) LPort=31000
FirewallRules: [{916EA69B-A752-4385-A05A-5F393255103B}] => (Allow) E:\Programme\RANOREX\Bin\RxEnv\iOS\iproxy.exe
FirewallRules: [{8BBB87D6-01A1-468E-8773-0399C813F60D}] => (Allow) E:\Games\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{5ADD98A8-DE58-42C9-A693-2CB40AC7A93F}] => (Allow) E:\Games\Steam\SteamApps\common\Outlast\OutlastLauncher.exe
FirewallRules: [{10D419E2-BFCB-41C5-984F-BDC3677D3DC4}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{7073E933-0F67-46A9-9114-0853DA0F140E}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
FirewallRules: [{4D73AD47-E59B-4B20-8930-8E4C9370E68B}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{30D044A5-1155-4307-A6F6-172EBF7C9DC7}] => (Allow) H:\Games\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
FirewallRules: [{94403E09-E0FD-4612-B409-A1BBA54DE91A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{78AA3A44-3134-4680-B3B5-6714A7931B5A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{570885E8-9E5F-4EA5-921F-BF773D3ED1FE}] => (Allow) H:\Games\Origin\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{1AB25AE4-CC08-4D0A-BDA7-3A48D0053E45}] => (Allow) H:\Games\Origin\Command and Conquer Generals Zero Hour\Generals.exe
FirewallRules: [{88FFEBC9-B99F-412B-BC9C-BF8BD69E3D66}] => (Allow) H:\Games\Origin\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{92BF98F5-1F0C-4290-95C0-11DAEC8230A8}] => (Allow) H:\Games\Origin\Plants vs Zombies Garden Warfare\PVZ.Main_Win64_Retail.exe
FirewallRules: [{00F0A722-ADEF-46A3-B7F6-03A42B02EE16}] => (Allow) E:\Games\Steam\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{A3377196-3E4B-4DC3-B0A8-C1F3957392D5}] => (Allow) E:\Games\Steam\SteamApps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{E72E9A89-28E6-4665-8887-DCB475A22DD1}] => (Allow) H:\Games\Origin\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{F055B9D8-5A17-47BE-AD22-3A417D6149BB}] => (Allow) H:\Games\Origin\Ultima 8\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{E95B7C7F-C486-4E24-9362-3CDFD59D2937}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C3CC21BD-2EFC-44B9-A151-7D7C52C20A8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A463D227-29CE-4D40-AEF9-DE2E44B52CAE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{151C6B45-3E42-43C4-AC24-DDB7E5A261F1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C6A3F68C-1E5E-486A-9FB9-70C6329716B5}] => (Allow) E:\Games\AgeofEmpire3\age3.exe
FirewallRules: [{00490072-59EB-465A-A1B0-957B196CBAE3}] => (Allow) E:\Games\AgeofEmpire3\age3.exe
FirewallRules: [{8F3D3F3B-132E-4F95-9C17-5AB45C80F7DD}] => (Allow) H:\Games\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{D2F2B3E7-3839-4D1B-A4C9-0400ED3AABCF}] => (Allow) H:\Games\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{8F50F75E-47B2-4201-8199-251A09A2FA00}] => (Allow) H:\Games\Origin\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{FFCA70FA-E39A-4CC5-95CB-81E676B3D63E}] => (Allow) H:\Games\Origin\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{4A5B9C02-A4FC-4C65-A268-29395C8D49CE}] => (Allow) H:\Games\Origin\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{C1E782F1-1F2F-4391-8CE6-81FD9DE1D8FA}] => (Allow) H:\Games\Origin\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{847C0627-7066-436A-ADEE-3FACBE1E1899}] => (Allow) H:\Games\Origin\Medal of Honor Allied Assault Warchest\MOHAA.exe
FirewallRules: [{EFE40C1D-2AC5-40B7-8F39-F50217DE0E2D}] => (Allow) H:\Games\Origin\Medal of Honor Allied Assault Warchest\MOHAA.exe
FirewallRules: [{A5C43E0E-0D9C-4039-B3EA-13CE088B17CA}] => (Allow) H:\Games\Origin\Dead Space 2\deadspace2.exe
FirewallRules: [{6B07577F-D1EF-4B4B-AFA6-04CA4F724903}] => (Allow) H:\Games\Origin\Dead Space 2\deadspace2.exe
FirewallRules: [{4EAE6A92-6791-4AC8-8540-224FFAA66111}] => (Allow) H:\Games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{923E8301-1E9F-4267-9392-C863EA7D0611}] => (Allow) H:\Games\Assassin's Creed III\AC3SP.exe
FirewallRules: [{A151A2ED-BA39-454A-8883-0A76F4895A28}] => (Allow) H:\Games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{792F07C6-5BF7-4A0C-97C0-DFFEC4AE32BE}] => (Allow) H:\Games\Assassin's Creed III\AC3MP.exe
FirewallRules: [{B56C330C-FAD5-4A86-98D5-768CC486245A}] => (Allow) H:\Games\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{F7DDD228-F0AB-45B0-93B4-BA7D28FDDC0F}] => (Allow) H:\Games\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{7BC80968-F137-4A84-871B-D1A248E0895F}] => (Allow) H:\Games\Origin\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{605EF1BF-FBB1-45D0-83E3-465862A13A02}] => (Allow) H:\Games\Origin\Dragon Age II\bin_ship\DragonAge2.exe
FirewallRules: [{58839E71-5C55-4C21-AFE8-EC808318D2A4}] => (Allow) H:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{9E4E8B51-5311-4872-8C20-29E729FCB531}] => (Allow) H:\Games\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{32C9486D-9D74-4908-941C-E433738A2970}] => (Allow) H:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{6FD413E5-61FF-47B1-BF38-CC780419DBB1}] => (Allow) H:\Games\Steam\SteamApps\common\Left 4 Dead 2\left4dead2.exe
FirewallRules: [{482B09D5-5E44-4791-B3D8-16B79BD9A17F}] => (Allow) H:\Games\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{2238352D-CCEC-4E6F-9E78-D9303990D0EC}] => (Allow) H:\Games\Steam\SteamApps\common\3DMark\bin\x86\3DMark.exe
FirewallRules: [{CC44AB7E-B585-4A3D-AC13-D63F4B3C2593}] => (Allow) H:\Games\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe
FirewallRules: [{9453F377-773D-4B81-BA3A-56B1C9A2F1FC}] => (Allow) H:\Games\Steam\SteamApps\common\3DMark\bin\x64\3DMark.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/06/2015 10:12:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 10:10:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 2.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x26b4
Startzeit der fehlerhaften Anwendung: 0xAI Suite II.exe0
Pfad der fehlerhaften Anwendung: AI Suite II.exe1
Pfad des fehlerhaften Moduls: AI Suite II.exe2
Berichtskennung: AI Suite II.exe3

Error: (06/06/2015 08:33:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 08:32:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 2.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x275c
Startzeit der fehlerhaften Anwendung: 0xAI Suite II.exe0
Pfad der fehlerhaften Anwendung: AI Suite II.exe1
Pfad des fehlerhaften Moduls: AI Suite II.exe2
Berichtskennung: AI Suite II.exe3

Error: (06/05/2015 09:34:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:32:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 2.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x25dc
Startzeit der fehlerhaften Anwendung: 0xAI Suite II.exe0
Pfad der fehlerhaften Anwendung: AI Suite II.exe1
Pfad des fehlerhaften Moduls: AI Suite II.exe2
Berichtskennung: AI Suite II.exe3

Error: (06/05/2015 06:54:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.25.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9d8c

Startzeit: 01d09faba6b8dc2c

Endzeit: 23

Anwendungspfad: C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe

Berichts-ID: 818ade3c-0ba3-11e5-8965-c86000def8d8

Error: (06/05/2015 04:53:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 04:51:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AI Suite II.exe, Version: 2.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18839, Zeitstempel: 0x553e88ab
Ausnahmecode: 0x0eedfade
Fehleroffset: 0x0000c42d
ID des fehlerhaften Prozesses: 0x248c
Startzeit der fehlerhaften Anwendung: 0xAI Suite II.exe0
Pfad der fehlerhaften Anwendung: AI Suite II.exe1
Pfad des fehlerhaften Moduls: AI Suite II.exe2
Berichtskennung: AI Suite II.exe3

Error: (06/05/2015 03:39:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (06/06/2015 10:12:28 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/06/2015 10:10:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/06/2015 08:33:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/06/2015 08:31:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/05/2015 09:34:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/05/2015 09:32:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/05/2015 04:53:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/05/2015 04:51:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "UAC-Dateivirtualisierung" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (06/05/2015 04:27:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/05/2015 04:27:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.


Microsoft Office:
=========================
Error: (06/06/2015 10:12:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 10:10:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AI Suite II.exe2.0.0.000000000KERNELBASE.dll6.1.7601.18839553e88ab0eedfade0000c42d26b401d0a03046fbb2e1C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exeC:\Windows\syswow64\KERNELBASE.dll87fab92d-0c23-11e5-aa05-c86000def8d8

Error: (06/06/2015 08:33:42 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2015 08:32:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AI Suite II.exe2.0.0.000000000KERNELBASE.dll6.1.7601.18839553e88ab0eedfade0000c42d275c01d0a02285d1d043C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exeC:\Windows\syswow64\KERNELBASE.dllc6bab62c-0c15-11e5-b526-c86000def8d8

Error: (06/05/2015 09:34:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 09:32:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AI Suite II.exe2.0.0.000000000KERNELBASE.dll6.1.7601.18839553e88ab0eedfade0000c42d25dc01d09fc65b55cd88C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exeC:\Windows\syswow64\KERNELBASE.dll9d65d2a4-0bb9-11e5-a35e-c86000def8d8

Error: (06/05/2015 06:54:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.25.189d8c01d09faba6b8dc2c23C:\Program Files\Java\jre1.8.0_25\bin\javaw.exe818ade3c-0ba3-11e5-8965-c86000def8d8

Error: (06/05/2015 04:53:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/05/2015 04:51:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AI Suite II.exe2.0.0.000000000KERNELBASE.dll6.1.7601.18839553e88ab0eedfade0000c42d248c01d09f9f2713a98bC:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exeC:\Windows\syswow64\KERNELBASE.dll67f7fb83-0b92-11e5-8965-c86000def8d8

Error: (06/05/2015 03:39:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


CodeIntegrity Errors:
===================================
  Date: 2015-05-25 21:59:16.035
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-25 12:31:00.690
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-19 16:10:59.575
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-19 15:02:36.592
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-19 14:39:20.018
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-19 14:21:14.906
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-05-09 19:15:16.482
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-28 12:10:00.525
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-23 14:06:33.909
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-04-18 11:39:56.417
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\sxs.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 32%
Total physical RAM: 16336.92 MB
Available physical RAM: 11000.95 MB
Total Pagefile: 32672.05 MB
Available Pagefile: 26324.14 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.37 GB) (Free:52.98 GB) NTFS
Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:202.29 GB) NTFS
Drive h: (Daten2) (Fixed) (Total:2794.39 GB) (Free:1551.54 GB) NTFS
Drive j: (Kevin Extern) (Fixed) (Total:698.63 GB) (Free:433.72 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: D4C05852)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 64857AA1)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: F6BF8656)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=238.4 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 698.6 GB) (Disk ID: 00027032)
Partition 1: (Not Active) - (Size=698.6 GB) - (Type=07 NTFS)

==================== End of log ============================
--- --- ---

killi199 06.06.2015 12:23
GMER
Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-06-06 11:13:27
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP4T0L0-4 SAMSUNG_SSD_830_Series rev.CXM03B1Q 238,47GB
Running: ylgv54n1.exe; Driver: C:\Users\killi199\AppData\Local\Temp\pwrdrkod.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe[2008] C:\Windows\SysWOW64\ntdll.dll!NtQueryValueKey                                                                                                                                000000007769faf4 5 bytes JMP 0000000170a02e30
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe[2008] C:\Windows\SysWOW64\ntdll.dll!NtProtectVirtualMemory                                                                                                                        00000000776a0084 5 bytes JMP 0000000170a02df0
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                        0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                          0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                        0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                        0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                            0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                    0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                            0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                    0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                          0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                        0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                          0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                              0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                          0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                        0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                    0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe[2316] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                    0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                  0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                    0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                            0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                    0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                            0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                  0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                        0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                  0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                      0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                  0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                            0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe[2496] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                            0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                                                    00000000771a2ab1 5 bytes JMP 000000010110f046
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                              0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                              0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                              0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                  0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                          0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                  0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                          0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                      0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                              0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                    0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                              0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                          0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe[3988] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                          0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                                                                                                            0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                                                                                                              0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                                                                                                            0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                                                                                                            0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                                                                                                              0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                                        0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                                                                                                              0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                                        0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                                                                                                              0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                                                                                                  0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                                            0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                                                                                                              0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                                                                                                0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                                                                                                              0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                                                                                                            0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                                        0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\Steam.exe[4336] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                                        0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                        0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                          0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                        0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                        0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                            0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                    0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                            0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                    0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                          0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                        0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                          0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                              0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                          0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                        0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                    0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe[4660] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                    0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExW + 17                                                                                                                                        0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!EnumProcessModules + 17                                                                                                                                          0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 17                                                                                                                                        0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 42                                                                                                                                        0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!EnumDeviceDrivers + 17                                                                                                                                            0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                    0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!QueryWorkingSetEx + 17                                                                                                                                            0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                    0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameW + 17                                                                                                                                          0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!EnumProcesses + 17                                                                                                                                                0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                        0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetPerformanceInfo + 17                                                                                                                                          0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!QueryWorkingSet + 17                                                                                                                                              0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetModuleBaseNameA + 17                                                                                                                                          0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetModuleFileNameExA + 17                                                                                                                                        0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                    0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe[4256] C:\Windows\syswow64\Psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                    0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                      0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                        0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                      0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                      0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                          0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                  0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                          0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                  0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                        0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                              0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                      0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                        0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                            0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                        0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                      0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                  0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe[5636] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                  0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                    0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                      0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                    0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                    0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                      0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                      0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                      0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                          0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                    0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                      0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                        0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                      0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                    0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe[5676] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                          0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                            0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                          0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                          0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                              0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                      0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                              0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                      0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                            0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                  0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                          0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                            0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                            0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                          0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                      0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe[8528] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                      0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                                    0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                                      0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                                    0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                                    0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                                      0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                                0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                                      0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                                0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                                      0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                          0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                                    0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                                      0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                        0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                                      0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                                    0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                                0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Agent.exe[8768] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                                0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                          0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                            0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                          0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                          0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                              0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                      0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                              0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                      0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                            0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                  0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                          0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                            0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                            0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17
der Rest folgt.

killi199 06.06.2015 12:26
Code:
                                                                                                                          0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                      0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe[10928] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                      0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                          0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                            0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                          0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                          0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                            0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                      0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                            0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                      0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                            0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                          0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                            0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                              0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                            0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                          0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                      0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe[11148] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                      0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                                                                                                0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                                                                                                  0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                                                                                                0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                                                                                                0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\KERNEL32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                                                                                                    0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                            0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                                                                                                    0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                            0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                                                                                                  0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                                                                                        0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                                0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                                                                                                  0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                                                                                      0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                                                                                                  0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                                                                                                0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                            0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\BlueStacks\HD-Service.exe[10796] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                            0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\KERNEL32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                                                              0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                                                                0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                                                              0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                                                              0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                                                                  0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                                                          0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                                                                  0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                                                          0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                                                                0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                                                                      0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                                                              0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                                                                0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                                                                    0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                                                                0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                                                              0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                                                          0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Steam\bin\steamwebhelper.exe[9996] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                                                          0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17                                                                                                                                        0000000076ae1401 2 bytes JMP 75a6b21b C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17                                                                                                                                          0000000076ae1419 2 bytes JMP 75a6b346 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17                                                                                                                                        0000000076ae1431 2 bytes JMP 75ae8f29 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42                                                                                                                                        0000000076ae144a 2 bytes CALL 75a4489d C:\Windows\syswow64\kernel32.dll
.text    ...                                                                                                                                                                                                                                                            * 9
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17                                                                                                                                          0000000076ae14dd 2 bytes JMP 75ae8822 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17                                                                                                                                    0000000076ae14f5 2 bytes JMP 75ae89f8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17                                                                                                                                          0000000076ae150d 2 bytes JMP 75ae8718 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17                                                                                                                                    0000000076ae1525 2 bytes JMP 75ae8ae2 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17                                                                                                                                          0000000076ae153d 2 bytes JMP 75a5fca8 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17                                                                                                                                              0000000076ae1555 2 bytes JMP 75a668ef C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17                                                                                                                                        0000000076ae156d 2 bytes JMP 75ae8fe3 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17                                                                                                                                          0000000076ae1585 2 bytes JMP 75ae8b42 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17                                                                                                                                            0000000076ae159d 2 bytes JMP 75ae86dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17                                                                                                                                          0000000076ae15b5 2 bytes JMP 75a5fd41 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17                                                                                                                                        0000000076ae15cd 2 bytes JMP 75a6b2dc C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20                                                                                                                                    0000000076ae16b2 2 bytes JMP 75ae8ea4 C:\Windows\syswow64\kernel32.dll
.text    C:\Program Files (x86)\Common Files\Steam\SteamService.exe[4608] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31                                                                                                                                    0000000076ae16bd 2 bytes JMP 75ae8671 C:\Windows\syswow64\kernel32.dll
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                                                                                                                            00000000774a13ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                                                                                                                            00000000774a1544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                                                                                                                    00000000774a18ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                                                                                                                  00000000774a1ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                                                                                                                      00000000774a1d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31                                                                                                                                          00000000774a1e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                                                                                                                        00000000774a1f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                                                                                                                            00000000774a2238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531                                                                                                                00000000774a2683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                                                                                                                        00000000774a26a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                                                                                                                      00000000774a26c2 8 bytes {JMP 0x10}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79                                                                                                      00000000774a271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184                                                                                                      00000000774a2788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 4
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299                                                                                                              00000000774a2b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375                                                                                                              00000000774a2b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 2
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                                                                                                                          00000000774a306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                                                                                                                          00000000774a31f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318                                                                                                                                        00000000774a388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403                                                                                                                                        00000000774a38e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197                                                                                                            00000000774a39b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                                                                                                                      00000000774a3f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                                                                                                                    00000000774a4001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                                                                                                                    00000000774a4075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 3
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                                                                                                                        00000000774a41b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                                                                                                                        00000000774a41f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                                                                                                                  00000000774a4461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                                                                                                                      00000000774a464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                                                                                                                      00000000774a4713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                                                                                                                  00000000774a4807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                                                                                                                  00000000774a4926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 2
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256                                                                                                                  00000000774a4a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                                                                                                                    00000000774a4aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501                                                                                                                  00000000774a4ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                                                                                                                            00000000774a4ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                                                                                                                      00000000774a4fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                                                                                                                        00000000774a5193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                                                                                                                        00000000774a5f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                                                                                                                        00000000774a6016 8 bytes [70, 6C, F8, FF, 00, 00, 00, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!atol + 194                                                                                                                                            00000000774a610e 8 bytes [60, 6C, F8, FF, 00, 00, 00, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76                                                                                                                                            00000000774a62fc 8 bytes [50, 6C, F8, FF, 00, 00, 00, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45                                                                                                              00000000774a633d 8 bytes [40, 6C, F8, FF, 00, 00, 00, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4                                                                                                                  00000000774a6354 8 bytes [30, 6C, F8, FF, 00, 00, 00, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92                                                                                                                00000000774a63ac 8 bytes [20, 6C, F8, FF, 00, 00, 00, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                                                                                                                          00000000774a6b76 8 bytes [10, 6C, F8, FF, 00, 00, 00, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                                                                                                00000000774edc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                                                                                                              00000000774ede00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                                                                                    00000000774ede30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                                                                                  00000000774edf50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                                                                                                      00000000774ee000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                                                                                                      00000000774ee630 8 bytes {JMP QWORD [RIP-0x47102]}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                                                                                                    00000000774ee880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                                                                                                    00000000774ef0e0 8 bytes JMP 3f3f3f3f
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312                                                                                                                  0000000074f313cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471                                                                                                                  0000000074f3146b 8 bytes {JMP 0xffffffffffffffb0}
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                                                                                                                              0000000074f316d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                                                                                                                            0000000074f319db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                                                                                                                            0000000074f319fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe[24512] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                                                                                                                      0000000074f31a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 159                                                                                                                                                        00000000774a13ef 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpEnsureBufferSize + 500                                                                                                                                                        00000000774a1544 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlDeleteAce + 126                                                                                                                                                                00000000774a18ce 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!_vsnwprintf_s + 212                                                                                                                                                              00000000774a1ba8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateActivationContext + 373                                                                                                                                                  00000000774a1d25 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!isalpha + 31                                                                                                                                                                      00000000774a1e8f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!_strnicmp + 89                                                                                                                                                                    00000000774a1f75 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlImpersonateSelfEx + 680                                                                                                                                                        00000000774a2238 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlInstallFunctionTableCallback + 531                                                                                                                                            00000000774a2683 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlIsGenericTableEmptyAvl + 16                                                                                                                                                    00000000774a26a0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableAvl + 18                                                                                                                                                  00000000774a26c2 8 bytes {JMP 0x10}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 79                                                                                                                                  00000000774a271f 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlEnumerateGenericTableWithoutSplayingAvl + 184                                                                                                                                  00000000774a2788 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 4
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 299                                                                                                                                          00000000774a2b4b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlValidRelativeSecurityDescriptor + 375                                                                                                                                          00000000774a2b97 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 2
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 523                                                                                                                                                      00000000774a306b 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlQueryRegistryValues + 920                                                                                                                                                      00000000774a31f8 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 318                                                                                                                                                                    00000000774a388e 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!_itow_s + 403                                                                                                                                                                    00000000774a38e3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpCheckDynamicTimeZoneInformation + 197                                                                                                                                        00000000774a39b5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetLCIDFromLangInfoNode + 80                                                                                                                                                  00000000774a3f50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 161                                                                                                                                                00000000774a4001 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpGetNameFromLangInfoNode + 277                                                                                                                                                00000000774a4075 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 3
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 214                                                                                                                                                    00000000774a41b6 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpIsQualifiedLanguage + 276                                                                                                                                                    00000000774a41f4 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlpNtOpenKey + 609                                                                                                                                                              00000000774a4461 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 284                                                                                                                                                  00000000774a464c 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberOfSetBitsUlongPtr + 483                                                                                                                                                  00000000774a4713 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 231                                                                                                                                                              00000000774a4807 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!TpWaitForWait + 518                                                                                                                                                              00000000774a4926 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    ...                                                                                                                                                                                                                                                            * 2
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlDeactivateActivationContext + 256                                                                                                                                              00000000774a4a50 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContext + 67                                                                                                                                                00000000774a4aa3 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlActivateActivationContextEx + 501                                                                                                                                              00000000774a4ca5 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlCreateUserThread + 256                                                                                                                                                        00000000774a4ea0 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringExW + 247                                                                                                                                                  00000000774a4fa7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlIpv6AddressToStringW + 483                                                                                                                                                    00000000774a5193 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!TpReleaseAlpcCompletion + 438                                                                                                                                                    00000000774a5f46 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!EtwEventProviderEnabled + 198                                                                                                                                                    00000000774a6016 8 bytes [70, 6C, F8, 7E, 00, 00, 00, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!atol + 194                                                                                                                                                                        00000000774a610e 8 bytes [60, 6C, F8, 7E, 00, 00, 00, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!qsort + 76                                                                                                                                                                        00000000774a62fc 8 bytes [50, 6C, F8, 7E, 00, 00, 00, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlLookupElementGenericTableFullAvl + 45                                                                                                                                          00000000774a633d 8 bytes [40, 6C, F8, 7E, 00, 00, 00, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 4                                                                                                                                              00000000774a6354 8 bytes [30, 6C, F8, 7E, 00, 00, 00, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlNumberGenericTableElementsAvl + 92                                                                                                                                            00000000774a63ac 8 bytes [20, 6C, F8, 7E, 00, 00, 00, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!RtlSubtreePredecessor + 790                                                                                                                                                      00000000774a6b76 8 bytes [10, 6C, F8, 7E, 00, 00, 00, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtSetInformationThread                                                                                                                                                            00000000774edc80 8 bytes {JMP QWORD [RIP-0x47949]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtQueryInformationThread                                                                                                                                                          00000000774ede00 8 bytes {JMP QWORD [RIP-0x47ab2]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtMapViewOfSection                                                                                                                                                                00000000774ede30 8 bytes {JMP QWORD [RIP-0x47e20]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtWriteVirtualMemory                                                                                                                                                              00000000774edf50 8 bytes {JMP QWORD [RIP-0x47c5a]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtQueueApcThread                                                                                                                                                                  00000000774ee000 8 bytes {JMP QWORD [RIP-0x47ef8]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtCreateThreadEx                                                                                                                                                                  00000000774ee630 8 bytes {JMP QWORD [RIP-0x47102]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtGetContextThread                                                                                                                                                                00000000774ee880 8 bytes {JMP QWORD [RIP-0x47d10]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\ntdll.dll!NtSetContextThread                                                                                                                                                                00000000774ef0e0 8 bytes {JMP QWORD [RIP-0x48d3a]}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 312                                                                                                                                              0000000074f313cc 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuInitializeStartupContext + 471                                                                                                                                              0000000074f3146b 8 bytes {JMP 0xffffffffffffffb0}
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuProcessInit + 611                                                                                                                                                          0000000074f316d7 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuGetStackPointer + 23                                                                                                                                                        0000000074f319db 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuSetStackPointer + 23                                                                                                                                                        0000000074f319fb 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]
.text    C:\Users\killi199\Downloads\ylgv54n1.exe[25744] C:\Windows\SYSTEM32\wow64cpu.dll!CpuFlushInstructionCache + 23                                                                                                                                                  0000000074f31a63 8 bytes [0D, F0, AD, BA, DE, C0, AD, ...]

---- Threads - GMER 2.1 ----

Thread  C:\Windows\SysWOW64\ntdll.dll [4136:4140]                                                                                                                                                                                                                      0000000000a41716
Thread  C:\Windows\SysWOW64\ntdll.dll [4136:4452]                                                                                                                                                                                                                      0000000070737c20
Thread  C:\Windows\SysWOW64\ntdll.dll [4136:11956]                                                                                                                                                                                                                      000000005bd2aec5
Thread  C:\Windows\SysWOW64\ntdll.dll [4136:12052]                                                                                                                                                                                                                      000000006a3c784b
---- Processes - GMER 2.1 ----

Library  c:\users\killi199\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmph8rjjs.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256](2015-06-06 08:10:34)                                      00000000039c0000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5Core.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:24)          0000000051890000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\icuin52.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (ICU I18N DLL/The ICU Project)(2015-03-04 21:45:30)                                                          000000004a900000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\icuuc52.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (ICU Common DLL/The ICU Project)(2015-03-04 21:45:30)                                                        0000000005cd0000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\icudt52.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (ICU Data DLL/The ICU Project)(2015-03-04 21:45:30)                                                          000000004ad00000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5Widgets.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)        0000000050700000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5Gui.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            0000000050410000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\libGLESv2.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256](2015-03-04 21:45:30)                                                                                        0000000050350000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5Network.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)        0000000050070000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5WebKit.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)        0000000006990000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5Quick.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)          0000000005f90000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5Qml.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            0000000065070000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5Sql.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)            0000000077840000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\libEGL.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256](2015-03-04 21:45:30)                                                                                          000000005a8f0000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5WebKitWidgets.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:28)  0000000077810000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5OpenGL.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)        0000000062110000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\Qt5PrintSupport.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256] (C++ application development framework./Digia Plc and/or its subsidiary(-ies))(2015-03-04 21:45:26)  000000000fb60000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256](2015-03-04 21:45:30)                                                                      000000000f5f0000
Library  C:\Users\killi199\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll (*** suspicious ***) @ C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe [4256](2015-03-04 21:45:30)                                                                      000000000f300000

---- Registry - GMER 2.1 ----

Reg      HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EA1D5B8-4B77-41AB-94F4-8911B0268218}@LeaseObtainedTime                                                                                                                                    1433581181
Reg      HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EA1D5B8-4B77-41AB-94F4-8911B0268218}@T1                                                                                                                                                    1433581308
Reg      HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EA1D5B8-4B77-41AB-94F4-8911B0268218}@T2                                                                                                                                                    1433581404
Reg      HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{0EA1D5B8-4B77-41AB-94F4-8911B0268218}@LeaseTerminatesTime                                                                                                                                  1433581436

---- EOF - GMER 2.1 ----
Danke im voraus für eure Hilfe :)

schrauber 06.06.2015 14:35
hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Ask Toolbar


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

killi199 06.06.2015 16:07
Malwarebytes Anti-Rootkit
Code:
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.06.06.03
  rootkit: v2015.06.02.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
killi199 :: KILLI199-PC [administrator]

06.06.2015 16:43:51
mbar-log-2015-06-06 (16-43-51).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 420962
Time elapsed: 9 minute(s), 57 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Rest folgt

killi199 06.06.2015 16:08
TDSSKiller
Code:
17:01:37.0491 0x16c04  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:01:42.0185 0x16c04  ============================================================
17:01:42.0185 0x16c04  Current date / time: 2015/06/06 17:01:42.0185
17:01:42.0185 0x16c04  SystemInfo:
17:01:42.0185 0x16c04 
17:01:42.0185 0x16c04  OS Version: 6.1.7601 ServicePack: 1.0
17:01:42.0185 0x16c04  Product type: Workstation
17:01:42.0185 0x16c04  ComputerName: KILLI199-PC
17:01:42.0185 0x16c04  UserName: killi199
17:01:42.0185 0x16c04  Windows directory: C:\Windows
17:01:42.0185 0x16c04  System windows directory: C:\Windows
17:01:42.0185 0x16c04  Running under WOW64
17:01:42.0186 0x16c04  Processor architecture: Intel x64
17:01:42.0186 0x16c04  Number of processors: 8
17:01:42.0186 0x16c04  Page size: 0x1000
17:01:42.0186 0x16c04  Boot type: Normal boot
17:01:42.0186 0x16c04  ============================================================
17:01:42.0401 0x16c04  KLMD registered as C:\Windows\system32\drivers\30630003.sys
17:01:42.0486 0x16c04  System UUID: {3BD3CBAB-D6CB-056C-B7E8-D83555007234}
17:01:42.0757 0x16c04  Drive \Device\Harddisk2\DR2 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:01:42.0761 0x16c04  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:01:42.0793 0x16c04  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:01:42.0796 0x16c04  Drive \Device\Harddisk3\DR3 - Size: 0xAEA8A00000 ( 698.63 Gb ), SectorSize: 0x200, Cylinders: 0x16440, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:01:48.0394 0x16c04  ============================================================
17:01:48.0394 0x16c04  \Device\Harddisk2\DR2:
17:01:48.0394 0x16c04  MBR partitions:
17:01:48.0394 0x16c04  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
17:01:48.0394 0x16c04  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1DCC0000
17:01:48.0394 0x16c04  \Device\Harddisk0\DR0:
17:01:48.0394 0x16c04  MBR partitions:
17:01:48.0394 0x16c04  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
17:01:48.0394 0x16c04  \Device\Harddisk1\DR1:
17:01:48.0394 0x16c04  GPT partitions:
17:01:48.0395 0x16c04  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {07C78442-8DC0-11E3-9398-ED5EC4EB4C2C}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
17:01:48.0395 0x16c04  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {20434382-7741-42B2-BC53-7FC3E1DE89B8}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
17:01:48.0395 0x16c04  MBR partitions:
17:01:48.0395 0x16c04  \Device\Harddisk3\DR3:
17:01:48.0425 0x16c04  MBR partitions:
17:01:48.0425 0x16c04  \Device\Harddisk3\DR3\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x57544800
17:01:48.0425 0x16c04  ============================================================
17:01:48.0426 0x16c04  C: <-> \Device\Harddisk2\DR2\Partition2
17:01:48.0448 0x16c04  E: <-> \Device\Harddisk0\DR0\Partition1
17:01:48.0499 0x16c04  H: <-> \Device\Harddisk1\DR1\Partition2
17:01:48.0559 0x16c04  J: <-> \Device\Harddisk3\DR3\Partition1
17:01:48.0559 0x16c04  ============================================================
17:01:48.0559 0x16c04  Initialize success
17:01:48.0559 0x16c04  ============================================================
17:01:58.0243 0x170cc  ============================================================
17:01:58.0243 0x170cc  Scan started
17:01:58.0243 0x170cc  Mode: Manual;
17:01:58.0243 0x170cc  ============================================================
17:01:58.0243 0x170cc  KSN ping started
17:02:15.0074 0x170cc  KSN ping finished: true
17:02:20.0949 0x170cc  ================ Scan system memory ========================
17:02:20.0949 0x170cc  Scan was interrupted by user!
17:02:20.0965 0x170cc  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
17:02:20.0966 0x170cc  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
17:02:26.0846 0x170cc  ============================================================
17:02:26.0846 0x170cc  Scan finished
17:02:26.0846 0x170cc  ============================================================
17:02:26.0849 0x16c04  Detected object count: 0
17:02:26.0849 0x16c04  Actual detected object count: 0
17:02:52.0001 0x50a8  ============================================================
17:02:52.0001 0x50a8  Scan started
17:02:52.0001 0x50a8  Mode: Manual; SigCheck; TDLFS;
17:02:52.0001 0x50a8  ============================================================
17:02:52.0001 0x50a8  KSN ping started
17:02:57.0730 0x50a8  KSN ping finished: true
17:03:03.0417 0x50a8  ================ Scan system memory ========================
17:03:03.0417 0x50a8  System memory - ok
17:03:03.0417 0x50a8  ================ Scan services =============================
17:03:03.0448 0x50a8  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:03:03.0474 0x50a8  1394ohci - ok
17:03:03.0482 0x50a8  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:03:03.0492 0x50a8  ACPI - ok
17:03:03.0494 0x50a8  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
17:03:03.0508 0x50a8  AcpiPmi - ok
17:03:03.0514 0x50a8  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:03:03.0520 0x50a8  AdobeARMservice - ok
17:03:03.0540 0x50a8  [ B04A4810C6CC205F9DC72DC22E4AB236, 547321F5C28C80D4818372D65E2A33D4BAC593015DD6613B24586FE4B4A95D5D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:03:03.0549 0x50a8  AdobeFlashPlayerUpdateSvc - ok
17:03:03.0559 0x50a8  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
17:03:03.0572 0x50a8  adp94xx - ok
17:03:03.0580 0x50a8  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
17:03:03.0591 0x50a8  adpahci - ok
17:03:03.0596 0x50a8  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
17:03:03.0604 0x50a8  adpu320 - ok
17:03:03.0608 0x50a8  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
17:03:03.0616 0x50a8  AeLookupSvc - ok
17:03:03.0626 0x50a8  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD            C:\Windows\system32\drivers\afd.sys
17:03:03.0639 0x50a8  AFD - ok
17:03:03.0642 0x50a8  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:03:03.0648 0x50a8  agp440 - ok
17:03:03.0651 0x50a8  [ 09E8B8A83D020248F90D0E389A1F880B, 0E99950BD89FDF47258FD40CFD6F47889491566F45F6820125A4D422ACE726B7 ] AIDA64Driver    C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64
17:03:03.0658 0x50a8  AIDA64Driver - ok
17:03:03.0661 0x50a8  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
17:03:03.0671 0x50a8  ALG - ok
17:03:03.0673 0x50a8  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:03:03.0678 0x50a8  aliide - ok
17:03:03.0690 0x50a8  [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
17:03:03.0700 0x50a8  AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
17:03:09.0491 0x50a8  Detect skipped due to KSN trusted
17:03:09.0491 0x50a8  AllShare Framework DMS - ok
17:03:09.0494 0x50a8  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:03:09.0499 0x50a8  amdide - ok
17:03:09.0502 0x50a8  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
17:03:09.0510 0x50a8  AmdK8 - ok
17:03:09.0513 0x50a8  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
17:03:09.0520 0x50a8  AmdPPM - ok
17:03:09.0523 0x50a8  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
17:03:09.0530 0x50a8  amdsata - ok
17:03:09.0535 0x50a8  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:03:09.0543 0x50a8  amdsbs - ok
17:03:09.0545 0x50a8  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
17:03:09.0551 0x50a8  amdxata - ok
17:03:09.0554 0x50a8  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID          C:\Windows\system32\drivers\appid.sys
17:03:09.0561 0x50a8  AppID - ok
17:03:09.0564 0x50a8  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:03:09.0570 0x50a8  AppIDSvc - ok
17:03:09.0573 0x50a8  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
17:03:09.0580 0x50a8  Appinfo - ok
17:03:09.0585 0x50a8  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\Windows\System32\appmgmts.dll
17:03:09.0594 0x50a8  AppMgmt - ok
17:03:09.0597 0x50a8  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
17:03:09.0603 0x50a8  arc - ok
17:03:09.0607 0x50a8  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:03:09.0613 0x50a8  arcsas - ok
17:03:09.0617 0x50a8  [ EB6DC008A1F36DFD7999EB57E97EAACE, 2652798D622A751AD84429E03266F32B4EE86DECC34CA8153790D04F43E03A66 ] asahci64        C:\Windows\system32\DRIVERS\asahci64.sys
17:03:09.0622 0x50a8  asahci64 - ok
17:03:09.0641 0x50a8  [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
17:03:09.0660 0x50a8  asComSvc - ok
17:03:09.0679 0x50a8  [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
17:03:09.0699 0x50a8  asHmComSvc - ok
17:03:09.0702 0x50a8  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
17:03:09.0708 0x50a8  AsIO - ok
17:03:09.0712 0x50a8  [ 0D721BEDC99072972A1C09C9FE549B07, 1FAECF6BE04A8AA9B31AD155CECAE097E3FBF3AD90D3895CC8AAA12410966CF0 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
17:03:09.0721 0x50a8  asmthub3 - ok
17:03:09.0729 0x50a8  [ C401B8F26490DC3E5E47D3A91F87CD00, 6B0EF7097C0644CD0D7BD254729E3C43027F8A02FE6A368382E44077AE5D2085 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
17:03:09.0742 0x50a8  asmtxhci - ok
17:03:09.0756 0x50a8  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:03:09.0762 0x50a8  aspnet_state - ok
17:03:09.0767 0x50a8  [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
17:03:09.0773 0x50a8  AsSysCtrlService - ok
17:03:09.0776 0x50a8  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:03:09.0807 0x50a8  AsyncMac - ok
17:03:09.0810 0x50a8  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
17:03:09.0814 0x50a8  atapi - ok
17:03:09.0855 0x50a8  [ FA196131665C0517EF5516EE64C2CB4D, 864FC74041A954B42D02AE405B145C0824EE80A12EACC739F75AFE60B0BFF8BD ] athr            C:\Windows\system32\DRIVERS\athrx.sys
17:03:09.0905 0x50a8  athr - ok
17:03:09.0919 0x50a8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:03:09.0935 0x50a8  AudioEndpointBuilder - ok
17:03:09.0946 0x50a8  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:03:09.0960 0x50a8  AudioSrv - ok
17:03:09.0970 0x50a8  [ AB1AF0BA03DCB6A879BC22F472EACEEA, A75B73D0B1FE885F6DC2C7A0B755A6E12F9DC54CE702A1FFC3F283196793627A ] AVP15.0.1      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
17:03:09.0978 0x50a8  AVP15.0.1 - ok
17:03:09.0982 0x50a8  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:03:09.0996 0x50a8  AxInstSV - ok
17:03:10.0006 0x50a8  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
17:03:10.0018 0x50a8  b06bdrv - ok
17:03:10.0025 0x50a8  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:03:10.0036 0x50a8  b57nd60a - ok
17:03:10.0043 0x50a8  [ 326E77EA6E9BF27C7CD2837D65DB96C7, BDADECEFFF828BE1F77809788B1219B55F0C46BC83B17A62039C5EF71A657528 ] BazisVirtualCDBus C:\Windows\system32\DRIVERS\BazisVirtualCDBus.sys
17:03:10.0052 0x50a8  BazisVirtualCDBus - ok
17:03:10.0057 0x50a8  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:03:10.0065 0x50a8  BDESVC - ok
17:03:10.0067 0x50a8  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:03:10.0085 0x50a8  Beep - ok
17:03:10.0099 0x50a8  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
17:03:10.0117 0x50a8  BFE - ok
17:03:10.0133 0x50a8  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:03:10.0184 0x50a8  BITS - ok
17:03:10.0187 0x50a8  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:03:10.0194 0x50a8  blbdrive - ok
17:03:10.0197 0x50a8  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:03:10.0204 0x50a8  bowser - ok
17:03:10.0207 0x50a8  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:03:10.0214 0x50a8  BrFiltLo - ok
17:03:10.0216 0x50a8  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:03:10.0224 0x50a8  BrFiltUp - ok
17:03:10.0228 0x50a8  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:03:10.0246 0x50a8  BridgeMP - ok
17:03:10.0250 0x50a8  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
17:03:10.0259 0x50a8  Browser - ok
17:03:10.0266 0x50a8  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
17:03:10.0278 0x50a8  Brserid - ok
17:03:10.0280 0x50a8  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:03:10.0288 0x50a8  BrSerWdm - ok
17:03:10.0290 0x50a8  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:03:10.0298 0x50a8  BrUsbMdm - ok
17:03:10.0300 0x50a8  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:03:10.0305 0x50a8  BrUsbSer - ok
17:03:10.0315 0x50a8  [ F1CD9BF45E150C5AF33B138D2EAC0EF9, 5621C75BDC1DA7DC53E13A7224E22DCADDFC3A20588D8AFA32D9EF3629E686B2 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
17:03:10.0325 0x50a8  BstHdAndroidSvc - ok
17:03:10.0330 0x50a8  [ 3F8E334C80AEF464A9718DA1D4CAB8B4, 1D4259943379A8FDDCFF6CEFB293D78289242B2364542FB40596B604DE24BD5E ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
17:03:10.0336 0x50a8  BstHdDrv - ok
17:03:10.0345 0x50a8  [ 5B3FDFBD59750C71B85FA8B0A8E7DB19, 9D5EF10BF274A3E555A8674DEA68CBF94D46AB55FC2EFA52E1AB423D74130DFA ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
17:03:10.0354 0x50a8  BstHdLogRotatorSvc - ok
17:03:10.0369 0x50a8  [ F0B1FA4679489F64D7D6092A12A49F4B, 21E6E06D31F59CE8831B7CA7086395DB2E44771A14C4787068867FA6FF8CF11C ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
17:03:10.0383 0x50a8  BstHdUpdaterSvc - ok
17:03:10.0386 0x50a8  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:03:10.0394 0x50a8  BTHMODEM - ok
17:03:10.0398 0x50a8  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
17:03:10.0416 0x50a8  bthserv - ok
17:03:10.0439 0x50a8  [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
17:03:10.0464 0x50a8  c2cautoupdatesvc - ok
17:03:10.0491 0x50a8  [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc      C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
17:03:10.0520 0x50a8  c2cpnrsvc - ok
17:03:10.0525 0x50a8  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:03:10.0545 0x50a8  cdfs - ok
17:03:10.0550 0x50a8  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
17:03:10.0557 0x50a8  cdrom - ok
17:03:10.0561 0x50a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
17:03:10.0578 0x50a8  CertPropSvc - ok
17:03:10.0586 0x50a8  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:03:10.0594 0x50a8  circlass - ok
17:03:10.0602 0x50a8  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:03:10.0614 0x50a8  CLFS - ok
17:03:10.0620 0x50a8  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:03:10.0626 0x50a8  clr_optimization_v2.0.50727_32 - ok
17:03:10.0632 0x50a8  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:03:10.0638 0x50a8  clr_optimization_v2.0.50727_64 - ok
17:03:10.0649 0x50a8  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:03:10.0656 0x50a8  clr_optimization_v4.0.30319_32 - ok
17:03:10.0660 0x50a8  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:03:10.0668 0x50a8  clr_optimization_v4.0.30319_64 - ok
17:03:10.0670 0x50a8  CltMngSvc - ok
17:03:10.0673 0x50a8  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:03:10.0679 0x50a8  CmBatt - ok
17:03:10.0681 0x50a8  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:03:10.0686 0x50a8  cmdide - ok
17:03:10.0692 0x50a8  [ AFA1BFF926592FD0C3AB97D838652EF9, C38BC4BBD4EDF779993B2FECF96C1FD55B085F3FBEB3E1AE3C892DFD369D611D ] cm_km_w        C:\Windows\system32\DRIVERS\cm_km_w.sys
17:03:10.0699 0x50a8  cm_km_w - ok
17:03:10.0708 0x50a8  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG            C:\Windows\system32\Drivers\cng.sys
17:03:10.0723 0x50a8  CNG - ok
17:03:10.0725 0x50a8  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:03:10.0730 0x50a8  Compbatt - ok
17:03:10.0733 0x50a8  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:03:10.0740 0x50a8  CompositeBus - ok
17:03:10.0742 0x50a8  COMSysApp - ok
17:03:10.0777 0x50a8  cpuz136 - ok
17:03:10.0781 0x50a8  [ 8741E6DF191C805028B92CEC44B1BA88, 8CF0CBBDC43F9B977F0FB79E0A0DD0E1ADABE08A67D0F40D727C717C747DE775 ] cpuz138        C:\Windows\TEMP\cpuz138\cpuz138_x64.sys
17:03:10.0786 0x50a8  cpuz138 - ok
17:03:10.0807 0x50a8  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
17:03:10.0812 0x50a8  crcdisk - ok
17:03:10.0818 0x50a8  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:03:10.0828 0x50a8  CryptSvc - ok
17:03:10.0838 0x50a8  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\Windows\system32\drivers\csc.sys
17:03:10.0851 0x50a8  CSC - ok
17:03:10.0864 0x50a8  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
17:03:10.0880 0x50a8  CscService - ok
17:03:10.0891 0x50a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:03:10.0916 0x50a8  DcomLaunch - ok
17:03:10.0923 0x50a8  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
17:03:10.0945 0x50a8  defragsvc - ok
17:03:10.0949 0x50a8  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:03:10.0966 0x50a8  DfsC - ok
17:03:10.0969 0x50a8  dgderdrv - ok
17:03:10.0973 0x50a8  [ 30710AEFCE721CEEE0F35EB6A01C263C, FB062EC86474D38BBC38E11E2618A9505001C287430B495C482977BBE58017C8 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:03:10.0979 0x50a8  dg_ssudbus - ok
17:03:10.0986 0x50a8  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:03:10.0998 0x50a8  Dhcp - ok
17:03:11.0024 0x50a8  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack      C:\Windows\system32\diagtrack.dll
17:03:11.0049 0x50a8  DiagTrack - ok
17:03:11.0053 0x50a8  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:03:11.0070 0x50a8  discache - ok
17:03:11.0074 0x50a8  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:03:11.0080 0x50a8  Disk - ok
17:03:11.0083 0x50a8  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
17:03:11.0090 0x50a8  dmvsc - ok
17:03:11.0095 0x50a8  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:03:11.0103 0x50a8  Dnscache - ok
17:03:11.0111 0x50a8  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
17:03:11.0131 0x50a8  dot3svc - ok
17:03:11.0135 0x50a8  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
17:03:11.0153 0x50a8  DPS - ok
17:03:11.0156 0x50a8  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
17:03:11.0161 0x50a8  drmkaud - ok
17:03:11.0168 0x50a8  [ 426D951F2DE2D4DFCBE0D1A42BBBA72F, 0279BED05D51E85B2F94F5F244353E7CCA81B48230C06D5EBFFCE6689D8DCCD7 ] DTSAudioSvc    C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
17:03:11.0177 0x50a8  DTSAudioSvc - ok
17:03:11.0194 0x50a8  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
17:03:11.0214 0x50a8  DXGKrnl - ok
17:03:11.0224 0x50a8  [ E53D32044F4A03D64D6C91CF0A22A77E, 091B8A765F53785B543A1D79124C9DEBAAAFE07FC4067BC942C445218FFD3322 ] e1cexpress      C:\Windows\system32\DRIVERS\e1c62x64.sys
17:03:11.0236 0x50a8  e1cexpress - ok
17:03:11.0240 0x50a8  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
17:03:11.0258 0x50a8  EapHost - ok
17:03:11.0304 0x50a8  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
17:03:11.0361 0x50a8  ebdrv - ok
17:03:11.0365 0x50a8  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS            C:\Windows\System32\lsass.exe
17:03:11.0372 0x50a8  EFS - ok
17:03:11.0385 0x50a8  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
17:03:11.0403 0x50a8  ehRecvr - ok
17:03:11.0407 0x50a8  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
17:03:11.0417 0x50a8  ehSched - ok
17:03:11.0430 0x50a8  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
17:03:11.0443 0x50a8  elxstor - ok
17:03:11.0446 0x50a8  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:03:11.0452 0x50a8  ErrDev - ok
17:03:11.0455 0x50a8  [ 932C05033053ADA2404FD836C9AB2C70, 39E3C40DDDCA475F55CD6A044E8CF35A1C25A776B79204CBF76D0DD5D89568D8 ] EuMusDesignVirtualAudioCableWdm C:\Windows\system32\DRIVERS\vrtaucbl.sys
17:03:11.0461 0x50a8  EuMusDesignVirtualAudioCableWdm - ok
17:03:11.0470 0x50a8  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
17:03:11.0494 0x50a8  EventSystem - ok
17:03:11.0499 0x50a8  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
17:03:11.0518 0x50a8  exfat - ok
17:03:11.0524 0x50a8  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
17:03:11.0543 0x50a8  fastfat - ok
17:03:11.0558 0x50a8  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
17:03:11.0575 0x50a8  Fax - ok
17:03:11.0578 0x50a8  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
17:03:11.0585 0x50a8  fdc - ok
17:03:11.0587 0x50a8  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
17:03:11.0607 0x50a8  fdPHost - ok
17:03:11.0610 0x50a8  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:03:11.0627 0x50a8  FDResPub - ok
17:03:11.0631 0x50a8  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:03:11.0636 0x50a8  FileInfo - ok
17:03:11.0639 0x50a8  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
17:03:11.0656 0x50a8  Filetrace - ok
17:03:11.0677 0x50a8  [ 8669BE94F63944E4F899C3950B520241, 9991E57B3C366D59BD186CEAA78D4590EDB2BC127250CF4D1522CBE413453E72 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
17:03:11.0697 0x50a8  FLEXnet Licensing Service - ok
17:03:11.0700 0x50a8  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:03:11.0706 0x50a8  flpydisk - ok
17:03:11.0712 0x50a8  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:03:11.0721 0x50a8  FltMgr - ok
17:03:11.0740 0x50a8  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache      C:\Windows\system32\FntCache.dll
17:03:11.0764 0x50a8  FontCache - ok
17:03:11.0769 0x50a8  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:03:11.0774 0x50a8  FontCache3.0.0.0 - ok
17:03:11.0777 0x50a8  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
17:03:11.0783 0x50a8  FsDepends - ok
17:03:11.0801 0x50a8  [ DDEE99DC54EFA20BD5A442CD733C4462, 941D6C5D91F6419198F1A53BF7D33AA2D9118CEAC028B6ED8E5308751810B9B5 ] FsUsbExDisk    C:\Windows\SysWOW64\FsUsbExDisk.SYS
17:03:11.0804 0x50a8  FsUsbExDisk - detected UnsignedFile.Multi.Generic ( 1 )
17:03:21.0838 0x50a8  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - warning
17:03:28.0600 0x50a8  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:03:28.0606 0x50a8  Fs_Rec - ok
17:03:28.0614 0x50a8  [ E58F8FD3DEF63069C698D63198F9D63B, 2FE372E95E4BF95564A1B5CDC4F8A538CCBA3FBA0C3937579D3B3C287899BBF9 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
17:03:28.0624 0x50a8  Futuremark SystemInfo Service - ok
17:03:28.0630 0x50a8  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:03:28.0640 0x50a8  fvevol - ok
17:03:28.0643 0x50a8  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:03:28.0649 0x50a8  gagp30kx - ok
17:03:28.0652 0x50a8  [ CB121F1009623E83EBCC2C4DCEF6D3FE, 66A28D0A3DDC2AD6BBAD3ADA88396B222CCC195D5B869411FF5295F42A8D00F2 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:03:28.0656 0x50a8  GEARAspiWDM - ok
17:03:28.0676 0x50a8  [ 7F18FB86E1023DDB80874CEA671442D5, BA236CD30A6932DC439DCA1DD4B06B7DF9181B1EC3654A72D05DFD70949C5E06 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
17:03:28.0699 0x50a8  GfExperienceService - ok
17:03:28.0714 0x50a8  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
17:03:28.0743 0x50a8  gpsvc - ok
17:03:28.0776 0x50a8  GPUZ - ok
17:03:28.0782 0x50a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:03:28.0788 0x50a8  gupdate - ok
17:03:28.0792 0x50a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:03:28.0797 0x50a8  gupdatem - ok
17:03:28.0819 0x50a8  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B, F9995CFEC7BBFE10B06EEE04CA6B49658275C43096E57747BFF9C2C31A0F9011 ] hamachi        C:\Windows\system32\DRIVERS\hamachi.sys
17:03:28.0824 0x50a8  hamachi - ok
17:03:28.0860 0x50a8  [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc    C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:03:28.0901 0x50a8  Hamachi2Svc - ok
17:03:28.0906 0x50a8  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:03:28.0913 0x50a8  hcw85cir - ok
17:03:28.0920 0x50a8  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:03:28.0933 0x50a8  HdAudAddService - ok
17:03:28.0937 0x50a8  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:03:28.0946 0x50a8  HDAudBus - ok
17:03:28.0948 0x50a8  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
17:03:28.0955 0x50a8  HidBatt - ok
17:03:28.0959 0x50a8  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:03:28.0970 0x50a8  HidBth - ok
17:03:28.0974 0x50a8  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
17:03:28.0984 0x50a8  HidIr - ok
17:03:28.0987 0x50a8  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\System32\hidserv.dll
17:03:29.0005 0x50a8  hidserv - ok
17:03:29.0008 0x50a8  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:03:29.0013 0x50a8  HidUsb - ok
17:03:29.0017 0x50a8  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:03:29.0034 0x50a8  hkmsvc - ok
17:03:29.0040 0x50a8  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:03:29.0050 0x50a8  HomeGroupListener - ok
17:03:29.0055 0x50a8  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:03:29.0063 0x50a8  HomeGroupProvider - ok
17:03:29.0067 0x50a8  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:03:29.0072 0x50a8  HpSAMD - ok
17:03:29.0086 0x50a8  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:03:29.0103 0x50a8  HTTP - ok
17:03:29.0106 0x50a8  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:03:29.0111 0x50a8  hwpolicy - ok
17:03:29.0115 0x50a8  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:03:29.0122 0x50a8  i8042prt - ok
17:03:29.0133 0x50a8  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
17:03:29.0146 0x50a8  iaStor - ok
17:03:29.0154 0x50a8  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
17:03:29.0165 0x50a8  iaStorV - ok
17:03:29.0182 0x50a8  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:03:29.0200 0x50a8  idsvc - ok
17:03:29.0204 0x50a8  IEEtwCollectorService - ok
17:03:29.0285 0x50a8  [ A87261EF1546325B559374F5689CF5BC, 8DE48A8A13A32AAAC54CDDF58F3F61BE3E2802C1D9CA1CA98E57EB0D65FB6002 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
17:03:29.0382 0x50a8  igfx - ok
17:03:29.0390 0x50a8  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
17:03:29.0395 0x50a8  iirsp - ok
17:03:29.0410 0x50a8  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:03:29.0429 0x50a8  IKEEXT - ok
17:03:29.0435 0x50a8  [ C6D64D2EDFF462B3660FE13145E2CC45, 1A9DBF8FB2BDB7D20D1B735214CC367A1183A341D6DCB629F81C76593DF02C34 ] InstallShield Licensing Service C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe
17:03:29.0439 0x50a8  InstallShield Licensing Service - detected UnsignedFile.Multi.Generic ( 1 )
17:03:35.0219 0x50a8  Detect skipped due to KSN trusted
17:03:35.0219 0x50a8  InstallShield Licensing Service - ok
17:03:35.0285 0x50a8  [ E83BB47C3446F0497019DE7FD6C6A86F, DAD20D57743EB03951FD4078FD105BCD684A9652CFFDF8D03509D814820917CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:03:35.0363 0x50a8  IntcAzAudAddService - ok
17:03:35.0372 0x50a8  [ 4A9EB8AC8959C580ADCADDBDBBEBE033, F7386FB51D4A2138A3BA0B76FE0FB6D0F6DF8AC4837345FCBD51308863D46D01 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
17:03:35.0380 0x50a8  Intel(R) PROSet Monitoring Service - ok
17:03:35.0383 0x50a8  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:03:35.0388 0x50a8  intelide - ok
17:03:35.0391 0x50a8  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
17:03:35.0397 0x50a8  intelppm - ok
17:03:35.0401 0x50a8  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
17:03:35.0422 0x50a8  IPBusEnum - ok
17:03:35.0425 0x50a8  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:03:35.0442 0x50a8  IpFilterDriver - ok
17:03:35.0453 0x50a8  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:03:35.0470 0x50a8  iphlpsvc - ok
17:03:35.0474 0x50a8  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
17:03:35.0481 0x50a8  IPMIDRV - ok
17:03:35.0484 0x50a8  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
17:03:35.0504 0x50a8  IPNAT - ok
17:03:35.0506 0x50a8  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:03:35.0515 0x50a8  IRENUM - ok
17:03:35.0517 0x50a8  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:03:35.0523 0x50a8  isapnp - ok
17:03:35.0531 0x50a8  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:03:35.0539 0x50a8  iScsiPrt - ok
17:03:35.0542 0x50a8  [ B2381712638B0B714D0EEAB9A1F7C640, 113BCA8868057156EFDC7C079171308C1EBA4F979C85EB1265F42F95A499B086 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
17:03:35.0546 0x50a8  iusb3hcs - ok
17:03:35.0554 0x50a8  [ FD2C6457232E95C014DAD21DEBC64867, 4CC4F488A2555761208D8401265788281B6EC76A8F16C8E115778E571450B90B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
17:03:35.0563 0x50a8  iusb3hub - ok
17:03:35.0578 0x50a8  [ F6A2B5D030BE7EDF8ADC12C9A40825A8, 03EFAFD6B7801D83D7689435DED8DC321D153AAC4FD69D46ED8C9D7E7F56B44A ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
17:03:35.0594 0x50a8  iusb3xhc - ok
17:03:35.0598 0x50a8  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:03:35.0605 0x50a8  kbdclass - ok
17:03:35.0608 0x50a8  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:03:35.0614 0x50a8  kbdhid - ok
17:03:35.0617 0x50a8  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
17:03:35.0623 0x50a8  KeyIso - ok
17:03:35.0632 0x50a8  [ D93E72DCC2A99E67931BB79485563146, 7EF496A82E69A53465ED7D45E890275E44C979AD5E9C5E482E0DBE5DC9AD9AD3 ] kl1            C:\Windows\system32\DRIVERS\kl1.sys
17:03:35.0644 0x50a8  kl1 - ok
17:03:35.0648 0x50a8  [ CEF0410B784E8CEB0175103CDE52E7FA, 729A45D76D1886E5ECDF23F96925CEBB90A31EFA5A798D69D9C5A684380B6E36 ] kldisk          C:\Windows\system32\DRIVERS\kldisk.sys
17:03:35.0653 0x50a8  kldisk - ok
17:03:35.0658 0x50a8  [ 09F851161CB4B3D92CDE85B3845DCECC, C86EE26F13DB904CD0CB92BEE282188D5E56ECE071F4D6E53F9AAB6D911C5DE0 ] klflt          C:\Windows\system32\DRIVERS\klflt.sys
17:03:35.0664 0x50a8  klflt - ok
17:03:35.0671 0x50a8  [ 7A64190934B66C17F41D3921353BAEDD, D212A6ECB1CBCC665336DF982B5061A72CD88CB5BF6B2EB14B11B8BE756A670E ] klhk            C:\Windows\system32\DRIVERS\klhk.sys
17:03:35.0679 0x50a8  klhk - ok
17:03:35.0695 0x50a8  [ B8B20727DD8B9753614E089682473563, CA39E9A517CC8B1E04860E0AFB03B0CD7FBDE66143B6CA26FB9DC0EBF80F8F48 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
17:03:35.0712 0x50a8  KLIF - ok
17:03:35.0716 0x50a8  [ FEAD1F401CBE9383A642877A6EA1398F, 0529A96D406DAB1C0715692441BDBC1C05123EB62005B806A8EFF5B0B6DCD5DB ] KLIM6          C:\Windows\system32\DRIVERS\klim6.sys
17:03:35.0721 0x50a8  KLIM6 - ok
17:03:35.0724 0x50a8  [ 3FAE739F2AFEA18BCBB9C5E7DC6E889D, 5990C074BCB8E2172AE0A2AC0A31E6636B3C3EF0A5BB1F593E62D22D53FC5BF0 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
17:03:35.0729 0x50a8  klkbdflt - ok
17:03:35.0731 0x50a8  klkbdflt2 - ok
17:03:35.0734 0x50a8  [ 72CF64FBF38CD681FA7F37176047E967, BE5683C119DCEF7E678EE477D6CADF873E32D42372A253B7E86B8C335DF28E1C ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
17:03:35.0739 0x50a8  klmouflt - ok
17:03:35.0742 0x50a8  [ 8C0EC95AD65A0DE3D6C040591D02BF02, 272FB83752B73684FA7BDBE256FAFD56138E4755AAEFED9E7EF8F0E3D0ACFAF2 ] klpd            C:\Windows\system32\DRIVERS\klpd.sys
17:03:35.0746 0x50a8  klpd - ok
17:03:35.0750 0x50a8  [ 43957361D346A4263873932D572613F2, 719E61CADF6FB49C24370899329BDE198E55DEB175F5701382EE16311D8576D9 ] kltdi          C:\Windows\system32\DRIVERS\kltdi.sys
17:03:35.0755 0x50a8  kltdi - ok
17:03:35.0759 0x50a8  [ 926BA68DA79545EB6D99BB009B781E5E, EB1DB801044EB4228D38D85A8B6853EFE887B7D4E1EA1F0B8F75DD4886C96467 ] Klwtp          C:\Windows\system32\DRIVERS\klwtp.sys
17:03:35.0765 0x50a8  Klwtp - ok
17:03:35.0771 0x50a8  [ D4CEEAC11C65F49D0F42E74440E829BF, 7E289BB5E400326BADDD61CBB99CB268A3E99103CF16968E1D9141C205EE309C ] kneps          C:\Windows\system32\DRIVERS\kneps.sys
17:03:35.0778 0x50a8  kneps - ok
17:03:35.0782 0x50a8  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:03:35.0789 0x50a8  KSecDD - ok
17:03:35.0795 0x50a8  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
17:03:35.0804 0x50a8  KSecPkg - ok
17:03:35.0809 0x50a8  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
17:03:35.0829 0x50a8  ksthunk - ok
17:03:35.0837 0x50a8  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
17:03:35.0861 0x50a8  KtmRm - ok
17:03:35.0869 0x50a8  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\Windows\system32\DRIVERS\ladfGSCamd64.sys
17:03:35.0880 0x50a8  LADF_CaptureOnly - ok
17:03:35.0884 0x50a8  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\Windows\system32\DRIVERS\ladfGSRamd64.sys
17:03:35.0889 0x50a8  LADF_RenderOnly - ok
17:03:35.0895 0x50a8  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:03:35.0914 0x50a8  LanmanServer - ok
17:03:35.0918 0x50a8  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:03:35.0936 0x50a8  LanmanWorkstation - ok
17:03:35.0939 0x50a8  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
17:03:35.0944 0x50a8  LGBusEnum - ok
17:03:35.0947 0x50a8  [ F705A641C18DF31B48B5DBDA94B425E4, 1F47EE43CAFE5458E56467E127EE99B5FDBFF8B810CF92B232094B475DD42B21 ] LGPBTDD        C:\Windows\system32\Drivers\LGPBTDD.sys
17:03:35.0951 0x50a8  LGPBTDD - ok
17:03:35.0955 0x50a8  [ F7205E939F50B1C8D16F895916BE6756, 914326BAF54691AE880F6A3817B277F027F32AD7EF507A83F9A60DCA02901EDA ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
17:03:35.0961 0x50a8  LGSHidFilt - ok
17:03:35.0963 0x50a8  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
17:03:35.0968 0x50a8  LGVirHid - ok
17:03:35.0970 0x50a8  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:03:35.0988 0x50a8  lltdio - ok
17:03:35.0995 0x50a8  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
17:03:36.0021 0x50a8  lltdsvc - ok
17:03:36.0023 0x50a8  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
17:03:36.0041 0x50a8  lmhosts - ok
17:03:36.0049 0x50a8  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
17:03:36.0059 0x50a8  LMIGuardianSvc - ok
17:03:36.0061 0x50a8  lmimirr - ok
17:03:36.0065 0x50a8  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:03:36.0072 0x50a8  LSI_FC - ok
17:03:36.0075 0x50a8  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
17:03:36.0082 0x50a8  LSI_SAS - ok
17:03:36.0085 0x50a8  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:03:36.0091 0x50a8  LSI_SAS2 - ok
17:03:36.0095 0x50a8  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:03:36.0102 0x50a8  LSI_SCSI - ok
17:03:36.0107 0x50a8  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
17:03:36.0125 0x50a8  luafv - ok
17:03:36.0129 0x50a8  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
17:03:36.0137 0x50a8  Mcx2Svc - ok
17:03:36.0140 0x50a8  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
17:03:36.0146 0x50a8  megasas - ok
17:03:36.0154 0x50a8  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:03:36.0167 0x50a8  MegaSR - ok
17:03:36.0171 0x50a8  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
17:03:36.0176 0x50a8  MEIx64 - ok
17:03:36.0183 0x50a8  Microsoft SharePoint Workspace Audit Service - ok
17:03:36.0186 0x50a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
17:03:36.0204 0x50a8  MMCSS - ok
17:03:36.0208 0x50a8  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
17:03:36.0226 0x50a8  Modem - ok
17:03:36.0229 0x50a8  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
17:03:36.0238 0x50a8  monitor - ok
17:03:36.0241 0x50a8  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:03:36.0247 0x50a8  mouclass - ok
17:03:36.0250 0x50a8  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:03:36.0256 0x50a8  mouhid - ok
17:03:36.0260 0x50a8  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:03:36.0266 0x50a8  mountmgr - ok
17:03:36.0271 0x50a8  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:03:36.0279 0x50a8  mpio - ok
17:03:36.0283 0x50a8  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:03:36.0302 0x50a8  mpsdrv - ok
17:03:36.0317 0x50a8  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:03:36.0348 0x50a8  MpsSvc - ok
17:03:36.0353 0x50a8  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:03:36.0362 0x50a8  MRxDAV - ok
17:03:36.0366 0x50a8  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:03:36.0374 0x50a8  mrxsmb - ok
17:03:36.0382 0x50a8  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:03:36.0392 0x50a8  mrxsmb10 - ok
17:03:36.0397 0x50a8  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:03:36.0404 0x50a8  mrxsmb20 - ok
17:03:36.0406 0x50a8  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:03:36.0412 0x50a8  msahci - ok
17:03:36.0416 0x50a8  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
17:03:36.0423 0x50a8  msdsm - ok
17:03:36.0428 0x50a8  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
17:03:36.0436 0x50a8  MSDTC - ok
17:03:36.0440 0x50a8  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:03:36.0457 0x50a8  Msfs - ok
17:03:36.0460 0x50a8  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
17:03:36.0476 0x50a8  mshidkmdf - ok
17:03:36.0479 0x50a8  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:03:36.0484 0x50a8  msisadrv - ok
17:03:36.0489 0x50a8  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
17:03:36.0508 0x50a8  MSiSCSI - ok
17:03:36.0510 0x50a8  msiserver - ok
17:03:36.0513 0x50a8  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
17:03:36.0530 0x50a8  MSKSSRV - ok
17:03:36.0532 0x50a8  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:03:36.0549 0x50a8  MSPCLOCK - ok
17:03:36.0551 0x50a8  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
17:03:36.0567 0x50a8  MSPQM - ok
17:03:36.0575 0x50a8  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
17:03:36.0586 0x50a8  MsRPC - ok
17:03:36.0590 0x50a8  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:03:36.0595 0x50a8  mssmbios - ok
17:03:36.0599 0x50a8  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
17:03:36.0615 0x50a8  MSTEE - ok
17:03:36.0618 0x50a8  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:03:36.0624 0x50a8  MTConfig - ok
17:03:36.0627 0x50a8  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
17:03:36.0632 0x50a8  Mup - ok
17:03:36.0636 0x50a8  [ D22AE9BDB972785CF9D336204C6005B1, 1AE328C88CF49072C125F41B16C2A2063203B21164245E2850CA491BDD4A522E ] NAL            C:\Windows\system32\Drivers\iqvw64e.sys
17:03:36.0640 0x50a8  NAL - ok
17:03:36.0650 0x50a8  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:03:36.0673 0x50a8  napagent - ok
17:03:36.0681 0x50a8  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
17:03:36.0695 0x50a8  NativeWifiP - ok
17:03:36.0710 0x50a8  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        C:\Program Files (x86)\Nero\Update\NASvc.exe
17:03:36.0726 0x50a8  NAUpdate - ok
17:03:36.0744 0x50a8  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:03:36.0766 0x50a8  NDIS - ok
17:03:36.0769 0x50a8  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
17:03:36.0786 0x50a8  NdisCap - ok
17:03:36.0788 0x50a8  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:03:36.0805 0x50a8  NdisTapi - ok
17:03:36.0807 0x50a8  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
17:03:36.0824 0x50a8  Ndisuio - ok
17:03:36.0829 0x50a8  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
17:03:36.0847 0x50a8  NdisWan - ok
17:03:36.0850 0x50a8  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
17:03:36.0867 0x50a8  NDProxy - ok
17:03:36.0869 0x50a8  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
17:03:36.0886 0x50a8  NetBIOS - ok
17:03:36.0892 0x50a8  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
17:03:36.0912 0x50a8  NetBT - ok
17:03:36.0914 0x50a8  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
17:03:36.0920 0x50a8  Netlogon - ok
17:03:36.0927 0x50a8  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:03:36.0949 0x50a8  Netman - ok
17:03:36.0960 0x50a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:36.0967 0x50a8  NetMsmqActivator - ok
17:03:36.0971 0x50a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:36.0978 0x50a8  NetPipeActivator - ok
17:03:36.0987 0x50a8  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:03:37.0011 0x50a8  netprofm - ok
17:03:37.0015 0x50a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:37.0022 0x50a8  NetTcpActivator - ok
17:03:37.0025 0x50a8  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:03:37.0033 0x50a8  NetTcpPortSharing - ok
17:03:37.0036 0x50a8  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
17:03:37.0042 0x50a8  nfrd960 - ok
17:03:37.0050 0x50a8  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:03:37.0060 0x50a8  NlaSvc - ok
17:03:37.0063 0x50a8  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:03:37.0081 0x50a8  Npfs - ok
17:03:37.0083 0x50a8  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
17:03:37.0103 0x50a8  nsi - ok
17:03:37.0105 0x50a8  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:03:37.0123 0x50a8  nsiproxy - ok
17:03:37.0152 0x50a8  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:03:37.0185 0x50a8  Ntfs - ok
17:03:37.0189 0x50a8  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:03:37.0209 0x50a8  Null - ok
17:03:37.0215 0x50a8  [ 624C1453F9109D98F7E2612DAD76BBB1, 4578623BF7EA1AF42038070AA3A1A9AC4A9582132ABBFAD9C3A99F46308DE8C3 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
17:03:37.0222 0x50a8  NVHDA - ok
17:03:37.0374 0x50a8  [ 3E188568A3D51195399A790B51F0A7B8, 76BBE2F6CD8B67D184FACE85D638E0861842784F5A087A412F0F05AF27079DC4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:03:37.0540 0x50a8  nvlddmkm - ok
17:03:37.0577 0x50a8  [ DB7C6892180C79714EF79F69A788E865, 0E4C109C6F8E8D37447FCE1D7CABCBFAE8E5AA6FD4512150DD17156C9021A6FC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:03:37.0605 0x50a8  NvNetworkService - ok
17:03:37.0611 0x50a8  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:03:37.0618 0x50a8  nvraid - ok
17:03:37.0624 0x50a8  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:03:37.0631 0x50a8  nvstor - ok
17:03:37.0634 0x50a8  [ 7308AA5672CC6D14F43C91965DC67200, 573566D94D19F3AEDFB326B0B5987DC52F3802E5F5CAF8C32830660193B93E19 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
17:03:37.0639 0x50a8  NvStreamKms - ok
17:03:37.0640 0x50a8  NvStreamSvc - ok
17:03:37.0657 0x50a8  [ D768CA15B379A9611B22719A1364D3C0, 2F2D6143E2B06A3EE7011E559475BFC3DEFC8AB67F1F93404E6B83CDB69185C0 ] nvsvc          C:\Windows\system32\nvvsvc.exe
17:03:37.0674 0x50a8  nvsvc - ok
17:03:37.0679 0x50a8  [ D0EB00C3BDD50E9CABA534CF829593E8, 6E11117DC30E834C70DC9381A67D057BC2DADA956855A0EEA9801D45C75536B1 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
17:03:37.0684 0x50a8  nvvad_WaveExtensible - ok
17:03:37.0688 0x50a8  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:03:37.0695 0x50a8  nv_agp - ok
17:03:37.0699 0x50a8  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:03:37.0705 0x50a8  ohci1394 - ok
17:03:37.0738 0x50a8  [ FCE83ABDE761C87D17EA65960455F0E5, E59C13E26845FE0537AEBF0E4A9DC0AF3E6DF55C7A54247FC8078AC5DE666AD4 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
17:03:37.0777 0x50a8  Origin Client Service - ok
17:03:37.0784 0x50a8  [ 4965B005492CBA7719E82B71E3245495, 52AD72C05FACC1E0E416A1FA25F34FDD3CB274FAB973BEAAE911A2FACA42B650 ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:03:37.0791 0x50a8  ose64 - ok
17:03:37.0859 0x50a8  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:03:37.0925 0x50a8  osppsvc - ok
17:03:37.0936 0x50a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:03:37.0961 0x50a8  p2pimsvc - ok
17:03:37.0977 0x50a8  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:03:37.0991 0x50a8  p2psvc - ok
17:03:37.0995 0x50a8  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\drivers\parport.sys
17:03:38.0002 0x50a8  Parport - ok
17:03:38.0006 0x50a8  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
17:03:38.0012 0x50a8  partmgr - ok
17:03:38.0017 0x50a8  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:03:38.0026 0x50a8  PcaSvc - ok
17:03:38.0031 0x50a8  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
17:03:38.0038 0x50a8  pci - ok
17:03:38.0040 0x50a8  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:03:38.0045 0x50a8  pciide - ok
17:03:38.0051 0x50a8  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:03:38.0059 0x50a8  pcmcia - ok
17:03:38.0062 0x50a8  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
17:03:38.0067 0x50a8  pcw - ok
17:03:38.0080 0x50a8  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:03:38.0098 0x50a8  PEAUTH - ok
17:03:38.0121 0x50a8  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
17:03:38.0148 0x50a8  PeerDistSvc - ok
17:03:38.0168 0x50a8  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:03:38.0176 0x50a8  PerfHost - ok
17:03:38.0202 0x50a8  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
17:03:38.0240 0x50a8  pla - ok
17:03:38.0250 0x50a8  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:03:38.0262 0x50a8  PlugPlay - ok
17:03:38.0267 0x50a8  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
17:03:38.0273 0x50a8  PnkBstrA - ok
17:03:38.0276 0x50a8  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
17:03:38.0282 0x50a8  PNRPAutoReg - ok
17:03:38.0289 0x50a8  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
17:03:38.0298 0x50a8  PNRPsvc - ok
17:03:38.0308 0x50a8  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
17:03:38.0331 0x50a8  PolicyAgent - ok
17:03:38.0336 0x50a8  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
17:03:38.0357 0x50a8  Power - ok
17:03:38.0361 0x50a8  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:03:38.0379 0x50a8  PptpMiniport - ok
17:03:38.0382 0x50a8  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
17:03:38.0389 0x50a8  Processor - ok
17:03:38.0394 0x50a8  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc        C:\Windows\system32\profsvc.dll
17:03:38.0403 0x50a8  ProfSvc - ok
17:03:38.0406 0x50a8  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:03:38.0411 0x50a8  ProtectedStorage - ok
17:03:38.0415 0x50a8  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:03:38.0433 0x50a8  Psched - ok
17:03:38.0457 0x50a8  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:03:38.0486 0x50a8  ql2300 - ok
17:03:38.0492 0x50a8  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:03:38.0499 0x50a8  ql40xx - ok
17:03:38.0505 0x50a8  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
17:03:38.0517 0x50a8  QWAVE - ok
17:03:38.0520 0x50a8  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:03:38.0528 0x50a8  QWAVEdrv - ok
17:03:38.0531 0x50a8  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:03:38.0547 0x50a8  RasAcd - ok
17:03:38.0551 0x50a8  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
17:03:38.0570 0x50a8  RasAgileVpn - ok
17:03:38.0574 0x50a8  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
17:03:38.0595 0x50a8  RasAuto - ok
17:03:38.0599 0x50a8  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
17:03:38.0616 0x50a8  Rasl2tp - ok
17:03:38.0624 0x50a8  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:03:38.0646 0x50a8  RasMan - ok
17:03:38.0650 0x50a8  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:03:38.0668 0x50a8  RasPppoe - ok
17:03:38.0671 0x50a8  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
17:03:38.0690 0x50a8  RasSstp - ok
17:03:38.0697 0x50a8  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
17:03:38.0718 0x50a8  rdbss - ok
17:03:38.0721 0x50a8  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:03:38.0729 0x50a8  rdpbus - ok
17:03:38.0734 0x50a8  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:03:38.0752 0x50a8  RDPCDD - ok
17:03:38.0758 0x50a8  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
17:03:38.0766 0x50a8  RDPDR - ok
17:03:38.0768 0x50a8  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:03:38.0786 0x50a8  RDPENCDD - ok
17:03:38.0789 0x50a8  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:03:38.0805 0x50a8  RDPREFMP - ok
17:03:38.0809 0x50a8  [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:03:38.0816 0x50a8  RdpVideoMiniport - ok
17:03:38.0821 0x50a8  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
17:03:38.0830 0x50a8  RDPWD - ok
17:03:38.0836 0x50a8  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:03:38.0844 0x50a8  rdyboost - ok
17:03:38.0848 0x50a8  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:03:38.0868 0x50a8  RemoteAccess - ok
17:03:38.0873 0x50a8  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:03:38.0893 0x50a8  RemoteRegistry - ok
17:03:38.0918 0x50a8  [ E7062DBD907E0C5CEEB5ABDAF07E6B32, 6D6662E981510DBAD4D4E2FB38B560F2D50959EA47914FDD983FEA52DEF80E77 ] RosettaStoneDaemon C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
17:03:38.0951 0x50a8  RosettaStoneDaemon - ok
17:03:38.0955 0x50a8  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:03:38.0976 0x50a8  RpcEptMapper - ok
17:03:38.0978 0x50a8  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:03:38.0985 0x50a8  RpcLocator - ok
17:03:38.0995 0x50a8  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
17:03:39.0018 0x50a8  RpcSs - ok
17:03:39.0023 0x50a8  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:03:39.0042 0x50a8  rspndr - ok
17:03:39.0045 0x50a8  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
17:03:39.0050 0x50a8  s3cap - ok
17:03:39.0053 0x50a8  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs          C:\Windows\system32\lsass.exe
17:03:39.0058 0x50a8  SamSs - ok
17:03:39.0072 0x50a8  [ 2EFD1F0324707E6BE4AF5A85B4F550E8, 51F09AE85635B6588C542CB3266529767CD288FF5DC4ABB0853852086FEC0D0D ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
17:03:39.0086 0x50a8  Samsung Link Service - ok
17:03:39.0090 0x50a8  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:03:39.0096 0x50a8  sbp2port - ok
17:03:39.0101 0x50a8  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:03:39.0122 0x50a8  SCardSvr - ok
17:03:39.0125 0x50a8  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:03:39.0144 0x50a8  scfilter - ok
17:03:39.0165 0x50a8  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:03:39.0202 0x50a8  Schedule - ok
17:03:39.0205 0x50a8  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
17:03:39.0224 0x50a8  SCPolicySvc - ok
17:03:39.0229 0x50a8  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:03:39.0238 0x50a8  SDRSVC - ok
17:03:39.0241 0x50a8  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:03:39.0258 0x50a8  secdrv - ok
17:03:39.0261 0x50a8  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:03:39.0278 0x50a8  seclogon - ok
17:03:39.0283 0x50a8  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:03:39.0302 0x50a8  SENS - ok
17:03:39.0305 0x50a8  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:03:39.0317 0x50a8  SensrSvc - ok
17:03:39.0321 0x50a8  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\drivers\serenum.sys
17:03:39.0327 0x50a8  Serenum - ok
17:03:39.0331 0x50a8  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
17:03:39.0339 0x50a8  Serial - ok
17:03:39.0342 0x50a8  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:03:39.0349 0x50a8  sermouse - ok
17:03:39.0355 0x50a8  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:03:39.0375 0x50a8  SessionEnv - ok
17:03:39.0377 0x50a8  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
17:03:39.0385 0x50a8  sffdisk - ok
17:03:39.0387 0x50a8  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:03:39.0395 0x50a8  sffp_mmc - ok
17:03:39.0398 0x50a8  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
17:03:39.0405 0x50a8  sffp_sd - ok
17:03:39.0407 0x50a8  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
17:03:39.0413 0x50a8  sfloppy - ok
17:03:39.0423 0x50a8  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:03:39.0446 0x50a8  SharedAccess - ok
17:03:39.0453 0x50a8  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:03:39.0476 0x50a8  ShellHWDetection - ok
17:03:39.0479 0x50a8  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:03:39.0485 0x50a8  SiSRaid2 - ok
17:03:39.0488 0x50a8  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:03:39.0496 0x50a8  SiSRaid4 - ok
17:03:39.0504 0x50a8  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
17:03:39.0516 0x50a8  SkypeUpdate - ok
17:03:39.0521 0x50a8  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
17:03:39.0540 0x50a8  Smb - ok
17:03:39.0545 0x50a8  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:03:39.0552 0x50a8  SNMPTRAP - ok
17:03:39.0554 0x50a8  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
17:03:39.0560 0x50a8  spldr - ok
17:03:39.0571 0x50a8  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
17:03:39.0586 0x50a8  Spooler - ok
17:03:39.0589 0x50a8  SPPD - ok
17:03:39.0642 0x50a8  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:03:39.0714 0x50a8  sppsvc - ok
17:03:39.0720 0x50a8  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
17:03:39.0738 0x50a8  sppuinotify - ok
17:03:39.0748 0x50a8  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
17:03:39.0762 0x50a8  srv - ok
17:03:39.0771 0x50a8  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:03:39.0783 0x50a8  srv2 - ok
17:03:39.0788 0x50a8  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:03:39.0797 0x50a8  srvnet - ok
17:03:39.0802 0x50a8  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
17:03:39.0825 0x50a8  SSDPSRV - ok
17:03:39.0830 0x50a8  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
17:03:39.0852 0x50a8  SstpSvc - ok
17:03:39.0859 0x50a8  [ 91310683D7B6B292B746D60734B59322, 2C56C3E4AA7356FB544B52F80ABDA39A80473390CB2059C69BDCCAD40FE56325 ] ssudmdm        C:\Windows\system32\DRIVERS\ssudmdm.sys
17:03:39.0868 0x50a8  ssudmdm - ok
17:03:39.0883 0x50a8  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
17:03:39.0899 0x50a8  ss_conn_service - ok
17:03:39.0915 0x50a8  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:03:39.0930 0x50a8  Steam Client Service - ok
17:03:39.0940 0x50a8  [ C64C157B167FE562E8670984E72C25FA, 9302C82A75CA65515297B72F3A6230307AAE0B14FD8C9C7FA343F7B62E5ED376 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
17:03:39.0950 0x50a8  Stereo Service - ok
17:03:39.0953 0x50a8  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:03:39.0958 0x50a8  stexstor - ok
17:03:39.0970 0x50a8  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:03:39.0988 0x50a8  stisvc - ok
17:03:39.0991 0x50a8  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
17:03:39.0996 0x50a8  storflt - ok
17:03:39.0999 0x50a8  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\Windows\system32\drivers\storvsc.sys
17:03:40.0004 0x50a8  storvsc - ok
17:03:40.0006 0x50a8  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:03:40.0011 0x50a8  swenum - ok
17:03:40.0022 0x50a8  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
17:03:40.0048 0x50a8  swprv - ok
17:03:40.0052 0x50a8  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\Synth3dVsc.sys
17:03:40.0062 0x50a8  Synth3dVsc - ok
17:03:40.0089 0x50a8  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
17:03:40.0126 0x50a8  SysMain - ok
17:03:40.0131 0x50a8  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:03:40.0140 0x50a8  TabletInputService - ok
17:03:40.0148 0x50a8  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
17:03:40.0170 0x50a8  TapiSrv - ok
17:03:40.0173 0x50a8  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
17:03:40.0192 0x50a8  TBS - ok
17:03:40.0220 0x50a8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
17:03:40.0255 0x50a8  Tcpip - ok
17:03:40.0285 0x50a8  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:03:40.0312 0x50a8  TCPIP6 - ok
17:03:40.0317 0x50a8  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:03:40.0323 0x50a8  tcpipreg - ok
17:03:40.0327 0x50a8  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:03:40.0333 0x50a8  TDPIPE - ok
17:03:40.0336 0x50a8  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
17:03:40.0342 0x50a8  TDTCP - ok
17:03:40.0345 0x50a8  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
17:03:40.0353 0x50a8  tdx - ok
17:03:40.0450 0x50a8  [ FC8DC5DB5F707C96FEBC526AA4CE562A, AB97B53EA9E8C55A18733A6A3DE42E6EBC8BA9150796338DF04AB2DDA5124E1A ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
17:03:40.0541 0x50a8  TeamViewer - ok
17:03:40.0549 0x50a8  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:03:40.0554 0x50a8  TermDD - ok
17:03:40.0557 0x50a8  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
17:03:40.0563 0x50a8  terminpt - ok
17:03:40.0576 0x50a8  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService    C:\Windows\System32\termsrv.dll
17:03:40.0593 0x50a8  TermService - ok
17:03:40.0596 0x50a8  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:03:40.0606 0x50a8  Themes - ok
17:03:40.0609 0x50a8  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
17:03:40.0629 0x50a8  THREADORDER - ok
17:03:40.0633 0x50a8  [ 519CB7D7F697F4BA47DE05845C20F158, F4B40014CB5047463FC40C28D9CFF0DA5E8592A2A9ED8E938A0A9D43DBD0A516 ] TlntSvr        C:\Windows\System32\tlntsvr.exe
17:03:40.0641 0x50a8  TlntSvr - ok
17:03:40.0645 0x50a8  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:03:40.0665 0x50a8  TrkWks - ok
17:03:40.0670 0x50a8  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:03:40.0689 0x50a8  TrustedInstaller - ok
17:03:40.0693 0x50a8  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:03:40.0699 0x50a8  tssecsrv - ok
17:03:40.0702 0x50a8  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:03:40.0708 0x50a8  TsUsbFlt - ok
17:03:40.0710 0x50a8  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
17:03:40.0716 0x50a8  TsUsbGD - ok
17:03:40.0720 0x50a8  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
17:03:40.0727 0x50a8  tsusbhub - ok
17:03:40.0731 0x50a8  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:03:40.0750 0x50a8  tunnel - ok
17:03:40.0754 0x50a8  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:03:40.0761 0x50a8  uagp35 - ok
17:03:40.0769 0x50a8  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:03:40.0791 0x50a8  udfs - ok
17:03:40.0796 0x50a8  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
17:03:40.0804 0x50a8  UI0Detect - ok
17:03:40.0808 0x50a8  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:03:40.0815 0x50a8  uliagpkx - ok
17:03:40.0818 0x50a8  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
17:03:40.0824 0x50a8  umbus - ok
17:03:40.0827 0x50a8  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:03:40.0834 0x50a8  UmPass - ok
17:03:40.0840 0x50a8  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:03:40.0850 0x50a8  UmRdpService - ok
17:03:40.0857 0x50a8  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:03:40.0879 0x50a8  upnphost - ok
17:03:40.0883 0x50a8  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
17:03:40.0890 0x50a8  usbaudio - ok
17:03:40.0894 0x50a8  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
17:03:40.0901 0x50a8  usbccgp - ok
17:03:40.0905 0x50a8  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:03:40.0911 0x50a8  usbcir - ok
17:03:40.0914 0x50a8  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\DRIVERS\usbehci.sys
17:03:40.0921 0x50a8  usbehci - ok
17:03:40.0928 0x50a8  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:03:40.0939 0x50a8  usbhub - ok
17:03:40.0941 0x50a8  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\drivers\usbohci.sys
17:03:40.0947 0x50a8  usbohci - ok
17:03:40.0950 0x50a8  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:03:40.0957 0x50a8  usbprint - ok
17:03:40.0960 0x50a8  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:03:40.0967 0x50a8  USBSTOR - ok
17:03:40.0970 0x50a8  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
17:03:40.0977 0x50a8  usbuhci - ok
17:03:40.0983 0x50a8  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
17:03:40.0991 0x50a8  usbvideo - ok
17:03:40.0994 0x50a8  [ 7B28E2FBE75115660FAB31079C0A9F29, 81BB5A3E64B652A672A0782A88ABF6DDD729D38712D0706CE0FB9DE6D1EE1515 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
17:03:41.0003 0x50a8  usb_rndisx - ok
17:03:41.0006 0x50a8  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
17:03:41.0023 0x50a8  UxSms - ok
17:03:41.0026 0x50a8  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
17:03:41.0032 0x50a8  VaultSvc - ok
17:03:41.0035 0x50a8  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:03:41.0040 0x50a8  vdrvroot - ok
17:03:41.0052 0x50a8  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
17:03:41.0078 0x50a8  vds - ok
17:03:41.0082 0x50a8  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
17:03:41.0089 0x50a8  vga - ok
17:03:41.0091 0x50a8  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
17:03:41.0108 0x50a8  VgaSave - ok
17:03:41.0110 0x50a8  VGPU - ok
17:03:41.0115 0x50a8  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
17:03:41.0123 0x50a8  vhdmp - ok
17:03:41.0126 0x50a8  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:03:41.0131 0x50a8  viaide - ok
17:03:41.0137 0x50a8  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
17:03:41.0145 0x50a8  vmbus - ok
17:03:41.0147 0x50a8  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:03:41.0153 0x50a8  VMBusHID - ok
17:03:41.0156 0x50a8  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:03:41.0162 0x50a8  volmgr - ok
17:03:41.0170 0x50a8  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
17:03:41.0180 0x50a8  volmgrx - ok
17:03:41.0187 0x50a8  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap        C:\Windows\system32\drivers\volsnap.sys
17:03:41.0196 0x50a8  volsnap - ok
17:03:41.0203 0x50a8  [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus          C:\Windows\system32\DRIVERS\vpchbus.sys
17:03:41.0211 0x50a8  vpcbus - ok
17:03:41.0214 0x50a8  [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr        C:\Windows\system32\DRIVERS\vpcnfltr.sys
17:03:41.0220 0x50a8  vpcnfltr - ok
17:03:41.0224 0x50a8  [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb          C:\Windows\system32\DRIVERS\vpcusb.sys
17:03:41.0231 0x50a8  vpcusb - ok
17:03:41.0239 0x50a8  [ 207B6539799CC1C112661A9B620DD233, 6B915CC7F77C867516D94865D7BF2E5C815402EF0A4488C3EB2FEF7CFA6C98F6 ] vpcvmm          C:\Windows\system32\drivers\vpcvmm.sys
17:03:41.0249 0x50a8  vpcvmm - ok
17:03:41.0254 0x50a8  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
17:03:41.0261 0x50a8  vsmraid - ok
17:03:41.0286 0x50a8  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
17:03:41.0326 0x50a8  VSS - ok
17:03:41.0331 0x50a8  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:03:41.0339 0x50a8  vwifibus - ok
17:03:41.0342 0x50a8  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:03:41.0351 0x50a8  vwififlt - ok
17:03:41.0354 0x50a8  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
17:03:41.0363 0x50a8  vwifimp - ok
17:03:41.0371 0x50a8  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
17:03:41.0395 0x50a8  W32Time - ok
17:03:41.0398 0x50a8  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:03:41.0404 0x50a8  WacomPen - ok
17:03:41.0409 0x50a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:03:41.0425 0x50a8  WANARP - ok
17:03:41.0428 0x50a8  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:03:41.0445 0x50a8  Wanarpv6 - ok
17:03:41.0468 0x50a8  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:03:41.0499 0x50a8  wbengine - ok
17:03:41.0507 0x50a8  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:03:41.0522 0x50a8  WbioSrvc - ok
17:03:41.0530 0x50a8  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
17:03:41.0544 0x50a8  wcncsvc - ok
17:03:41.0547 0x50a8  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:03:41.0554 0x50a8  WcsPlugInService - ok
17:03:41.0557 0x50a8  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:03:41.0562 0x50a8  Wd - ok
17:03:41.0579 0x50a8  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:03:41.0597 0x50a8  Wdf01000 - ok
17:03:41.0601 0x50a8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:03:41.0609 0x50a8  WdiServiceHost - ok
17:03:41.0611 0x50a8  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost  C:\Windows\system32\wdi.dll
17:03:41.0618 0x50a8  WdiSystemHost - ok
17:03:41.0625 0x50a8  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
17:03:41.0637 0x50a8  WebClient - ok
17:03:41.0643 0x50a8  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:03:41.0666 0x50a8  Wecsvc - ok
17:03:41.0669 0x50a8  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
17:03:41.0688 0x50a8  wercplsupport - ok
17:03:41.0692 0x50a8  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:03:41.0713 0x50a8  WerSvc - ok
17:03:41.0715 0x50a8  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:03:41.0732 0x50a8  WfpLwf - ok
17:03:41.0734 0x50a8  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:03:41.0739 0x50a8  WIMMount - ok
17:03:41.0741 0x50a8  WinDefend - ok
17:03:41.0744 0x50a8  WinHttpAutoProxySvc - ok
17:03:41.0753 0x50a8  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
17:03:41.0776 0x50a8  Winmgmt - ok
17:03:41.0806 0x50a8  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM          C:\Windows\system32\WsmSvc.dll
17:03:41.0843 0x50a8  WinRM - ok
17:03:41.0850 0x50a8  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
17:03:41.0857 0x50a8  WinUsb - ok
17:03:41.0872 0x50a8  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
17:03:41.0897 0x50a8  Wlansvc - ok
17:03:41.0941 0x50a8  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc        C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:03:41.0975 0x50a8  wlidsvc - ok
17:03:41.0980 0x50a8  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
17:03:41.0986 0x50a8  WmiAcpi - ok
17:03:41.0992 0x50a8  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:03:42.0001 0x50a8  wmiApSrv - ok
17:03:42.0003 0x50a8  WMPNetworkSvc - ok
17:03:42.0005 0x50a8  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:03:42.0012 0x50a8  WPCSvc - ok
17:03:42.0016 0x50a8  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:03:42.0027 0x50a8  WPDBusEnum - ok
17:03:42.0029 0x50a8  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
17:03:42.0047 0x50a8  ws2ifsl - ok
17:03:42.0051 0x50a8  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
17:03:42.0062 0x50a8  wscsvc - ok
17:03:42.0064 0x50a8  WSearch - ok
17:03:42.0101 0x50a8  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:03:42.0146 0x50a8  wuauserv - ok
17:03:42.0151 0x50a8  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:03:42.0158 0x50a8  WudfPf - ok
17:03:42.0164 0x50a8  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
17:03:42.0172 0x50a8  WUDFRd - ok
17:03:42.0176 0x50a8  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
17:03:42.0184 0x50a8  wudfsvc - ok
17:03:42.0189 0x50a8  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
17:03:42.0199 0x50a8  WwanSvc - ok
17:03:42.0216 0x50a8  X6va012 - ok
17:03:42.0230 0x50a8  ================ Scan global ===============================
17:03:42.0232 0x50a8  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:03:42.0238 0x50a8  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
17:03:42.0245 0x50a8  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
17:03:42.0250 0x50a8  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:03:42.0257 0x50a8  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:03:42.0262 0x50a8  [ Global ] - ok
17:03:42.0263 0x50a8  ================ Scan MBR ==================================
17:03:42.0264 0x50a8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:03:42.0501 0x50a8  \Device\Harddisk2\DR2 - ok
17:03:42.0516 0x50a8  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:03:42.0592 0x50a8  \Device\Harddisk0\DR0 - ok
17:03:42.0594 0x50a8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:03:42.0667 0x50a8  \Device\Harddisk1\DR1 - ok
17:03:48.0129 0x50a8  [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk3\DR3
17:03:48.0218 0x50a8  \Device\Harddisk3\DR3 - ok
17:03:48.0219 0x50a8  ================ Scan VBR ==================================
17:03:48.0220 0x50a8  [ 2E85D3F44A9D4BEDD0056212F9A47558 ] \Device\Harddisk2\DR2\Partition1
17:03:48.0221 0x50a8  \Device\Harddisk2\DR2\Partition1 - ok
17:03:48.0222 0x50a8  [ 19AC0F0E39CE447A7E9B9B84BF45D6DC ] \Device\Harddisk2\DR2\Partition2
17:03:48.0223 0x50a8  \Device\Harddisk2\DR2\Partition2 - ok
17:03:48.0224 0x50a8  [ 0B5FB43E56D0D55A8DB5B114698F84B8 ] \Device\Harddisk0\DR0\Partition1
17:03:48.0275 0x50a8  \Device\Harddisk0\DR0\Partition1 - ok
17:03:48.0276 0x50a8  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
17:03:48.0276 0x50a8  \Device\Harddisk1\DR1\Partition1 - ok
17:03:48.0278 0x50a8  [ CA95EB27748FC1C12C493E481A14DDA7 ] \Device\Harddisk1\DR1\Partition2
17:03:48.0363 0x50a8  \Device\Harddisk1\DR1\Partition2 - ok
17:03:48.0365 0x50a8  [ 29F40217EA42FC9F20848EF5B768DA08 ] \Device\Harddisk3\DR3\Partition1
17:03:48.0398 0x50a8  \Device\Harddisk3\DR3\Partition1 - ok
17:03:48.0398 0x50a8  ================ Scan generic autorun ======================
17:03:48.0406 0x50a8  [ 39CF316EB5842AE27CC0D3CC4E2840DE, BC4D4ED926F988B7B70CC87B7EC92D148DA6BC39C5C514751F1B0CA69D0F9081 ] C:\Program Files\Microsoft Office\Office14\BCSSync.exe
17:03:48.0417 0x50a8  BCSSync - ok
17:03:48.0593 0x50a8  [ 95671F4BE988BC043F5828BB7E02CBD0, 7B7572CB569161C44BD63AAF9DEF2C806974576AE9ABFF94ED5A950EFFB3D222 ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:03:48.0724 0x50a8  Launch LCore - ok
17:03:48.0743 0x50a8  [ 9369A66900F448294DB002DE4EDA2684, 86E87B5E8E71E0F5C878CB33712C0BFA655B556D25011A60234F257E12B796E9 ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
17:03:48.0753 0x50a8  Samsung Link - ok
17:03:48.0839 0x50a8  [ EAED518F3F9FF044F6293D3C8FF66B35, 01F69C7DDDA0C8D89860930338948BE7B5CCCAB6880B47F0B007246E7370D4DA ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:03:48.0919 0x50a8  RTHDVCPL - ok
17:03:48.0940 0x50a8  [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
17:03:48.0958 0x50a8  RtHDVBg_DTS - ok
17:03:48.0998 0x50a8  [ A416FBE18A8FF5C942B5E4A65A66EAE0, DC021A544A16BA984A906D235E0E6DA8AC0DF0A7FC8A89D192E427BBE6D2434C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:03:49.0034 0x50a8  NvBackend - ok
17:03:49.0039 0x50a8  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
17:03:49.0046 0x50a8  ShadowPlay - ok
17:03:49.0053 0x50a8  [ A381DE7A9E3EB7915242F91730F3B4D0, 93C82FD33120C3D856D5AEF80E03E668C2301827AA31DFED93ECE74CB618F620 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
17:03:49.0060 0x50a8  KiesTrayAgent - ok
17:03:49.0067 0x50a8  [ 6BA8D86746935498D64CB5CF6286F2EB, E47D1DEE39451428344233DB15412BCB486C4F6FE1D0426F20AA4C6245387926 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
17:03:49.0074 0x50a8  USB3MON - ok
17:03:49.0099 0x50a8  [ 5626C6A78DEB15F00E780115472C163C, 8C1DD609BEC9089EC8A3EB8E212020FFAD98DC029540B039A394B2A074C63650 ] C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
17:03:49.0119 0x50a8  ASUS WiFi GO! FileTransfer Execute - ok
17:03:49.0174 0x50a8  [ F4A755E3A99F4F2324FC2138D30F01B4, EFA955082404977B13754E0DA9CAFF304CA9B87C8B0F2C7166A55ECDF1482DB4 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
17:03:49.0235 0x50a8  LogMeIn Hamachi Ui - ok
17:03:49.0255 0x50a8  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
17:03:49.0274 0x50a8  Adobe ARM - ok
17:03:49.0291 0x50a8  [ CE4C92FFDF19431C53052986D2EF32A6, F0C21F654EE002CFEC8B7CE3F7F58024F8F090537FB3F5A4A67F70B334E78552 ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
17:03:49.0306 0x50a8  BlueStacks Agent - ok
17:03:49.0313 0x50a8  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe
17:03:49.0318 0x50a8  Google Update - ok
17:03:49.0341 0x50a8  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
17:03:49.0372 0x50a8  Sidebar - ok
17:03:49.0404 0x50a8  [ C3E6128725B7C509EB6742A6F2310576, C8348D91AF275185FE90BAB2315AC05B4009E36ECF321E5CECF34D1C3F8AC8B6 ] C:\Users\killi199\AppData\Roaming\Spotify\SpotifyWebHelper.exe
17:03:49.0432 0x50a8  Spotify Web Helper - ok
17:03:49.0475 0x50a8  [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] C:\Program Files (x86)\Steam\steam.exe
17:03:49.0513 0x50a8  Steam - ok
17:03:49.0515 0x50a8  Waiting for KSN requests completion. In queue: 23
17:03:50.0515 0x50a8  Waiting for KSN requests completion. In queue: 23
17:03:51.0515 0x50a8  Waiting for KSN requests completion. In queue: 16
17:03:52.0515 0x50a8  Waiting for KSN requests completion. In queue: 16
17:03:53.0515 0x50a8  Waiting for KSN requests completion. In queue: 16
17:03:54.0515 0x50a8  Waiting for KSN requests completion. In queue: 16
17:03:55.0517 0x50a8  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\wmiav.exe ( 15.0.1.415 ), 0x41000 ( enabled : updated )
17:03:55.0517 0x50a8  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\wmifw.exe ( 15.0.1.415 ), 0x41010 ( enabled )
17:04:01.0302 0x50a8  ============================================================
17:04:01.0302 0x50a8  Scan finished
17:04:01.0302 0x50a8  ============================================================
17:04:01.0306 0x16eb4  Detected object count: 1
17:04:01.0306 0x16eb4  Actual detected object count: 1
17:04:27.0689 0x16eb4  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - skipped by user
17:04:27.0689 0x16eb4  FsUsbExDisk ( UnsignedFile.Multi.Generic ) - User select action: Skip

schrauber 07.06.2015 09:49
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

killi199 07.06.2015 14:10
Combofix
Code:
ComboFix 15-05-31.01 - killi199 07.06.2015  14:40:09.4.8 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.16337.13402 [GMT 2:00]
ausgeführt von:: c:\users\killi199\Desktop\ComboFix.exe
AV: Kaspersky Total Security *Disabled/Updated* {179979E8-273D-D14E-0543-2861940E4886}
FW: Kaspersky Total Security *Disabled* {2FA2F8CD-6D52-D016-2E1C-81546ADD0FFD}
SP: Kaspersky Total Security *Disabled/Updated* {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\killi199\AppData\Local\assembly\tmp
c:\users\killi199\AppData\Roaming\systweak\ssd\SSDPTstub.exe
c:\users\killi199\AppData\Roaming\technic-launcher.jar
c:\windows\msvcr71.dll
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_CltMngSvc
.
.
(((((((((((((((((((((((  Dateien erstellt von 2015-05-07 bis 2015-06-07  ))))))))))))))))))))))))))))))
.
.
2015-06-07 13:03 . 2015-06-07 13:03        --------        d-----w-        c:\users\Default\AppData\Local\temp
2015-06-06 15:19 . 2015-06-07 12:37        163504        ----a-w-        c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10145.bin
2015-06-06 14:43 . 2015-06-06 14:43        --------        d-----w-        c:\programdata\Malwarebytes
2015-06-06 14:43 . 2015-06-06 14:58        --------        d-----w-        c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-06-06 14:43 . 2015-06-06 14:43        136408        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-06 14:38 . 2015-06-06 14:38        107736        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2015-06-06 14:27 . 2015-06-06 14:27        --------        d-----w-        c:\program files (x86)\VS Revo Group
2015-06-05 19:33 . 2015-04-03 13:21        38032        ----a-w-        c:\windows\system32\drivers\nvvad64v.sys
2015-06-05 19:33 . 2015-04-03 13:21        48784        ----a-w-        c:\windows\SysWow64\nvaudcap32v.dll
2015-06-05 14:29 . 2015-06-06 08:44        --------        d-----w-        C:\FRST
2015-06-05 13:51 . 2015-05-03 03:16        12214312        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{44BD0D2B-2727-4F36-AC4B-ABF65D8AE9AC}\mpengine.dll
2015-06-03 15:14 . 2015-06-03 15:14        --------        d-----w-        c:\users\killi199\AppData\Local\GWX
2015-05-25 10:46 . 2015-05-25 10:46        43520        ----a-w-        c:\windows\SysWow64\CmdLineExt03.dll
2015-05-25 10:42 . 2015-05-25 10:42        --------        d-----w-        c:\program files (x86)\Common Files\PocketSoft
2015-05-25 10:42 . 2002-02-27 15:50        197120        ----a-w-        c:\windows\patchw32.dll
2015-05-25 10:30 . 2008-07-12 06:18        467984        ----a-w-        c:\windows\SysWow64\d3dx10_39.dll
2015-05-25 10:30 . 2008-07-12 06:18        3851784        ----a-w-        c:\windows\SysWow64\D3DX9_39.dll
2015-05-25 10:30 . 2008-07-12 06:18        1493528        ----a-w-        c:\windows\SysWow64\D3DCompiler_39.dll
2015-05-25 10:29 . 2015-05-25 10:30        --------        d-----w-        c:\users\killi199\AppData\Roaming\Riot Games
2015-05-23 11:05 . 2015-05-12 02:34        571024        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2015-05-22 10:31 . 2015-05-22 11:55        --------        d-----w-        c:\users\killi199\AppData\Local\Overwolf
2015-05-19 15:04 . 2015-05-19 15:04        --------        d-----w-        c:\program files (x86)\BlueStacks
2015-05-19 15:04 . 2015-05-19 15:04        --------        d-----w-        c:\programdata\BlueStacks
2015-05-13 11:53 . 2015-05-01 13:17        124112        ----a-w-        c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:53 . 2015-05-01 13:16        102608        ----a-w-        c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 11:24 . 2015-04-13 03:28        328704        ----a-w-        c:\windows\system32\services.exe
2015-05-08 18:16 . 2015-05-08 18:16        --------        d-----w-        c:\users\killi199\Tracing
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-25 10:38 . 2013-01-28 16:39        291944        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2015-05-25 10:38 . 2013-01-28 08:10        291944        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2015-05-23 01:47 . 2015-02-10 14:30        1320304        ----a-w-        c:\windows\SysWow64\nvspcap.dll
2015-05-23 01:47 . 2015-02-10 14:30        1316000        ----a-w-        c:\windows\SysWow64\nvspbridge.dll
2015-05-23 01:47 . 2015-02-10 14:30        1756424        ----a-w-        c:\windows\system32\nvspbridge64.dll
2015-05-23 01:47 . 2015-02-10 14:30        1571696        ----a-w-        c:\windows\system32\nvspcap64.dll
2015-05-13 11:54 . 2011-12-13 18:35        140425016        ----a-w-        c:\windows\system32\MRT.exe
2015-05-13 06:52 . 2015-01-22 20:44        1558848        ----a-w-        c:\windows\system32\nvhdagenco6420103.dll
2015-05-12 06:27 . 2014-04-30 07:38        15048816        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2015-05-12 06:27 . 2014-01-23 15:45        17540416        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2015-05-12 06:27 . 2014-01-23 15:45        15858728        ----a-w-        c:\windows\system32\nvd3dumx.dll
2015-05-12 06:27 . 2012-12-01 18:52        112784        ----a-w-        c:\windows\system32\OpenCL.dll
2015-05-12 06:27 . 2012-12-01 18:52        105288        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2015-05-12 06:27 . 2012-12-01 18:52        3363224        ----a-w-        c:\windows\system32\nvapi64.dll
2015-05-12 06:27 . 2012-10-10 20:22        2971776        ----a-w-        c:\windows\SysWow64\nvapi.dll
2015-05-12 06:27 . 2012-10-10 20:22        12849056        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2015-05-12 03:30 . 2012-12-01 18:52        937288        ----a-w-        c:\windows\system32\nvvsvc.exe
2015-05-12 03:30 . 2012-12-01 18:52        62608        ----a-w-        c:\windows\system32\nvshext.dll
2015-05-12 03:30 . 2012-12-01 18:52        385352        ----a-w-        c:\windows\system32\nvmctray.dll
2015-05-12 03:30 . 2012-12-01 18:52        2558608        ----a-w-        c:\windows\system32\nvsvcr.dll
2015-05-12 03:30 . 2012-12-01 18:52        6872392        ----a-w-        c:\windows\system32\nvcpl.dll
2015-05-12 03:30 . 2012-12-01 18:52        3490448        ----a-w-        c:\windows\system32\nvsvc64.dll
2015-05-11 17:01 . 2012-12-01 18:52        4391871        ----a-w-        c:\windows\system32\nvcoproc.bin
2015-04-27 19:04 . 2015-05-13 11:24        44032        ----a-w-        c:\windows\apppatch\acwow64.dll
2015-04-15 09:10 . 2012-12-07 20:17        778416        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2015-04-15 09:10 . 2012-12-07 19:13        142512        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-04-14 01:33 . 2015-04-14 01:33        1614504        ----a-w-        c:\windows\system32\FM20.DLL
2015-04-09 00:58 . 2015-04-13 20:19        1895568        ----a-w-        c:\windows\system32\nvdispco6435012.dll
2015-04-09 00:58 . 2015-04-13 20:19        1557648        ----a-w-        c:\windows\system32\nvdispgenco6435012.dll
2015-04-05 21:30 . 2013-01-28 08:10        348672        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2015-04-03 13:21 . 2015-02-10 14:30        52880        ----a-w-        c:\windows\system32\nvaudcap64v.dll
2015-03-31 16:52 . 2015-03-31 16:52        66728        ----a-w-        c:\windows\system32\drivers\vrtaucbl.sys
2015-03-30 13:25 . 2013-04-08 17:23        33856        ---ha-w-        c:\windows\system32\hamachi.sys
2015-03-25 03:24 . 2015-04-15 18:56        98304        ----a-w-        c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 18:56        37376        ----a-w-        c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 18:56        35328        ----a-w-        c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 18:56        3298816        ----a-w-        c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 18:56        2553856        ----a-w-        c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 18:56        191488        ----a-w-        c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 18:56        696320        ----a-w-        c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 18:56        60416        ----a-w-        c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 18:56        12288        ----a-w-        c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 18:56        36864        ----a-w-        c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 18:56        135168        ----a-w-        c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 18:56        92672        ----a-w-        c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 18:56        566784        ----a-w-        c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 18:56        29696        ----a-w-        c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 18:56        173056        ----a-w-        c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 18:56        33792        ----a-w-        c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 18:56        726528        ----a-w-        c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 18:56        769536        ----a-w-        c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 18:56        419840        ----a-w-        c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 18:56        957952        ----a-w-        c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 18:56        30720        ----a-w-        c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 18:56        227328        ----a-w-        c:\windows\system32\aepdu.dll
2015-03-23 03:24 . 2015-04-15 18:56        192000        ----a-w-        c:\windows\system32\aepic.dll
2015-03-23 03:17 . 2015-04-15 18:56        1111552        ----a-w-        c:\windows\system32\aeinv.dll
2015-03-10 15:33 . 2014-08-20 17:04        819896        ----a-w-        c:\windows\system32\drivers\klif.sys
2015-03-10 15:33 . 2014-08-18 13:43        150536        ----a-w-        c:\windows\system32\drivers\klflt.sys
2015-03-10 15:33 . 2014-08-13 18:34        77512        ----a-w-        c:\windows\system32\drivers\klwtp.sys
2015-03-10 03:25 . 2015-04-15 18:56        1882624        ----a-w-        c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 18:56        2048        ----a-w-        c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 18:56        1237504        ----a-w-        c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 18:56        2048        ----a-w-        c:\windows\SysWow64\msxml3r.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{504839B4-0C9A-4b5b-B00F-DEB2EEB870D7}]
2010-11-21 03:24        297808        ----a-w-        c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        152544        ----a-w-        c:\users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        152544        ----a-w-        c:\users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        152544        ----a-w-        c:\users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{014F27E2-6D75-4E42-A0E9-2A2C68498AFA}"
[HKEY_CLASSES_ROOT\CLSID\{014F27E2-6D75-4E42-A0E9-2A2C68498AFA}]
2015-03-10 15:33        552232        ----a-w-        c:\program files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"Spotify Web Helper"="c:\users\killi199\AppData\Roaming\Spotify\SpotifyWebHelper.exe" [2015-06-01 2021944]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2015-06-04 2892992]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2014-01-23 578560]
"GoogleChromeAutoLaunch_C1592978CA7CAB0FA856FE53FD022B07"="c:\users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe" [2015-05-22 813896]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2015-04-17 31280256]
"kpm.exe"="c:\program files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe" [2014-11-14 6120544]
"Spotify"="c:\users\killi199\AppData\Roaming\Spotify\Spotify.exe" [2015-06-01 7323192]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2015-02-24 311616]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-03-26 291608]
"ASUS WiFi GO! FileTransfer Execute"="c:\program files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe" [2012-07-12 1384608]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2015-03-30 3978600]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2015-05-02 884440]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
.
c:\users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-5-5 43374104]
Microsoft Outlook 2010.lnk - c:\windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe [2012-12-4 304296]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
phase-6 Reminder.lnk - c:\program files (x86)\phase-6\phase-6\reminder\reminder.exe [2015-1-20 724992]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
"HideFastUserSwitching"= 0 (0x0)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableClock"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R3 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R3 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
R3 cpuz136;cpuz136;c:\windows\TEMP\cpuz136\cpuz136_x64.sys;c:\windows\TEMP\cpuz136\cpuz136_x64.sys [x]
R3 cpuz138;cpuz138;c:\windows\TEMP\cpuz138\cpuz138_x64.sys;c:\windows\TEMP\cpuz138\cpuz138_x64.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 dgderdrv;dgderdrv;c:\windows\system32\drivers\dgderdrv.sys;c:\windows\SYSNATIVE\drivers\dgderdrv.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 FsUsbExDisk;FsUsbExDisk;c:\windows\SysWOW64\FsUsbExDisk.SYS;c:\windows\SysWOW64\FsUsbExDisk.SYS [x]
R3 GPUZ;GPUZ;c:\windows\TEMP\GPUZ.sys;c:\windows\TEMP\GPUZ.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;c:\windows\system32\DRIVERS\LGSHidFilt.Sys;c:\windows\SYSNATIVE\DRIVERS\LGSHidFilt.Sys [x]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SPPD;SPPD;c:\windows\system32\drivers\SPPD.sys;c:\windows\SYSNATIVE\drivers\SPPD.sys [x]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;c:\windows\system32\drivers\Synth3dVsc.sys;c:\windows\SYSNATIVE\drivers\Synth3dVsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;Remote Deskotop USB Hub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R4 AllShare Framework DMS;AllShare Framework DMS;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe;c:\program files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [x]
R4 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
R4 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
R4 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
R4 DTSAudioSvc;DTSAudioSvc;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe;c:\program files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [x]
R4 Futuremark SystemInfo Service;Futuremark SystemInfo Service;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe;c:\program files (x86)\Futuremark\SystemInfo\FMSISvc.exe [x]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
R4 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
R4 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
R4 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
R4 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R4 RosettaStoneDaemon;RosettaStoneDaemon;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe;c:\program files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [x]
R4 Samsung Link Service;Samsung Link Service;c:\program files\Samsung\Samsung Link\Samsung Link.exe;c:\program files\Samsung\Samsung Link\Samsung Link.exe [x]
R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R4 ss_conn_service;SAMSUNG Mobile Connectivity Service;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe;c:\program files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [x]
S0 asahci64;asahci64;c:\windows\system32\DRIVERS\asahci64.sys;c:\windows\SYSNATIVE\DRIVERS\asahci64.sys [x]
S0 cm_km_w;Kaspersky Lab Crypto Module (FDE PDK);c:\windows\system32\DRIVERS\cm_km_w.sys;c:\windows\SYSNATIVE\DRIVERS\cm_km_w.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 klhk;klhk;c:\windows\system32\DRIVERS\klhk.sys;c:\windows\SYSNATIVE\DRIVERS\klhk.sys [x]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys;c:\windows\SYSNATIVE\DRIVERS\klim6.sys [x]
S1 klpd;klpd;c:\windows\system32\DRIVERS\klpd.sys;c:\windows\SYSNATIVE\DRIVERS\klpd.sys [x]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys;c:\windows\SYSNATIVE\DRIVERS\kltdi.sys [x]
S1 Klwtp;Klwtp;c:\windows\system32\DRIVERS\klwtp.sys;c:\windows\SYSNATIVE\DRIVERS\klwtp.sys [x]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys;c:\windows\SYSNATIVE\DRIVERS\kneps.sys [x]
S2 AVP15.0.1;Kaspersky Anti-Virus Service 15.0.1;c:\program files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe;c:\program files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 kldisk;kldisk;c:\windows\system32\DRIVERS\kldisk.sys;c:\windows\SYSNATIVE\DRIVERS\kldisk.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64;c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 BazisVirtualCDBus;WinCDEmu Virtual Bus Driver;c:\windows\system32\DRIVERS\BazisVirtualCDBus.sys;c:\windows\SYSNATIVE\DRIVERS\BazisVirtualCDBus.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 klflt;Kaspersky Lab Kernel DLL;c:\windows\system32\DRIVERS\klflt.sys;c:\windows\SYSNATIVE\DRIVERS\klflt.sys [x]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys;c:\windows\SYSNATIVE\DRIVERS\klkbdflt.sys [x]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys;c:\windows\SYSNATIVE\DRIVERS\klmouflt.sys [x]
S3 LADF_CaptureOnly;LADF Capture Filter Driver;c:\windows\system32\DRIVERS\ladfGSCamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSCamd64.sys [x]
S3 LADF_RenderOnly;LADF Render Filter Driver;c:\windows\system32\DRIVERS\ladfGSRamd64.sys;c:\windows\SYSNATIVE\DRIVERS\ladfGSRamd64.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - AIDA64DRIVER
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-12-07 09:10]
.
2015-06-07 c:\windows\Tasks\AutoKMS.job
- c:\windows\AutoKMS\AutoKMS.exe [2012-12-04 17:49]
.
2015-06-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01 20:24]
.
2015-06-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-01 20:24]
.
2015-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core.job
- c:\users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01 19:39]
.
2015-06-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA.job
- c:\users\killi199\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-01 19:39]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2015-02-11 01:12        185824        ----a-w-        c:\users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{014F27E2-6D75-4E42-A0E9-2A2C68498AFA}"
[HKEY_CLASSES_ROOT\CLSID\{014F27E2-6D75-4E42-A0E9-2A2C68498AFA}]
2015-03-10 15:33        726312        ----a-w-        c:\program files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 108144]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-07-28 10801944]
"Samsung Link"="c:\program files\Samsung\Samsung Link\Samsung Link Tray Agent.exe" [2014-01-17 600928]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2012-02-10 6463592]
"RtHDVBg_DTS"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-05-23 2754704]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2015-05-23 1571696]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=MD36F9CA9-B9CE-46F5-BC77-6807FE884E33&SearchSource=55&CUI=&UM=5&UP=SP356D3337-DEB1-49AB-9D9C-39A93EAC06A1&SSPV=
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Kaspersky PURE - c:\progra~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll/616
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: {{781B39EC-2E18-41FC-9B00-B84E4FFCA85F} - c:\program files (x86)\ICQ7M\ICQ.exe
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\killi199\AppData\Local\Temp\ie_script.htm
IE: {{09A10376-994C-4BBF-9121-F50CF7BA237E} - {F2A56BFE-7911-451A-BC74-A9C3C2E95126} - c:\program files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Desura - d:\games\Erie\Desura\desura.exe
SafeBoot-ksupmgr
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Audacity_is1 - d:\programme\Audacity\unins000.exe
AddRemove-FarmingSimulator2013DE_is1 - d:\games\LS2013\Landwirtschafts Simulator 2013\unins000.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\Origin Games\BFH Beta 2\pbsvc.exe
AddRemove-{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1 - c:\program files (x86)\Craften Terminal\unins000.exe
AddRemove-{87686C21-8A15-4b4d-A3F1-11141D9BE094} - c:\program files (x86)\EA Games\Battlefield Play4Free\uninstaller.exe
AddRemove-{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4} - c:\program files (x86)\EA Games\Battlefield Heroes\uninstaller.exe
AddRemove-MyFreeCodec - d:\programme\1.0b beta\uninstall.exe
AddRemove-Survivors Viy - h:\games\Survivers\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\AIDA64Driver]
"ImagePath"="\??\c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
c:\program files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
c:\program files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
c:\users\killi199\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
c:\program files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-06-07  15:06:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-06-07 13:06
.
Vor Suchlauf: 14 Verzeichnis(se), 60.440.117.248 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 79.515.635.712 Bytes frei
.
- - End Of File - - 5D91F0045264657C089F7622D85E44F0
A36C5E4F47E84449FF07ED3517B43A31

schrauber 08.06.2015 06:15
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

killi199 08.06.2015 13:00
mbam
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 08.06.2015
Suchlauf-Zeit: 13:29:10
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.08.01
Rootkit Datenbank: v2015.06.02.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: killi199

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 430274
Verstrichene Zeit: 9 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 18
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [c180991f76146fc73c09109063a011ef],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [c180991f76146fc73c09109063a011ef],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [c180991f76146fc73c09109063a011ef],
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32LDR, In Quarantäne, [ce73a216cebc92a4e45aceb7739209f7],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, In Quarantäne, [122f34842c5e3bfb6cf82e42010445bb],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, In Quarantäne, [9ca5c3f55436082ee57ef08027dec63a],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\OHKKGBJCOJMJFNHEGMPHNHELJNCBEGBC, In Quarantäne, [7cc5a41465253006a0aa26c4ee15738d],
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, In Quarantäne, [21206c4c7515c07681a66bae62a210f0],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, In Quarantäne, [3e036a4ed4b602343614a96e26de659b],
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD, In Quarantäne, [ba870fa91a701422b58a0a0952b21fe1],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, In Quarantäne, [231e813797f374c2670750985da622de],
PUP.Optional.BabylonToolBar.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\BabylonToolbar, In Quarantäne, [c47de7d1fe8c45f1e07d7ed37e87b24e],
PUP.Optional.ConduitSearch.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\Conduit_Search_Protect, In Quarantäne, [360beacee2a82016b4df0dea966dcd33],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\OHKKGBJCOJMJFNHEGMPHNHELJNCBEGBC, In Quarantäne, [cc750daba0ea8da96be02bbf57ac44bc],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [95ac6d4bdfab42f413fa4eea60a4629e],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\INSTALLCORE, In Quarantäne, [a1a0a018800aaf87f1d161ec4abbc43c],
PUP.Optional.Ask.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{4BFA2AC9-A130-4A7D-A063-B0C145395445}, In Quarantäne, [94ad55639ded86b0c9a2364fa65f8878],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\SYSTWEAK\ssd, In Quarantäne, [5fe262560c7e3ff7f6533bdc47bd7090],

Registrierungswerte: 11
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130522348255132494, In Quarantäne, [7ac7c3f5cfbb4cea47f6394c788da060]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130522348255132494, In Quarantäne, [0140546419712f072d10c7bee322ff01]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130522348255132494, In Quarantäne, [57ea457312788ea8c07dcfb6c243ee12]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130522348255132494, In Quarantäne, [84bd932596f40f2787b6592c986d4db3]
PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\SPVC32Ldr|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130522348255132494, In Quarantäne, [ce73a216cebc92a4e45aceb7739209f7]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ohkkgbjcojmjfnhegmphnheljncbegbc|path, C:\Users\killi199\AppData\Local\CRE\ohkkgbjcojmjfnhegmphnheljncbegbc.crx, In Quarantäne, [7cc5a41465253006a0aa26c4ee15738d]
PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, In Quarantäne, [21206c4c7515c07681a66bae62a210f0]
PUP.Optional.SearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPPD|ImagePath, \??\C:\Windows\system32\drivers\SPPD.sys, In Quarantäne, [ba870fa91a701422b58a0a0952b21fe1]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ohkkgbjcojmjfnhegmphnheljncbegbc|path, C:\Users\killi199\AppData\Local\CRE\ohkkgbjcojmjfnhegmphnheljncbegbc.crx, In Quarantäne, [cc750daba0ea8da96be02bbf57ac44bc]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\INSTALLCORE|tb, 0X2O1C0R2R1R, In Quarantäne, [a1a0a018800aaf87f1d161ec4abbc43c]
PUP.Optional.Ask.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{4BFA2AC9-A130-4A7D-A063-B0C145395445}|URL, hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=83D2F8F6-A995-42F3-BACA-9A0D6EFED7C3&apn_sauid=662B6D03-8E14-4C8C-A9FA-A6FCA8922C85, In Quarantäne, [94ad55639ded86b0c9a2364fa65f8878]

Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=MD36F9CA9-B9CE-46F5-BC77-6807FE884E33&SearchSource=55&CUI=&UM=5&UP=SP356D3337-DEB1-49AB-9D9C-39A93EAC06A1&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=MD36F9CA9-B9CE-46F5-BC77-6807FE884E33&SearchSource=55&CUI=&UM=5&UP=SP356D3337-DEB1-49AB-9D9C-39A93EAC06A1&SSPV=),Ersetzt,[53ee2890107aac8af0b4002f9f6718e8]

Ordner: 13
PUP.Optional.OpenCandy, C:\Users\killi199\AppData\Roaming\OpenCandy, In Quarantäne, [c87909af59310f275414625358ab738d],
PUP.Optional.OpenCandy, C:\Users\killi199\AppData\Roaming\OpenCandy\0660D71FE34A4EA3968798B640465066, In Quarantäne, [c87909af59310f275414625358ab738d],
PUP.Optional.OpenCandy, C:\Users\killi199\AppData\Roaming\OpenCandy\9438F4A41DC5489A92D7F9B4B3B1F9E9, In Quarantäne, [c87909af59310f275414625358ab738d],
PUP.Optional.OpenCandy, C:\Users\killi199\AppData\Roaming\OpenCandy\BFFBC8E8BE2B411D8D1721F694AE4CE0, In Quarantäne, [c87909af59310f275414625358ab738d],
PUP.Optional.OpenCandy, C:\Users\killi199\AppData\Roaming\OpenCandy\C7B9B615E81F4DDD8D44375D66BA4F6B, In Quarantäne, [c87909af59310f275414625358ab738d],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\SearchProtect\STG, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\UI, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SystemSpeedup, C:\Users\killi199\AppData\Roaming\systweak\ssd, In Quarantäne, [8fb24177bbcf67cf56b16c5d57ac26da],
PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, In Quarantäne, [241d26925b2f3ef8a209c720d92aa15f],

Dateien: 14
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Roaming\OpenCandy\9438F4A41DC5489A92D7F9B4B3B1F9E9\sp-downloader.exe, In Quarantäne, [b68bcaee17732b0ba0ad387f877acb35],
PUP.Optional.Wajam.A, C:\Users\killi199\AppData\Roaming\RHEng\5D895DA0B6C54024ACFEC2BE282E3496\WWE_1.2.0.53.exe, In Quarantäne, [ea57a612c4c6e254b843dd949e68a15f],
PUP.Optional.RegCleanPro.C, C:\Windows\System32\roboot64.exe, In Quarantäne, [5de45761d7b3e650833e1e567f87ce32],
PUP.Optional.Bandoo, C:\Users\killi199\Downloads\Nicht bestätigt 688745.crdownload, In Quarantäne, [b68b991fa1e92313900e1030897850b0],
PUP.Optional.OpenCandy, C:\Users\killi199\Downloads\FreemakeVideoConverterFull_4.1.5.4.exe, In Quarantäne, [a69bdcdc404a69cdaeea222259a8a25e],
PUP.Optional.SearchProtect.A, C:\Windows\AppPatch\AppPatch64\SPVCLdr64.dll, In Quarantäne, [3b06704871197fb7a4b9d8ea9f622ad6],
PUP.Optional.Conduit.A, C:\Program Files (x86)\Common Files\NewFreeScreensavers\mconduitinstaller.exe, In Quarantäne, [86bb3088addd1b1b0ad0151329dbfd03],
PUP.Optional.SearchProtect, C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, In Quarantäne, [e061c4f4206a69cd382f214f45c0e917],
PUP.Optional.OpenCandy, C:\Users\killi199\AppData\Roaming\OpenCandy\0660D71FE34A4EA3968798B640465066\Trial-14.0.1000.89_de-DE_1004733_DE-2.exe, In Quarantäne, [c87909af59310f275414625358ab738d],
PUP.Optional.OpenCandy, C:\Users\killi199\AppData\Roaming\OpenCandy\C7B9B615E81F4DDD8D44375D66BA4F6B\speedupmypcDE.exe, In Quarantäne, [c87909af59310f275414625358ab738d],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [60e14375800afe387360a71f3dc645bb],
PUP.Optional.SearchProtect.A, C:\Users\killi199\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [60e14375800afe387360a71f3dc645bb],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
AdwCleaner
Code:
# AdwCleaner v4.206 - Bericht erstellt 08/06/2015 um 13:47:32
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-05-31.5 [Lokal]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : killi199 - KILLI199-PC
# Gestarted von : C:\Users\killi199\Downloads\AdwCleaner_4.206.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\apn
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Device
Ordner Gelöscht : C:\ProgramData\DownloadManager
Ordner Gelöscht : C:\Users\killi199\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\killi199\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\killi199\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\killi199\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\killi199\AppData\Roaming\RHEng
Datei Gelöscht : C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb
Datei Gelöscht : C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default\user.js
Datei Gelöscht : C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.spigotmc.org_0.localstorage
Datei Gelöscht : C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.spigotmc.org_0.localstorage-journal

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskToolbar
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v


-\\ Google Chrome v

[C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://search.conduit.com/?gd=&ctid=CT3321540&octid=EB_ORIGINAL_CTID&ISID=MD36F9CA9-B9CE-46F5-BC77-6807FE884E33&SearchSource=55&CUI=&UM=5&UP=SP356D3337-DEB1-49AB-9D9C-39A93EAC06A1&SSPV=

*************************

AdwCleaner[R0].txt - [5516 Bytes] - [08/06/2015 13:46:51]
AdwCleaner[S0].txt - [5127 Bytes] - [08/06/2015 13:47:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5186  Bytes] ##########
JRT
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.0 (06.07.2015:1)
OS: Windows 7 Ultimate x64
Ran by killi199 on 08.06.2015 at 13:51:42,35
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_C1592978CA7CAB0FA856FE53FD022B07



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{504839B4-0C9A-4b5b-B00F-DEB2EEB870D7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{504839B4-0C9A-4b5b-B00F-DEB2EEB870D7}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{504839B4-0C9A-4b5b-B00F-DEB2EEB870D7}



~~~ Files

Successfully deleted: [File] C:\Users\killi199\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage
Successfully deleted: [File] C:\Users\killi199\appdata\local\google\chrome\user data\default\local storage\http_static.audienceinsights.net_0.localstorage-journal
Successfully deleted: [File] C:\Users\killi199\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage
Successfully deleted: [File] C:\Users\killi199\appdata\local\google\chrome\user data\default\local storage\http_www.superfish.com_0.localstorage-journal
Successfully deleted: [File] C:\Users\killi199\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage
Successfully deleted: [File] C:\Users\killi199\appdata\local\google\chrome\user data\default\local storage\https_static.olark.com_0.localstorage-journal



~~~ Folders

Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
Successfully deleted: [Folder] C:\Users\killi199\appdata\local\cre



~~~ Chrome


[C:\Users\killi199\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\killi199\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\killi199\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\killi199\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
  pljcgbedjplidkdjahbaalanadmjfgop
]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.06.2015 at 13:53:41,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by killi199 (administrator) on KILLI199-PC on 08-06-2015 13:57:13
Running from C:\Users\killi199\Downloads
Loaded Profiles: killi199 (Available Profiles: killi199)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\plugin-nm-server.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Ranorex GmbH) E:\Programme\RANOREX\Bin\Ranorex.Plugin.ChromeMsgHost.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\plugin-nm-server.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-01-17] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1384608 2012-07-12] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Spotify Web Helper] => C:\Users\killi199\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-01] (Spotify Ltd)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Spotify] => C:\Users\killi199\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-01] (Spotify Ltd)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe [6897248 2015-04-13] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [GoogleChromeAutoLaunch_C1592978CA7CAB0FA856FE53FD022B07] => C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\system: [DisableClock] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012-12-07]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-12-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2012-12-04]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll [2015-03-10] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll [2015-03-10] (Kaspersky Lab ZAO)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @tools.google.com/Google Update;version=3 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @tools.google.com/Google Update;version=9 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\killi199\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-13] ()
FF Extension: Amazon-Icon - C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default\Extensions\amazon-icon@giga.de [2014-10-22]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-10]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR Profile: C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-10]
CHR Extension: (Ranorex Automation) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdlgaljianpgdlmfijpphbadibfncdm [2015-03-30]
CHR Extension: (Type Scout - Faster Typing! :)) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2014-08-28]
CHR Extension: (Bookmark Manager) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-22]
CHR Extension: ( Kaspersky Password Manager\r) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpfbladobbejblkbfleiljmikcfhkem [2015-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Skype Click to Call) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-11]
CHR Extension: (Until AM for Chrome) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2014-08-28]
CHR Extension: (Google Wallet) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (My Chrome Theme) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-08-28]
CHR Extension: (MIT App Inventor) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnbdacoddlfhpcgfnfijdglhdaaheok [2015-01-01]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hlpfbladobbejblkbfleiljmikcfhkem] - https://chrome.google.com/webstore/detail/hlpfbladobbejblkbfleiljmikcfhkem
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [egdlgaljianpgdlmfijpphbadibfncdm] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome.H4ZT3EEQXFVQ7TXEKCU5FGLDD4 - C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S4 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S4 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [69632 2014-04-23] (Macrovision                                                    ) [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-04] (Electronic Arts)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-02] ()
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32600 2013-09-16] ()
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-03-10] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-03-10] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-08 13:53 - 2015-06-08 13:53 - 00002785 _____ C:\Users\killi199\Desktop\JRT.txt
2015-06-08 13:51 - 2015-06-08 13:51 - 00000207 _____ C:\Windows\tweaking.com-regbackup-KILLI199-PC-Windows-7-Ultimate-(64-bit).dat
2015-06-08 13:51 - 2015-06-08 13:51 - 00000000 ____D C:\RegBackup
2015-06-08 13:50 - 2015-06-08 13:50 - 02943232 _____ (Thisisu) C:\Users\killi199\Downloads\JRT.exe
2015-06-08 13:49 - 2015-06-08 13:49 - 00005322 _____ C:\Users\killi199\Desktop\AdwCleaner[S0].txt
2015-06-08 13:46 - 2015-06-08 13:47 - 00000000 ____D C:\AdwCleaner
2015-06-08 13:44 - 2015-06-08 13:44 - 02231296 _____ C:\Users\killi199\Downloads\AdwCleaner_4.206.exe
2015-06-08 13:43 - 2015-06-08 13:43 - 00011070 _____ C:\Users\killi199\Desktop\mbam.txt
2015-06-08 13:27 - 2015-06-08 13:27 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-06-08 13:27 - 2015-06-08 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-08 13:27 - 2015-06-08 13:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-08 13:27 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-08 13:27 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-08 13:26 - 2015-06-08 13:27 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\killi199\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-08 13:15 - 2015-06-08 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2015-06-07 17:08 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-07 17:07 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-07 17:07 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-07 15:59 - 2015-06-07 15:59 - 00000000 ____D C:\Windows\SysWOW64\Drivers\sl-SI
2015-06-07 15:59 - 2015-06-07 15:59 - 00000000 ____D C:\Windows\system32\Drivers\sl-SI
2015-06-07 15:59 - 2015-06-07 15:59 - 00000000 ____D C:\Windows\sl-SI
2015-06-07 15:56 - 2015-06-08 13:54 - 00736250 _____ C:\Windows\system32\perfh010.dat
2015-06-07 15:56 - 2015-06-08 13:54 - 00149054 _____ C:\Windows\system32\perfc010.dat
2015-06-07 15:56 - 2015-06-07 15:55 - 00335478 _____ C:\Windows\system32\perfi010.dat
2015-06-07 15:56 - 2015-06-07 15:55 - 00037534 _____ C:\Windows\system32\perfd010.dat
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\SysWOW64\it
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\SysWOW64\0410
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\system32\it
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\system32\0410
2015-06-07 15:53 - 2015-06-08 13:54 - 00686828 _____ C:\Windows\system32\perfh00C.dat
2015-06-07 15:53 - 2015-06-08 13:54 - 00475218 _____ C:\Windows\system32\perfh001.dat
2015-06-07 15:53 - 2015-06-08 13:54 - 00132440 _____ C:\Windows\system32\perfc00C.dat
2015-06-07 15:53 - 2015-06-08 13:54 - 00096980 _____ C:\Windows\system32\perfc001.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00344522 _____ C:\Windows\system32\perfi00C.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00289060 _____ C:\Windows\system32\perfi001.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00042056 _____ C:\Windows\system32\perfd001.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00038160 _____ C:\Windows\system32\perfd00C.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\fr
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\Drivers\ar-SA
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\ar
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\040C
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\system32\fr
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\system32\ar
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\system32\040C
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\ar-SA
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\SysWOW64\Drivers\sk-SK
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\SysWOW64\0409
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\system32\Drivers\sk-SK
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\system32\0409
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\sk-SK
2015-06-07 15:06 - 2015-06-07 15:06 - 00037206 _____ C:\ComboFix.txt
2015-06-07 14:38 - 2015-06-07 14:37 - 05628238 ____R (Swearware) C:\Users\killi199\Desktop\ComboFix.exe
2015-06-07 14:37 - 2015-06-07 14:37 - 05628238 _____ (Swearware) C:\Users\killi199\Downloads\ComboFix.exe
2015-06-06 23:12 - 2015-06-06 23:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2015-06-06 16:59 - 2015-06-06 17:01 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\killi199\Downloads\tdsskiller.exe
2015-06-06 16:43 - 2015-06-08 13:49 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-06 16:43 - 2015-06-08 13:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-06 16:43 - 2015-06-06 16:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-06 16:38 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-06 16:37 - 2015-06-06 17:58 - 00000000 ____D C:\Users\killi199\Desktop\mbar
2015-06-06 16:30 - 2015-06-06 16:37 - 16502728 _____ (Malwarebytes Corp.) C:\Users\killi199\Downloads\mbar-1.09.1.1004.exe
2015-06-06 16:27 - 2015-06-06 16:27 - 00001264 _____ C:\Users\killi199\Desktop\Revo Uninstaller.lnk
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-06 16:25 - 2015-06-06 16:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\killi199\Downloads\revosetup95 (1).exe
2015-06-06 16:18 - 2015-06-06 16:20 - 00338680 _____ (VS Revo Group Ltd.) C:\Users\killi199\Downloads\revosetup95.exe
2015-06-06 11:13 - 2015-06-06 11:13 - 00138677 _____ C:\Users\killi199\Desktop\GMER.log
2015-06-06 10:54 - 2015-06-06 11:22 - 00692618 _____ C:\Users\killi199\Desktop\hilfe.txt
2015-06-06 10:53 - 2015-06-06 10:54 - 00380416 _____ C:\Users\killi199\Downloads\ylgv54n1.exe
2015-06-06 10:44 - 2015-06-06 10:44 - 00120295 _____ C:\Users\killi199\Downloads\Addition.txt
2015-06-06 10:43 - 2015-06-08 13:57 - 00000000 _____ C:\Users\killi199\Downloads\FRST.txt
2015-06-06 10:41 - 2015-06-06 10:42 - 00000478 _____ C:\Users\killi199\Downloads\defogger_disable.log
2015-06-06 10:41 - 2015-06-06 10:41 - 00050477 _____ C:\Users\killi199\Downloads\Defogger.exe
2015-06-06 10:41 - 2015-06-06 10:41 - 00000000 _____ C:\Users\killi199\defogger_reenable
2015-06-05 21:33 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-05 21:33 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-05 17:28 - 2015-06-05 17:28 - 00222225 _____ C:\Users\killi199\Downloads\mw2-dedi.zip
2015-06-05 16:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-05 16:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-05 16:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-05 16:31 - 2015-06-07 15:06 - 00000000 ____D C:\Qoobox
2015-06-05 16:31 - 2015-06-07 15:05 - 00000000 ____D C:\Windows\erdnt
2015-06-05 16:29 - 2015-06-08 13:57 - 00000000 ____D C:\FRST
2015-06-05 16:28 - 2015-06-05 16:29 - 02108928 _____ (Farbar) C:\Users\killi199\Downloads\FRST64.exe
2015-06-04 17:41 - 2015-06-04 17:43 - 164983442 _____ C:\Users\killi199\Downloads\FTBDepartedServer.zip
2015-06-04 16:25 - 2015-06-04 16:29 - 167431232 _____ C:\Users\killi199\Downloads\Hexx_Reloaded_1.2.0b_Server.zip
2015-06-03 17:14 - 2015-06-03 17:14 - 00000000 ____D C:\Users\killi199\AppData\Local\GWX
2015-05-31 21:01 - 2015-05-31 21:01 - 08047384 _____ (TeamViewer GmbH) C:\Users\killi199\Downloads\TeamViewer_Setup_de.exe
2015-05-31 20:19 - 2015-05-31 20:41 - 20827501 _____ C:\Users\killi199\Downloads\Tekkit_Lite_Server_0.6.5.zip
2015-05-25 13:01 - 2015-05-25 13:01 - 06308944 _____ (Wargaming.net ) C:\Users\killi199\Downloads\WoT_internet_install_eu.exe
2015-05-25 13:01 - 2015-05-25 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-05-25 13:00 - 2015-05-25 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
2015-05-25 12:59 - 2015-05-25 12:59 - 07169912 _____ (Wargaming.net ) C:\Users\killi199\Downloads\WoWP_internet_install_eu.exe
2015-05-25 12:56 - 2015-05-25 12:56 - 03974614 _____ C:\Users\killi199\Downloads\flt-rct3u.rar
2015-05-25 12:54 - 2015-05-25 12:54 - 03625241 _____ C:\Users\killi199\Downloads\RCT3_u31.rar
2015-05-25 12:46 - 2015-05-25 12:46 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2015-05-25 12:42 - 2002-02-27 17:50 - 00197120 _____ C:\Windows\patchw32.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-05-25 12:29 - 2015-05-25 12:30 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Riot Games
2015-05-25 12:22 - 2015-05-25 12:23 - 30668968 _____ (Riot Games) C:\Users\killi199\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-05-23 16:10 - 2015-05-23 16:13 - 16196501 _____ C:\Users\killi199\Downloads\Rush 1.0.4.zip
2015-05-23 16:07 - 2015-05-23 16:07 - 00016209 _____ C:\Users\killi199\Downloads\CommandSigns.jar
2015-05-23 16:04 - 2015-05-23 16:04 - 00178476 _____ C:\Users\killi199\Downloads\Bedwars.jar
2015-05-23 13:04 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-23 13:04 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-22 19:30 - 2015-05-22 19:30 - 01124544 _____ (Adobe Systems Incorporated) C:\Users\killi199\Downloads\flashplayer17au_ha_install.exe
2015-05-22 12:31 - 2015-05-22 13:55 - 00000000 ____D C:\Users\killi199\AppData\Local\Overwolf
2015-05-19 17:05 - 2015-05-19 17:05 - 00001821 _____ C:\Users\Public\Desktop\Apps.lnk
2015-05-19 17:05 - 2015-05-19 17:05 - 00001807 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\ProgramData\BlueStacks
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-05-13 13:53 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:53 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:25 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 13:25 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:25 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 13:25 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 13:25 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 13:25 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 13:25 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 13:25 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 13:25 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 13:25 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 13:25 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 13:25 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 13:25 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 13:25 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 13:25 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 13:25 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 13:25 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 13:25 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 13:25 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 13:25 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 13:25 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 13:25 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 13:25 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 13:25 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 13:25 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 13:25 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 13:25 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 13:25 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 13:25 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 13:25 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 13:25 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 13:25 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 13:25 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 13:25 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 13:25 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 13:25 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 13:25 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 13:25 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 13:25 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 13:25 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 13:25 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 13:25 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 13:25 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 13:25 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 13:25 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 13:25 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 13:25 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 13:25 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 13:25 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 13:25 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 13:25 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 13:25 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 13:25 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 13:25 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 13:25 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 13:25 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 13:25 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 13:25 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 13:25 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 13:25 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 13:25 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 13:25 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 13:25 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 13:25 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 13:24 - 2015-05-13 13:24 - 05022929 _____ C:\Users\killi199\Downloads\teamspeak3-server_linux-amd64-3.0.11.3.tar.gz
2015-05-13 13:24 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 13:24 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 13:24 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 13:24 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 13:24 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 13:24 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 13:24 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 13:24 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 13:24 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 13:24 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 13:24 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 13:24 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 13:24 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 13:24 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 13:24 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 13:24 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 13:24 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:24 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 13:24 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 13:24 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 13:24 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:24 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 13:24 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 13:24 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 13:24 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 13:24 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 13:24 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 13:24 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 13:24 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 13:24 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 13:24 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 13:24 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 13:24 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-08 13:54 - 2011-04-12 09:43 - 00705644 _____ C:\Windows\system32\perfh007.dat
2015-06-08 13:54 - 2011-04-12 09:43 - 00152044 _____ C:\Windows\system32\perfc007.dat
2015-06-08 13:54 - 2009-07-14 07:13 - 03900764 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-08 13:52 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-08 13:52 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-08 13:49 - 2014-08-31 15:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-08 13:49 - 2014-08-27 20:28 - 00000000 ___RD C:\Users\killi199\Dropbox
2015-06-08 13:49 - 2014-03-01 22:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-08 13:49 - 2013-10-19 11:43 - 00003250 _____ C:\Windows\System32\Tasks\AIDA64 AutoStart
2015-06-08 13:49 - 2013-01-28 13:20 - 00000000 ____D C:\Users\killi199\AppData\Local\CrashDumps
2015-06-08 13:49 - 2012-12-25 14:26 - 00000000 ____D C:\Users\killi199\Documents\Outlook-Dateien
2015-06-08 13:49 - 2012-12-07 22:08 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-08 13:49 - 2012-12-07 21:40 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Skype
2015-06-08 13:49 - 2012-12-07 21:38 - 00000000 ____D C:\Users\killi199\AppData\Local\Spotify
2015-06-08 13:49 - 2012-12-07 21:37 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Spotify
2015-06-08 13:49 - 2012-12-07 20:31 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Dropbox
2015-06-08 13:49 - 2012-12-04 19:49 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-06-08 13:49 - 2012-12-04 19:49 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-06-08 13:49 - 2012-12-01 20:52 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-08 13:49 - 2011-12-13 21:08 - 00421136 _____ C:\Windows\setupact.log
2015-06-08 13:49 - 2010-11-21 05:47 - 00227888 _____ C:\Windows\PFRO.log
2015-06-08 13:49 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-08 13:47 - 2012-12-01 20:16 - 01390976 _____ C:\Windows\WindowsUpdate.log
2015-06-08 13:43 - 2012-12-07 21:20 - 00000000 ____D C:\Users\killi199\AppData\Local\LogMeIn Hamachi
2015-06-08 13:38 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-06-08 13:19 - 2014-03-01 22:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-08 13:18 - 2012-12-01 21:39 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA.job
2015-06-08 13:15 - 2015-03-10 17:32 - 00001266 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2015-06-08 13:14 - 2014-11-13 19:35 - 00000000 ____D C:\Users\killi199\Documents\Assassin's Creed Unity
2015-06-07 20:10 - 2012-12-07 22:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-07 18:47 - 2015-02-02 19:22 - 00000000 ____D C:\ProgramData\Origin
2015-06-07 18:47 - 2014-07-21 16:51 - 00000000 ____D C:\Users\killi199\Documents\ManiaPlanet
2015-06-07 18:47 - 2012-12-08 09:51 - 00000000 ____D C:\Users\killi199\AppData\Roaming\TS3Client
2015-06-07 18:31 - 2014-07-21 16:40 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-06-07 17:11 - 2015-04-16 11:46 - 00000080 _____ C:\Users\killi199\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-07 17:08 - 2012-12-01 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-07 17:08 - 2012-12-01 20:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-07 17:07 - 2015-03-27 22:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-07 17:03 - 2014-04-23 20:59 - 00000000 ____D C:\Windows\system32\Drivers\ar-SA
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sl-SI
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sk-SK
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-06-07 15:59 - 2011-04-12 09:54 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-07 15:59 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-06-07 15:59 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\WCN
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-07 15:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\winrm
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\slmgr
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-06-07 15:55 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2015-06-07 15:55 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2015-06-07 15:04 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-07 15:03 - 2009-07-14 04:34 - 95944704 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 48758784 _____ C:\Windows\system32\config\components.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 26214400 _____ C:\Windows\system32\config\SYSTEM.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-06-06 20:32 - 2013-03-14 15:49 - 00000000 ____D C:\Users\killi199\Documents\TmForever
2015-06-06 18:05 - 2014-12-04 17:26 - 00000000 ____D C:\Users\killi199\AppData\Local\Arma 3 Launcher
2015-06-06 16:18 - 2012-12-01 21:39 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core.job
2015-06-06 10:41 - 2012-12-01 20:17 - 00000000 ____D C:\Users\killi199
2015-06-05 22:41 - 2012-12-07 20:11 - 00000000 ____D C:\Users\killi199\Desktop\Spiele
2015-06-05 22:40 - 2012-12-01 22:25 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Ubisoft
2015-06-05 22:23 - 2013-11-21 16:10 - 00000000 ____D C:\Users\killi199\AppData\Local\NVIDIA Corporation
2015-06-05 21:33 - 2015-02-10 16:30 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-05 18:54 - 2015-02-08 21:57 - 00000000 ____D C:\Users\killi199\AppData\Local\ftblauncher
2015-06-04 20:06 - 2015-04-22 12:39 - 00000000 ____D C:\Users\killi199\Documents\Command and Conquer Generals Zero Hour Data
2015-06-04 20:00 - 2015-02-02 19:22 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Origin
2015-06-04 20:00 - 2013-03-09 11:55 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-04 17:41 - 2015-02-08 21:57 - 00000000 ____D C:\Users\killi199\AppData\Roaming\ftblauncher
2015-06-04 17:41 - 2015-02-08 21:54 - 06628862 _____ () C:\Users\killi199\Desktop\FTB_Launcher.exe
2015-06-04 16:34 - 2015-04-11 16:40 - 00000600 _____ C:\Users\killi199\AppData\Local\PUTTY.RND
2015-06-02 20:54 - 2013-08-27 20:34 - 00000000 ____D C:\Users\killi199\AppData\Roaming\.minecraft
2015-06-02 19:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-05-31 20:17 - 2013-03-10 20:12 - 00000000 ____D C:\Users\killi199\AppData\Roaming\.technic
2015-05-31 20:17 - 2013-02-11 18:49 - 04697768 _____ () C:\Users\killi199\Desktop\TechnicLauncher.exe
2015-05-28 16:29 - 2012-12-01 22:21 - 00914771 _____ C:\Windows\DirectX.log
2015-05-28 16:29 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-28 09:04 - 2014-04-30 09:38 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-28 09:04 - 2014-01-23 17:45 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-01-23 17:45 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 09:04 - 2012-10-10 22:22 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2012-10-10 22:22 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2012-12-01 20:52 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2012-12-01 20:52 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-26 21:59 - 2014-10-09 13:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 23:06 - 2014-02-27 21:12 - 00000000 ____D C:\Users\killi199\AppData\Roaming\TeamViewer
2015-05-25 15:10 - 2012-12-07 22:03 - 00000000 ____D C:\Users\killi199\AppData\Roaming\ICQ
2015-05-25 13:02 - 2014-09-13 19:30 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-25 12:51 - 2013-10-19 20:36 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-25 12:49 - 2012-12-01 20:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-25 12:38 - 2013-01-28 18:39 - 00291944 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-05-25 12:38 - 2013-01-28 10:10 - 00291944 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-23 17:03 - 2015-04-24 20:10 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Mumble
2015-05-23 13:05 - 2012-12-01 20:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-23 03:47 - 2015-02-10 16:30 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-21 20:30 - 2015-03-29 19:34 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-21 20:30 - 2015-03-29 19:34 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-05-21 20:30 - 2014-02-27 21:12 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-05-20 18:54 - 2012-12-04 18:53 - 00000000 ____D C:\Users\killi199\AppData\Local\Microsoft Help
2015-05-20 15:40 - 2015-04-04 15:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 15:40 - 2015-04-04 15:21 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 17:08 - 2014-08-04 19:44 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-05-19 17:05 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-05-19 16:13 - 2014-03-01 22:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 16:13 - 2014-03-01 22:24 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 16:13 - 2012-12-01 21:39 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA
2015-05-19 16:13 - 2012-12-01 21:39 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core
2015-05-17 20:21 - 2012-12-07 22:12 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 20:32 - 2009-07-14 06:45 - 00409208 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 20:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 14:00 - 2012-12-04 18:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-13 13:58 - 2013-08-15 19:01 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 13:54 - 2011-12-13 20:35 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 08:52 - 2015-01-22 22:44 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-09 14:58 - 2012-12-07 23:47 - 00000000 ____D C:\Fraps
2015-05-09 14:08 - 2012-12-07 20:34 - 00001029 _____ C:\Users\killi199\Desktop\Dropbox.lnk
2015-05-09 14:08 - 2012-12-07 20:32 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Files in the root of some directories =======

2015-03-30 16:33 - 2015-04-07 21:56 - 0022446 _____ () C:\Users\killi199\AppData\Roaming\RanorexConfig5.xml
2015-03-30 16:37 - 2015-04-06 21:43 - 0000773 _____ () C:\Users\killi199\AppData\Roaming\RanorexUiConfig5.xml
2012-12-28 17:13 - 2014-11-12 20:45 - 0005632 _____ () C:\Users\killi199\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-11 16:40 - 2015-06-04 16:34 - 0000600 _____ () C:\Users\killi199\AppData\Local\PUTTY.RND
2014-02-04 19:24 - 2014-02-04 19:24 - 0000017 _____ () C:\Users\killi199\AppData\Local\resmon.resmoncfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\killi199\AppData\Local\setup.txt
2014-08-30 16:40 - 2014-12-19 16:54 - 1341859 ____N () C:\Users\killi199\AppData\Local\Tempmusic.ogg
2014-12-23 15:11 - 2014-12-23 15:11 - 0000000 _____ () C:\Users\killi199\AppData\Local\{3628B4D8-CB71-4F5C-8E7D-635F8E2AC838}
2014-12-15 14:56 - 2014-12-15 14:57 - 0000000 _____ () C:\Users\killi199\AppData\Local\{71ACCD19-D9DA-4508-BE95-15DCB560025D}

Some files in TEMP:
====================
C:\Users\killi199\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpazn4ce.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\killi199\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\killi199\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\killi199\AppData\Local\Temp\nvStInst.exe
C:\Users\killi199\AppData\Local\Temp\Quarantine.exe
C:\Users\killi199\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-06 13:55

==================== End of log ============================

killi199 08.06.2015 13:01
Ich weis nicht wieso er den FRST log oben mit eingefügt hat. Jedenfalls kann ich diesen Post nicht Löschen. Er kann aber entfernt werden und ein danke schon einmal.

schrauber 09.06.2015 09:50

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

killi199 09.06.2015 16:11
ESET
Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=20858bde0c93d84489be52524ac9a881
# end=init
# utc_time=2015-06-09 11:56:17
# local_time=2015-06-09 01:56:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24242
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=20858bde0c93d84489be52524ac9a881
# end=updated
# utc_time=2015-06-09 11:58:26
# local_time=2015-06-09 01:58:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=20858bde0c93d84489be52524ac9a881
# engine=24242
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-09 02:49:43
# local_time=2015-06-09 04:49:43 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Total Security'
# compatibility_mode=1298 16777213 100 100 10561 61433013 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 96627 185491233 0 0
# scanned=1064504
# found=12
# cleaned=0
# scan_time=10276
sh=3096A6D6D5007B947C86A7FE8E72EEB3C86E80B3 ft=1 fh=6df4c99aadb2d5ea vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\killi199\AppData\Local\Conduit\APISupport\APISupport.dll.vir"
sh=3661EDB38BCB034EA00F78F9144D975333C786BA ft=1 fh=0c96e457c8798f6f vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\killi199\AppData\Local\Conduit\APISupport\APISupport.old.vir"
sh=3661EDB38BCB034EA00F78F9144D975333C786BA ft=1 fh=0c96e457c8798f6f vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\killi199\AppData\Local\Conduit\APISupport\APISupport_2.0.4.3\ApiSupport.dll.vir"
sh=3096A6D6D5007B947C86A7FE8E72EEB3C86E80B3 ft=1 fh=6df4c99aadb2d5ea vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\killi199\AppData\Local\Conduit\APISupport\APISupport_2.0.5.9\ApiSupport.dll.vir"
sh=7B747225FCFD7B718513C61724F85F9DE3A3DEB1 ft=1 fh=741c83cdb80b287a vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\killi199\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.76\MiniSP.dll.vir"
sh=9CF16FBA745174DB1541FD0F4F64C22ED4928AED ft=1 fh=b6c6f78f2929b8a0 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\killi199\AppData\Local\Conduit\APISupport\MiniSP_1.0.2.93\MiniSP.dll.vir"
sh=476063885747EDD774A6B8CB2790703503A75A55 ft=1 fh=d7bb79193adaee2e vn="Win32/Systweak.G evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\killi199\AppData\Roaming\systweak\ssd\SSDPTstub.exe.vir"
sh=184048230E258706E470F1D2BC550169C3CD4A9B ft=1 fh=69a4d1bb541b347c vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\killi199\AppData\Local\Viber\Helper.dll"
sh=B578EA77448043785BE0EDF6A553304C9CF3682D ft=1 fh=d348538c0e7f19be vn="Variante von Win32/Toolbar.SearchSuite.W.gen evtl. unerwünschte Anwendung" ac=I fn="C:\Users\killi199\AppData\Local\Viber\Uninstall.exe"
sh=D36A3ABBEBB5BFEFB72649DDDAA1A01368343B81 ft=1 fh=7a38b5839a2c0188 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\killi199\Downloads\Better DS3 - CHIP-Installer.exe"
sh=3FACC4E0E1833141F466A99F2F6DE569220B7379 ft=1 fh=af6cab9ee125fdf5 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\killi199\Downloads\Fantastic 3D Fish Aquarium - CHIP-Installer.exe"
sh=7F1FEFF128FF23EE8604AA28AA4E97098FB4BC18 ft=1 fh=6df3bb4c4f158c84 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="C:\Users\killi199\Downloads\Nfsaquarium03.exe"
SecurityCheck
Code:
Results of screen317's Security Check version 1.002 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Kaspersky Total Security 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Java 8 Update 25 
 Java version 32-bit out of Date!
 Adobe Flash Player 17.0.0.169 
 Adobe Reader XI 
 Google Chrome (43.0.2357.65)
 Google Chrome (43.0.2357.81)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
 Kaspersky Lab Kaspersky Total Security 15.0.1 avp.exe 
 Kaspersky Lab Kaspersky Total Security 15.0.1 avpui.exe 
 Kaspersky Lab Kaspersky Password Manager 8 kpm.exe 
 Kaspersky Lab Kaspersky Password Manager 8 plugin-nm-server.exe 
 Kaspersky Lab Kaspersky Total Security 15.0.1 plugin-nm-server.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
FRST
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by killi199 (administrator) on KILLI199-PC on 09-06-2015 17:09:43
Running from C:\Users\killi199\Downloads
Loaded Profiles: killi199 (Available Profiles: killi199)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFi GO! Server.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(FinalWire Ltd.) C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\aida64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
() C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\S5WOW_App\x64\S5wow_2005.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Spotify Ltd) C:\Users\killi199\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\killi199\AppData\Roaming\Spotify\Spotify.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Spotify Ltd) C:\Users\killi199\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\killi199\AppData\Roaming\Spotify\Spotify.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Spotify Ltd) C:\Users\killi199\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\plugin-nm-server.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\plugin-nm-server.exe
(Ranorex GmbH) E:\Programme\RANOREX\Bin\Ranorex.Plugin.ChromeMsgHost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AsDLNAServerReal.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) E:\Programme\ts\ts3client_win64.exe
(Google Inc.) C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Frontend.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10801944 2014-07-28] (Logitech Inc.)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [600928 2014-01-17] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-02-24] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-03-26] (Intel Corporation)
HKLM-x32\...\Run: [ASUS WiFi GO! FileTransfer Execute] => C:\Program Files (x86)\ASUS\AI Suite II\Wi-Fi GO!\AssistTools\WiFile\WiFileTransfer.exe [1384608 2012-07-12] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-02] (BlueStack Systems, Inc.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Spotify Web Helper] => C:\Users\killi199\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-01] (Spotify Ltd)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [578560 2014-01-23] (Samsung Electronics)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [Spotify] => C:\Users\killi199\AppData\Roaming\Spotify\Spotify.exe [7323192 2015-06-01] (Spotify Ltd)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [kpm.exe] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8\kpm.exe [6897248 2015-04-13] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Run: [GoogleChromeAutoLaunch_C1592978CA7CAB0FA856FE53FD022B07] => C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\...\Policies\system: [DisableClock] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2012-12-07]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)
Startup: C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2012-12-07]
ShortcutTarget: Dropbox.lnk -> C:\Users\killi199\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk [2012-12-04]
ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{90140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\shellex.dll [2015-03-10] (Kaspersky Lab ZAO)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\killi199\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll [2015-02-11] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\shellex.dll [2015-03-10] (Kaspersky Lab ZAO)
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1343689660-860429238-4075285064-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\x64\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Content Blocker Plugin -> {03C04F0A-E2A3-4F7F-BA30-BFA06FFD1358} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Virtual Keyboard Plugin -> {B5D5BB14-C8E2-478D-9C97-574AC10AF9E8} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll [2014-10-16] (Oracle Corporation)
BHO-x32: Safe Money Plugin -> {E3D96E85-529D-4269-AC6A-97CF9E2221E3} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\IEExt\ie_plugin.dll [2015-03-10] (Kaspersky Lab ZAO)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2014-12-03] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-10-16] (Oracle Corporation)
FF Plugin-x32: @kaspersky.com/content_blocker_6418E0D362104DADA084DC312DFA8ABC -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @kaspersky.com/online_banking_69A4E213815F42BD863D889007201D82 -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @kaspersky.com/virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-10] ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-08-10] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin-x32: samsung.com/SamsungLinkPCPlugin -> C:\Program Files\Samsung\Samsung Link\utils\npSamsungLinkPCPlugin.dll No File
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @tools.google.com/Google Update;version=3 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @tools.google.com/Google Update;version=9 -> C:\Users\killi199\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\killi199\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1343689660-860429238-4075285064-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-13] ()
FF Extension: Amazon-Icon - C:\Users\killi199\AppData\Roaming\Mozilla\Firefox\Profiles\bxg0x3sn.default\Extensions\amazon-icon@giga.de [2014-10-22]
FF HKLM-x32\...\Firefox\Extensions: [content_blocker_6418E0D362104DADA084DC312DFA8ABC@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\content_blocker@kaspersky.com [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard_294FF26A1D5B455495946778FDE7CEDB@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\virtual_keyboard@kaspersky.com [2015-03-10]
FF HKLM-x32\...\Firefox\Extensions: [online_banking_69A4E213815F42BD863D889007201D82@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\FFExt\online_banking@kaspersky.com [2015-03-10]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [not found]

Chrome:
=======
CHR Profile: C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kaspersky Protection) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho [2015-03-10]
CHR Extension: (Ranorex Automation) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\egdlgaljianpgdlmfijpphbadibfncdm [2015-03-30]
CHR Extension: (Type Scout - Faster Typing! :)) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj [2014-08-28]
CHR Extension: (Bookmark Manager) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-22]
CHR Extension: ( Kaspersky Password Manager\r) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\hlpfbladobbejblkbfleiljmikcfhkem [2015-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-05]
CHR Extension: (Skype Click to Call) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-12-11]
CHR Extension: (Until AM for Chrome) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjafmkicbmhcbapadecadciafbkecofl [2014-08-28]
CHR Extension: (Google Wallet) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (My Chrome Theme) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-08-28]
CHR Extension: (MIT App Inventor) - C:\Users\killi199\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfnbdacoddlfhpcgfnfijdglhdaaheok [2015-01-01]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKU\S-1-5-21-1343689660-860429238-4075285064-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [hlpfbladobbejblkbfleiljmikcfhkem] - https://chrome.google.com/webstore/detail/hlpfbladobbejblkbfleiljmikcfhkem
CHR HKLM-x32\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM-x32\...\Chrome\Extension: [egdlgaljianpgdlmfijpphbadibfncdm] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
StartMenuInternet: Google Chrome.H4ZT3EEQXFVQ7TXEKCU5FGLDD4 - C:\Users\killi199\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed]
S4 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
S4 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-02-02] (ASUSTeK Computer Inc.)
S4 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVP15.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 15.0.1\avp.exe [234520 2014-08-30] (Kaspersky Lab ZAO)
R3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-02] (BlueStack Systems, Inc.)
R3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-02] (BlueStack Systems, Inc.)
R3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-02] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S4 DTSAudioSvc; C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe [233328 2012-01-23] (DTS, Inc)
S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
S4 InstallShield Licensing Service; C:\Program Files (x86)\Common Files\InstallShield Shared\Service\InstallShield Licensing Service.exe [69632 2014-04-23] (Macrovision                                                    ) [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
S4 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1997168 2015-06-04] (Electronic Arts)
S4 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-01-02] ()
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-02-06] ()
S4 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [609632 2014-01-17] (Copyright 2013 SAMSUNG)
S4 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5491984 2015-05-20] (TeamViewer GmbH)
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-14] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AIDA64Driver; C:\Program Files (x86)\FinalWire\AIDA64 Extreme Edition\kerneld.x64 [32600 2013-09-16] ()
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [49760 2012-01-06] (Asmedia Technology)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-02] (BlueStack Systems)
R0 cm_km_w; C:\Windows\System32\DRIVERS\cm_km_w.sys [238288 2013-01-14] (Kaspersky Lab UK Ltd)
S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2014-01-23] () [File not signed]
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [468576 2014-03-31] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [46144 2014-07-02] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [150536 2015-03-10] (Kaspersky Lab ZAO)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [246456 2014-08-12] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [819896 2015-03-10] (Kaspersky Lab ZAO)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [30304 2014-02-25] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [28768 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [15456 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [55872 2014-06-05] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [77512 2015-03-10] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [179776 2014-07-09] (Kaspersky Lab ZAO)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
S3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-03] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
U4 klkbdflt2; system32\DRIVERS\klkbdflt2.sys [X]
S3 lmimirr; system32\DRIVERS\lmimirr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 17:09 - 2015-06-09 17:09 - 00001257 _____ C:\Users\killi199\Desktop\SecurityCheck.txt
2015-06-09 17:05 - 2015-06-09 17:04 - 00852639 _____ C:\Users\killi199\Desktop\SecurityCheck.exe
2015-06-09 17:04 - 2015-06-09 17:04 - 00852639 _____ C:\Users\killi199\Downloads\SecurityCheck.exe
2015-06-09 17:04 - 2015-06-09 17:04 - 00004279 _____ C:\Users\killi199\Desktop\ESET.txt
2015-06-09 13:56 - 2015-06-09 13:56 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-09 13:55 - 2015-06-09 13:56 - 02870984 _____ (ESET) C:\Users\killi199\Downloads\esetsmartinstaller_deu.exe
2015-06-08 15:04 - 2015-06-08 15:04 - 00000045 _____ C:\Users\killi199\Desktop\test.txt
2015-06-08 13:51 - 2015-06-08 13:51 - 00000207 _____ C:\Windows\tweaking.com-regbackup-KILLI199-PC-Windows-7-Ultimate-(64-bit).dat
2015-06-08 13:51 - 2015-06-08 13:51 - 00000000 ____D C:\RegBackup
2015-06-08 13:50 - 2015-06-08 13:50 - 02943232 _____ (Thisisu) C:\Users\killi199\Downloads\JRT.exe
2015-06-08 13:46 - 2015-06-08 13:47 - 00000000 ____D C:\AdwCleaner
2015-06-08 13:44 - 2015-06-08 13:44 - 02231296 _____ C:\Users\killi199\Downloads\AdwCleaner_4.206.exe
2015-06-08 13:27 - 2015-06-08 13:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-06-08 13:27 - 2015-06-08 13:27 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-06-08 13:27 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-06-08 13:27 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-06-08 13:26 - 2015-06-08 13:27 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\killi199\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-08 13:15 - 2015-06-08 13:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Password Manager
2015-06-07 17:08 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-07 17:07 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-07 17:07 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00503408 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00407112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-07 17:07 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-07 15:59 - 2015-06-07 15:59 - 00000000 ____D C:\Windows\SysWOW64\Drivers\sl-SI
2015-06-07 15:59 - 2015-06-07 15:59 - 00000000 ____D C:\Windows\system32\Drivers\sl-SI
2015-06-07 15:59 - 2015-06-07 15:59 - 00000000 ____D C:\Windows\sl-SI
2015-06-07 15:56 - 2015-06-09 13:58 - 00736250 _____ C:\Windows\system32\perfh010.dat
2015-06-07 15:56 - 2015-06-09 13:58 - 00149054 _____ C:\Windows\system32\perfc010.dat
2015-06-07 15:56 - 2015-06-07 15:55 - 00335478 _____ C:\Windows\system32\perfi010.dat
2015-06-07 15:56 - 2015-06-07 15:55 - 00037534 _____ C:\Windows\system32\perfd010.dat
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\SysWOW64\it
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\SysWOW64\0410
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\system32\it
2015-06-07 15:55 - 2015-06-07 15:55 - 00000000 ____D C:\Windows\system32\0410
2015-06-07 15:53 - 2015-06-09 13:58 - 00686828 _____ C:\Windows\system32\perfh00C.dat
2015-06-07 15:53 - 2015-06-09 13:58 - 00475218 _____ C:\Windows\system32\perfh001.dat
2015-06-07 15:53 - 2015-06-09 13:58 - 00132440 _____ C:\Windows\system32\perfc00C.dat
2015-06-07 15:53 - 2015-06-09 13:58 - 00096980 _____ C:\Windows\system32\perfc001.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00344522 _____ C:\Windows\system32\perfi00C.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00289060 _____ C:\Windows\system32\perfi001.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00042056 _____ C:\Windows\system32\perfd001.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00038160 _____ C:\Windows\system32\perfd00C.dat
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\fr
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\Drivers\ar-SA
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\ar
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\SysWOW64\040C
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\system32\fr
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\system32\ar
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\system32\040C
2015-06-07 15:53 - 2015-06-07 15:53 - 00000000 ____D C:\Windows\ar-SA
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\SysWOW64\Drivers\sk-SK
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\SysWOW64\0409
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\system32\Drivers\sk-SK
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\system32\0409
2015-06-07 15:50 - 2015-06-07 15:50 - 00000000 ____D C:\Windows\sk-SK
2015-06-07 15:06 - 2015-06-07 15:06 - 00037206 _____ C:\ComboFix.txt
2015-06-07 14:37 - 2015-06-07 14:37 - 05628238 _____ (Swearware) C:\Users\killi199\Downloads\ComboFix.exe
2015-06-06 23:12 - 2015-06-06 23:12 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_xusb21_01007.Wdf
2015-06-06 16:59 - 2015-06-06 17:01 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\killi199\Downloads\tdsskiller.exe
2015-06-06 16:43 - 2015-06-09 15:11 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-06-06 16:43 - 2015-06-08 13:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-06 16:43 - 2015-06-06 16:58 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-06 16:38 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-06-06 16:30 - 2015-06-06 16:37 - 16502728 _____ (Malwarebytes Corp.) C:\Users\killi199\Downloads\mbar-1.09.1.1004.exe
2015-06-06 16:27 - 2015-06-06 16:27 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-06-06 16:25 - 2015-06-06 16:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\killi199\Downloads\revosetup95 (1).exe
2015-06-06 16:18 - 2015-06-06 16:20 - 00338680 _____ (VS Revo Group Ltd.) C:\Users\killi199\Downloads\revosetup95.exe
2015-06-06 10:53 - 2015-06-06 10:54 - 00380416 _____ C:\Users\killi199\Downloads\ylgv54n1.exe
2015-06-06 10:44 - 2015-06-06 10:44 - 00120295 _____ C:\Users\killi199\Downloads\Addition.txt
2015-06-06 10:43 - 2015-06-09 17:09 - 00000000 _____ C:\Users\killi199\Downloads\FRST.txt
2015-06-06 10:41 - 2015-06-06 10:42 - 00000478 _____ C:\Users\killi199\Downloads\defogger_disable.log
2015-06-06 10:41 - 2015-06-06 10:41 - 00050477 _____ C:\Users\killi199\Downloads\Defogger.exe
2015-06-06 10:41 - 2015-06-06 10:41 - 00000000 _____ C:\Users\killi199\defogger_reenable
2015-06-05 21:33 - 2015-04-03 15:21 - 00048784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-06-05 21:33 - 2015-04-03 15:21 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-06-05 17:28 - 2015-06-05 17:28 - 00222225 _____ C:\Users\killi199\Downloads\mw2-dedi.zip
2015-06-05 16:32 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-05 16:32 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-05 16:32 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-05 16:32 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-05 16:31 - 2015-06-07 15:06 - 00000000 ____D C:\Qoobox
2015-06-05 16:31 - 2015-06-07 15:05 - 00000000 ____D C:\Windows\erdnt
2015-06-05 16:29 - 2015-06-09 17:09 - 00000000 ____D C:\FRST
2015-06-05 16:28 - 2015-06-05 16:29 - 02108928 _____ (Farbar) C:\Users\killi199\Downloads\FRST64.exe
2015-06-04 17:41 - 2015-06-04 17:43 - 164983442 _____ C:\Users\killi199\Downloads\FTBDepartedServer.zip
2015-06-04 16:25 - 2015-06-04 16:29 - 167431232 _____ C:\Users\killi199\Downloads\Hexx_Reloaded_1.2.0b_Server.zip
2015-06-03 17:14 - 2015-06-03 17:14 - 00000000 ____D C:\Users\killi199\AppData\Local\GWX
2015-05-31 21:01 - 2015-05-31 21:01 - 08047384 _____ (TeamViewer GmbH) C:\Users\killi199\Downloads\TeamViewer_Setup_de.exe
2015-05-31 20:19 - 2015-05-31 20:41 - 20827501 _____ C:\Users\killi199\Downloads\Tekkit_Lite_Server_0.6.5.zip
2015-05-25 13:01 - 2015-05-25 13:01 - 06308944 _____ (Wargaming.net ) C:\Users\killi199\Downloads\WoT_internet_install_eu.exe
2015-05-25 13:01 - 2015-05-25 13:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2015-05-25 13:00 - 2015-05-25 13:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warplanes
2015-05-25 12:59 - 2015-05-25 12:59 - 07169912 _____ (Wargaming.net ) C:\Users\killi199\Downloads\WoWP_internet_install_eu.exe
2015-05-25 12:56 - 2015-05-25 12:56 - 03974614 _____ C:\Users\killi199\Downloads\flt-rct3u.rar
2015-05-25 12:54 - 2015-05-25 12:54 - 03625241 _____ C:\Users\killi199\Downloads\RCT3_u31.rar
2015-05-25 12:46 - 2015-05-25 12:46 - 00043520 _____ C:\Windows\SysWOW64\CmdLineExt03.dll
2015-05-25 12:42 - 2002-02-27 17:50 - 00197120 _____ C:\Windows\patchw32.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2015-05-25 12:30 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2015-05-25 12:29 - 2015-05-25 12:30 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Riot Games
2015-05-25 12:22 - 2015-05-25 12:23 - 30668968 _____ (Riot Games) C:\Users\killi199\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2015-05-23 16:10 - 2015-05-23 16:13 - 16196501 _____ C:\Users\killi199\Downloads\Rush 1.0.4.zip
2015-05-23 16:07 - 2015-05-23 16:07 - 00016209 _____ C:\Users\killi199\Downloads\CommandSigns.jar
2015-05-23 16:04 - 2015-05-23 16:04 - 00178476 _____ C:\Users\killi199\Downloads\Bedwars.jar
2015-05-23 13:04 - 2015-05-13 08:52 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-05-23 13:04 - 2015-05-13 08:52 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435286.dll
2015-05-23 13:04 - 2015-05-12 08:27 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435286.dll
2015-05-22 19:30 - 2015-05-22 19:30 - 01124544 _____ (Adobe Systems Incorporated) C:\Users\killi199\Downloads\flashplayer17au_ha_install.exe
2015-05-22 12:31 - 2015-05-22 13:55 - 00000000 ____D C:\Users\killi199\AppData\Local\Overwolf
2015-05-19 17:05 - 2015-05-19 17:05 - 00001821 _____ C:\Users\Public\Desktop\Apps.lnk
2015-05-19 17:05 - 2015-05-19 17:05 - 00001807 _____ C:\Users\Public\Desktop\Start BlueStacks.lnk
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\ProgramData\BlueStacks
2015-05-19 17:04 - 2015-05-19 17:04 - 00000000 ____D C:\Program Files (x86)\BlueStacks
2015-05-13 13:53 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:53 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 13:25 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 13:25 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 13:25 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 13:25 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 13:25 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 13:25 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 13:25 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 13:25 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 13:25 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 13:25 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 13:25 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 13:25 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 13:25 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 13:25 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 13:25 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 13:25 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 13:25 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 13:25 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 13:25 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 13:25 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 13:25 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 13:25 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 13:25 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 13:25 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 13:25 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 13:25 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 13:25 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 13:25 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 13:25 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 13:25 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 13:25 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 13:25 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 13:25 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 13:25 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 13:25 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 13:25 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 13:25 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 13:25 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 13:25 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 13:25 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 13:25 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 13:25 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 13:25 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 13:25 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 13:25 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 13:25 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 13:25 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 13:25 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 13:25 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 13:25 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 13:25 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 13:25 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 13:25 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 13:25 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 13:25 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 13:25 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 13:25 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 13:25 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 13:25 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 13:25 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 13:25 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 13:25 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 13:25 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 13:25 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 13:24 - 2015-05-13 13:24 - 05022929 _____ C:\Users\killi199\Downloads\teamspeak3-server_linux-amd64-3.0.11.3.tar.gz
2015-05-13 13:24 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 13:24 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 13:24 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 13:24 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 13:24 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 13:24 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 13:24 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 13:24 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 13:24 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 13:24 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 13:24 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 13:24 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 13:24 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 13:24 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 13:24 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 13:24 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 13:24 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 13:24 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 13:24 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 13:24 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 13:24 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 13:24 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 13:24 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 13:24 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 13:24 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 13:24 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 13:24 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 13:24 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 13:24 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 13:24 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 13:24 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 13:24 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 13:24 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 13:24 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 13:24 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 13:24 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 13:24 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 13:24 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 13:24 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 13:24 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 13:24 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-09 16:28 - 2014-03-01 22:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-09 16:24 - 2012-12-01 21:39 - 00001080 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core.job
2015-06-09 16:18 - 2014-03-01 22:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-09 16:18 - 2012-12-01 21:39 - 00001132 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA.job
2015-06-09 16:10 - 2012-12-07 22:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-09 16:09 - 2014-08-31 15:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2015-06-09 15:31 - 2012-12-01 20:16 - 01456874 _____ C:\Windows\WindowsUpdate.log
2015-06-09 15:01 - 2012-12-08 09:51 - 00000000 ____D C:\Users\killi199\AppData\Roaming\TS3Client
2015-06-09 14:02 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-09 14:02 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-09 13:58 - 2011-04-12 09:43 - 00705644 _____ C:\Windows\system32\perfh007.dat
2015-06-09 13:58 - 2011-04-12 09:43 - 00152044 _____ C:\Windows\system32\perfc007.dat
2015-06-09 13:58 - 2009-07-14 07:13 - 03900764 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-09 13:57 - 2012-12-07 21:20 - 00000000 ____D C:\Users\killi199\AppData\Local\LogMeIn Hamachi
2015-06-09 13:55 - 2014-11-13 19:35 - 00000000 ____D C:\Users\killi199\Documents\Assassin's Creed Unity
2015-06-09 13:54 - 2014-08-27 20:28 - 00000000 ___RD C:\Users\killi199\Dropbox
2015-06-09 13:54 - 2013-01-28 13:20 - 00000000 ____D C:\Users\killi199\AppData\Local\CrashDumps
2015-06-09 13:54 - 2012-12-25 14:26 - 00000000 ____D C:\Users\killi199\Documents\Outlook-Dateien
2015-06-09 13:54 - 2012-12-07 22:08 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-09 13:54 - 2012-12-07 21:40 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Skype
2015-06-09 13:54 - 2012-12-07 21:38 - 00000000 ____D C:\Users\killi199\AppData\Local\Spotify
2015-06-09 13:54 - 2012-12-07 21:37 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Spotify
2015-06-09 13:54 - 2012-12-07 20:31 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Dropbox
2015-06-09 13:53 - 2013-10-19 11:43 - 00003250 _____ C:\Windows\System32\Tasks\AIDA64 AutoStart
2015-06-09 13:53 - 2012-12-04 19:49 - 00002896 _____ C:\Windows\System32\Tasks\AutoKMS
2015-06-09 13:53 - 2012-12-04 19:49 - 00000266 _____ C:\Windows\Tasks\AutoKMS.job
2015-06-09 13:53 - 2012-12-01 20:52 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-09 13:53 - 2011-12-13 21:08 - 00421976 _____ C:\Windows\setupact.log
2015-06-09 13:53 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-08 17:43 - 2015-04-11 16:40 - 00000600 _____ C:\Users\killi199\AppData\Local\PUTTY.RND
2015-06-08 14:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-08 14:07 - 2015-04-11 16:44 - 00000000 ____D C:\Users\killi199\Desktop\raspberry
2015-06-08 13:49 - 2010-11-21 05:47 - 00227888 _____ C:\Windows\PFRO.log
2015-06-08 13:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SchCache
2015-06-08 13:15 - 2015-03-10 17:32 - 00001266 _____ C:\Users\Public\Desktop\Kaspersky Password Manager.lnk
2015-06-07 18:47 - 2015-02-02 19:22 - 00000000 ____D C:\ProgramData\Origin
2015-06-07 18:47 - 2014-07-21 16:51 - 00000000 ____D C:\Users\killi199\Documents\ManiaPlanet
2015-06-07 18:31 - 2014-07-21 16:40 - 00000000 ____D C:\ProgramData\ManiaPlanet
2015-06-07 17:11 - 2015-04-16 11:46 - 00000080 _____ C:\Users\killi199\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2015-06-07 17:08 - 2012-12-01 20:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-07 17:08 - 2012-12-01 20:52 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-07 17:07 - 2015-03-27 22:53 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-07 17:03 - 2014-04-23 20:59 - 00000000 ____D C:\Windows\system32\Drivers\ar-SA
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\sl-SI
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\sk-SK
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\ar-SA
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sl-SI
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sk-SK
2015-06-07 17:03 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\ar-SA
2015-06-07 15:59 - 2011-04-12 09:54 - 00000000 ____D C:\Program Files\Windows Journal
2015-06-07 15:59 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\WCN
2015-06-07 15:59 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\WCN
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Sidebar
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\DVD Maker
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Sidebar
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-06-07 15:59 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\oobe
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\migwiz
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\servicing
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-07 15:59 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\winrm
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\sysprep
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\slmgr
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\SysWOW64\Printing_Admin_Scripts
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\winrm
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\slmgr
2015-06-07 15:55 - 2011-04-12 09:43 - 00000000 ____D C:\Windows\system32\Printing_Admin_Scripts
2015-06-07 15:55 - 2009-07-14 07:37 - 00000000 ____D C:\Windows\DigitalLocker
2015-06-07 15:55 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Setup
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\oobe
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\MUI
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\Dism
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\SysWOW64\com
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Setup
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\MUI
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Dism
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\com
2015-06-07 15:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\IME
2015-06-07 15:04 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-07 15:03 - 2009-07-14 04:34 - 95944704 _____ C:\Windows\system32\config\SOFTWARE.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 48758784 _____ C:\Windows\system32\config\components.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 26214400 _____ C:\Windows\system32\config\SYSTEM.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 00524288 _____ C:\Windows\system32\config\DEFAULT.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2015-06-07 15:03 - 2009-07-14 04:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2015-06-06 20:32 - 2013-03-14 15:49 - 00000000 ____D C:\Users\killi199\Documents\TmForever
2015-06-06 18:05 - 2014-12-04 17:26 - 00000000 ____D C:\Users\killi199\AppData\Local\Arma 3 Launcher
2015-06-06 10:41 - 2012-12-01 20:17 - 00000000 ____D C:\Users\killi199
2015-06-05 22:41 - 2012-12-07 20:11 - 00000000 ____D C:\Users\killi199\Desktop\Spiele
2015-06-05 22:40 - 2012-12-01 22:25 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Ubisoft
2015-06-05 22:23 - 2013-11-21 16:10 - 00000000 ____D C:\Users\killi199\AppData\Local\NVIDIA Corporation
2015-06-05 21:33 - 2015-02-10 16:30 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-06-05 18:54 - 2015-02-08 21:57 - 00000000 ____D C:\Users\killi199\AppData\Local\ftblauncher
2015-06-04 20:06 - 2015-04-22 12:39 - 00000000 ____D C:\Users\killi199\Documents\Command and Conquer Generals Zero Hour Data
2015-06-04 20:00 - 2015-02-02 19:22 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Origin
2015-06-04 20:00 - 2013-03-09 11:55 - 00000000 ____D C:\Program Files (x86)\Origin
2015-06-04 17:41 - 2015-02-08 21:57 - 00000000 ____D C:\Users\killi199\AppData\Roaming\ftblauncher
2015-06-04 17:41 - 2015-02-08 21:54 - 06628862 _____ () C:\Users\killi199\Desktop\FTB_Launcher.exe
2015-06-02 20:54 - 2013-08-27 20:34 - 00000000 ____D C:\Users\killi199\AppData\Roaming\.minecraft
2015-06-02 19:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-05-31 20:17 - 2013-03-10 20:12 - 00000000 ____D C:\Users\killi199\AppData\Roaming\.technic
2015-05-31 20:17 - 2013-02-11 18:49 - 04697768 _____ () C:\Users\killi199\Desktop\TechnicLauncher.exe
2015-05-28 16:29 - 2012-12-01 22:21 - 00914771 _____ C:\Windows\DirectX.log
2015-05-28 16:29 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-28 09:04 - 2014-04-30 09:38 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-05-28 09:04 - 2014-01-23 17:45 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2014-01-23 17:45 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-28 09:04 - 2012-12-01 20:52 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-05-28 09:04 - 2012-10-10 22:22 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2012-10-10 22:22 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2012-12-01 20:52 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2012-12-01 20:52 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2012-12-01 20:52 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-26 21:59 - 2014-10-09 13:39 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 23:06 - 2014-02-27 21:12 - 00000000 ____D C:\Users\killi199\AppData\Roaming\TeamViewer
2015-05-25 15:10 - 2012-12-07 22:03 - 00000000 ____D C:\Users\killi199\AppData\Roaming\ICQ
2015-05-25 13:02 - 2014-09-13 19:30 - 00000000 ____D C:\Windows\SysWOW64\directx
2015-05-25 12:51 - 2013-10-19 20:36 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-25 12:49 - 2012-12-01 20:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-05-25 12:38 - 2013-01-28 18:39 - 00291944 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-05-25 12:38 - 2013-01-28 10:10 - 00291944 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-05-23 17:03 - 2015-04-24 20:10 - 00000000 ____D C:\Users\killi199\AppData\Roaming\Mumble
2015-05-23 13:05 - 2012-12-01 20:52 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-05-23 03:47 - 2015-02-10 16:30 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01571696 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01320304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-05-23 03:47 - 2015-02-10 16:30 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-05-21 20:30 - 2015-03-29 19:34 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-05-21 20:30 - 2015-03-29 19:34 - 00000959 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-05-21 20:30 - 2014-02-27 21:12 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-05-20 18:54 - 2012-12-04 18:53 - 00000000 ____D C:\Users\killi199\AppData\Local\Microsoft Help
2015-05-20 15:40 - 2015-04-04 15:21 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-20 15:40 - 2015-04-04 15:21 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-19 17:08 - 2014-08-04 19:44 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-05-19 17:05 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-05-19 16:13 - 2014-03-01 22:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-19 16:13 - 2014-03-01 22:24 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-19 16:13 - 2012-12-01 21:39 - 00004108 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000UA
2015-05-19 16:13 - 2012-12-01 21:39 - 00003712 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1343689660-860429238-4075285064-1000Core
2015-05-17 20:21 - 2012-12-07 22:12 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-13 20:32 - 2009-07-14 06:45 - 00409208 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-13 20:31 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-13 14:00 - 2012-12-04 18:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-13 13:58 - 2013-08-15 19:01 - 00000000 ____D C:\Windows\system32\MRT
2015-05-13 13:54 - 2011-12-13 20:35 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-13 08:52 - 2015-01-22 22:44 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

==================== Files in the root of some directories =======

2015-03-30 16:33 - 2015-04-07 21:56 - 0022446 _____ () C:\Users\killi199\AppData\Roaming\RanorexConfig5.xml
2015-03-30 16:37 - 2015-04-06 21:43 - 0000773 _____ () C:\Users\killi199\AppData\Roaming\RanorexUiConfig5.xml
2012-12-28 17:13 - 2014-11-12 20:45 - 0005632 _____ () C:\Users\killi199\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-11 16:40 - 2015-06-08 17:43 - 0000600 _____ () C:\Users\killi199\AppData\Local\PUTTY.RND
2014-02-04 19:24 - 2014-02-04 19:24 - 0000017 _____ () C:\Users\killi199\AppData\Local\resmon.resmoncfg
2008-02-05 14:28 - 2008-02-05 14:28 - 0000051 _____ () C:\Users\killi199\AppData\Local\setup.txt
2014-08-30 16:40 - 2014-12-19 16:54 - 1341859 ____N () C:\Users\killi199\AppData\Local\Tempmusic.ogg
2014-12-23 15:11 - 2014-12-23 15:11 - 0000000 _____ () C:\Users\killi199\AppData\Local\{3628B4D8-CB71-4F5C-8E7D-635F8E2AC838}
2014-12-15 14:56 - 2014-12-15 14:57 - 0000000 _____ () C:\Users\killi199\AppData\Local\{71ACCD19-D9DA-4508-BE95-15DCB560025D}

Some files in TEMP:
====================
C:\Users\killi199\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxsjt1d.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVisionIePlugin.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVisionIePlugin64.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreaming.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreaming64.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreamingIePlugin.dll
C:\Users\killi199\AppData\Local\Temp\Nv3DVStreamingIePlugin64.dll
C:\Users\killi199\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\killi199\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\killi199\AppData\Local\Temp\nvStInst.exe
C:\Users\killi199\AppData\Local\Temp\Quarantine.exe
C:\Users\killi199\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-06 13:55

==================== End of log ============================
Ob die Probleme immer noch sind werde ich hier später reinschreiben wenn ich es getestet habe.

killi199 09.06.2015 18:41
Es ist nicht behoben...


Alle Zeitangaben in WEZ +1. Es ist jetzt 05:26 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27