Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Vermutlich Gehackt. Was tun?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 13.07.2015, 19:43   #1
KlausH123
 
Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Hallo werte Mitglieder des Trojaner Boards,
ich habe die Befürchtung, dass ich Opfer eines Hackers bin. Der Verdacht beruht darauf, dass ich einen Drohanruf (Morddrohungen etc.) auf mein Handy bekam, mit unterdrückter Nummer. Die Person war mir fremd und sie machte Angaben zu meinem Namen, meinen Wohnort (Sadtteil) und hatte natürlich meine Nummer. Ich gehe davon aus, das die es von meiner IP hat, doch woher er meine Nummer hat ist mir unbekannt (mein Handy war aber über das Wlan verbunden). Ich war einen Tag ohne Router, sondern nur mit dem Modem unterwegs und zack. Ich habe Wochen vorher schon die Drohung bekommen gehackt zu werden von einer Person, die ich nur online über Steam kannte und die in meiner Steam Freundesliste war (und daher vermutlich die IP hatte).
Was ist zu tun, um mein System zu sichern? Die Polizei ist eingeschaltet, doch ich habe die Befürchtung, das er mich noch spionieren könnte. Ich habe mit Avast und Spybot nach Viren gescannt, aber mein System ist angeblich sauber. Woher kann er sonst meine Nummer haben? Ich habe sie auf keiner Seite außer Paypal angegeben und auf Steam, meiner Email und Paypal andere Passwörter. Ich achtete immer sehr darauf, mir nichts einzufangen, aber gegen einen Hacker ist man wohl relativ machtlos. Was ist euer Rat?

Hier mal ein Hijackthoislog, falls er hilft:
Zitat:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:25:14, on 13.07.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17840)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS Xonar D1 Audio\Customapp\ASUSAUDIOCENTER.EXE
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
F:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
F:\Program Files (x86)\Steam\Steam.exe
F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
E:\Downloads\HiJackThis204(1).exe
C:\Windows\SysWOW64\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - F:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "F:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [GrooveMonitor] "F:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [StartCCC] "F:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKCU\..\Run: [Dxtory Update Checker 2.0] F:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O9 - Extra button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - F:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - F:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall (avast! Firewall) - Avast Software s.r.o. - F:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - F:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 7506 bytes

Alt 13.07.2015, 19:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 13.07.2015, 20:23   #3
KlausH123
 
Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Danke für die Antwort. Hier die Dateien.

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by [user] (administrator) on [user]-PC on 13-07-2015 21:17:15
Running from E:\Downloads
Loaded Profiles: [user] (Available Profiles: [user] & [user2])
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) F:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) F:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software) F:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) F:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(CMedia) C:\Program Files\ASUS Xonar D1 Audio\Customapp\AsusAudioCenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) F:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) F:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) F:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Valve Corporation) F:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Trend Micro Inc.) E:\Downloads\HiJackThis204(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => F:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => F:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => F:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\Run: [Dxtory Update Checker 2.0] => F:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => F:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-18] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-28] (Avast Software s.r.o.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-28] (Avast Software s.r.o.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.69.103.78 80.69.102.158
Tcpip\..\Interfaces\{5D6E13FD-ADDB-4F36-80F3-79C63EC79F63}: [DhcpNameServer] 80.69.103.78 80.69.102.158

FireFox:
========
FF ProfilePath: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default\Extensions\firefox@ghostery.com.xpi [2014-11-17]
FF Extension: BetterTTV - C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default\Extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi [2014-11-17]
FF Extension: Adblock Plus - C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - F:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - F:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-17]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - F:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - F:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; F:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-18] (Avast Software s.r.o.)
R2 avast! Firewall; F:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-22] (Avast Software s.r.o.)
R3 AvastVBoxSvc; F:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-18] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-10] ()
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 Microsoft Office Groove Audit Service; F:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S4 SDScannerService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-18] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-22] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-18] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-06-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-18] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-18] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-18] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-11-17] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-18] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0004.sys [28768 2014-12-17] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 VBoxAswDrv; F:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-18] (Avast Software)
S3 WinRing0_1_2_0; \??\F:\Program Files\Intel Corporation\Intel Processor Diagnostic Tool 64bit\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 21:17 - 2015-07-13 21:17 - 00000000 ____D C:\FRST
2015-07-13 20:11 - 2015-07-13 20:12 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Raptr
2015-07-13 20:11 - 2015-07-13 20:11 - 00000000 ____D C:\Users\[user]\AppData\Roaming\library_dir
2015-07-13 20:11 - 2015-07-13 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-07-13 20:11 - 2015-07-13 20:11 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-13 20:10 - 2015-07-13 20:10 - 00052335 _____ C:\Windows\SysWOW64\CCCInstall_201507132010563129.log
2015-07-13 20:10 - 2015-07-13 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-13 20:09 - 2015-07-13 20:09 - 00000000 ____D C:\ProgramData\ATI
2015-07-13 20:08 - 2015-07-13 20:08 - 00000000 ____D C:\Program Files\AMD
2015-07-09 19:05 - 2015-07-09 19:05 - 00000000 ____D C:\Users\[user]\Documents\ProcAlyzer Dumps
2015-07-07 19:03 - 2015-07-09 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 03:00 - 2015-07-01 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2015-06-29 10:44 - 2015-06-29 10:44 - 00000000 ____D C:\Users\[user]\AppData\Local\Logitech® Webcam-Software
2015-06-29 10:42 - 2015-06-29 10:42 - 00000000 ____D C:\Users\[user]\Documents\Videomaskenprojekte
2015-06-29 10:42 - 2015-06-29 10:42 - 00000000 ____D C:\ProgramData\LogiShrd
2015-06-29 10:38 - 2015-06-29 10:38 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Leadertech
2015-06-29 10:38 - 2015-06-29 10:38 - 00000000 ____D C:\ProgramData\Logitech
2015-06-29 10:37 - 2015-06-29 10:37 - 00001624 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2015-06-29 10:37 - 2015-06-29 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-06-29 10:35 - 2015-06-29 10:38 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-06-29 10:35 - 2015-06-29 10:35 - 00008150 _____ C:\Windows\system32\lvcoinst.log
2015-06-26 23:31 - 2015-06-26 23:39 - 00000000 ___RD C:\Users\[user]\Dropbox
2015-06-26 23:31 - 2015-06-26 23:31 - 00001230 _____ C:\Users\[user]\Desktop\Dropbox.lnk
2015-06-26 23:30 - 2015-06-26 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-26 23:29 - 2015-07-13 20:34 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-06-26 23:29 - 2015-07-13 20:16 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-06-26 23:29 - 2015-06-26 23:38 - 00000000 ____D C:\Users\[user]\AppData\Local\Dropbox
2015-06-26 23:29 - 2015-06-26 23:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-06-26 23:29 - 2015-06-26 23:29 - 00004208 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-06-26 23:29 - 2015-06-26 23:29 - 00003956 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-06-26 23:29 - 2015-06-26 23:29 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Dropbox
2015-06-26 23:29 - 2015-06-26 23:29 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-23 04:09 - 2015-06-23 04:09 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 11941000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 10087472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 07927568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 07407400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 01191320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-06-23 04:05 - 2015-06-23 04:05 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-06-23 04:03 - 2015-06-23 04:03 - 21612032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-06-23 03:59 - 2015-06-23 03:59 - 47782912 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-06-23 03:59 - 2015-06-23 03:59 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-06-23 03:58 - 2015-06-23 03:58 - 39712256 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-06-23 03:57 - 2015-06-23 03:57 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-06-23 03:57 - 2015-06-23 03:57 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-06-23 03:55 - 2015-06-23 03:55 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-06-23 03:55 - 2015-06-23 03:55 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-06-23 03:33 - 2015-06-23 03:33 - 06476288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-06-23 03:33 - 2015-06-23 03:33 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-06-23 03:33 - 2015-06-23 03:33 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-06-23 03:28 - 2015-06-23 03:28 - 05067264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-06-23 03:27 - 2015-06-23 03:27 - 30749184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-06-23 03:25 - 2015-06-23 03:25 - 00093184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-06-23 03:25 - 2015-06-23 03:25 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-06-23 03:22 - 2015-06-23 03:22 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-06-23 03:22 - 2015-06-23 03:22 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-06-23 03:21 - 2015-06-23 03:21 - 25296896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-06-23 03:21 - 2015-06-23 03:21 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-06-23 03:20 - 2015-06-23 03:20 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-06-23 03:19 - 2015-06-23 03:19 - 00660224 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-06-23 03:19 - 2015-06-23 03:19 - 00660224 _____ C:\Windows\system32\atiapfxx.blb
2015-06-23 03:19 - 2015-06-23 03:19 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-06-23 03:19 - 2015-06-23 03:19 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-06-23 03:19 - 2015-06-23 03:19 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-06-23 03:19 - 2015-06-23 03:19 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-06-23 03:19 - 2015-06-23 03:19 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-06-23 03:18 - 2015-06-23 03:18 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-06-23 03:18 - 2015-06-23 03:18 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-06-23 03:16 - 2015-06-23 03:16 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-06-23 03:14 - 2015-06-23 03:14 - 00670720 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00245760 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-06-23 03:14 - 2015-06-23 03:14 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-06-23 03:14 - 2015-06-23 03:14 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-06-23 03:14 - 2015-06-23 03:14 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-06-23 03:12 - 2015-06-23 03:12 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-06-23 03:12 - 2015-06-23 03:12 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-06-23 03:11 - 2015-06-23 03:11 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-06-23 03:11 - 2015-06-23 03:11 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00663552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-06-23 03:10 - 2015-06-23 03:10 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-06-23 03:09 - 2015-06-23 03:09 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-06-23 03:09 - 2015-06-23 03:09 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-06-23 03:07 - 2015-06-23 03:07 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-06-22 21:36 - 2015-06-22 21:36 - 00001000 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-06-22 21:35 - 2015-06-22 21:35 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-06-22 21:35 - 2015-05-18 20:00 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-22 17:58 - 2015-06-22 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-22 17:58 - 2015-06-22 17:58 - 00001060 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-06-22 17:57 - 2015-06-22 17:57 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-06-22 09:14 - 2015-06-22 09:14 - 00830518 _____ C:\Windows\system32\amdicdxx.dat
2015-06-17 08:29 - 2015-06-17 08:29 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\Mozilla
2015-06-17 08:29 - 2015-06-17 08:29 - 00000000 ____D C:\Users\[user2]\AppData\Local\Mozilla
2015-06-17 08:28 - 2015-06-17 08:34 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\OBS
2015-06-17 08:28 - 2015-06-17 08:28 - 00001248 _____ C:\Users\[user2]\Desktop\OBS - Verknüpfung.lnk
2015-06-17 08:26 - 2015-06-17 08:26 - 00114992 _____ C:\Users\[user2]\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-17 08:26 - 2015-06-17 08:26 - 00001425 _____ C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-17 08:26 - 2015-06-17 08:26 - 00000020 ___SH C:\Users\[user2]\ntuser.ini
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Vorlagen
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Startmenü
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Netzwerkumgebung
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Lokale Einstellungen
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Eigene Dateien
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Druckumgebung
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Documents\Eigene Musik
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Documents\Eigene Bilder
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\AppData\Local\Verlauf
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\AppData\Local\Anwendungsdaten
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Anwendungsdaten
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\AVAST Software
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\ATI
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\ASUS
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\Adobe
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Local\VirtualStore
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Local\GWX
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Local\ATI
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]
2015-06-17 08:26 - 2014-12-10 04:02 - 00000000 ____D C:\Users\[user2]\AppData\Local\Microsoft Help
2015-06-17 08:26 - 2014-11-19 00:43 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\Macromedia
2015-06-17 08:26 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-17 08:26 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-16 05:05 - 2015-07-13 20:25 - 00007507 _____ C:\Users\[user]\Desktop\hijackthis.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 20:36 - 2014-11-27 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-13 20:33 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 20:33 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 20:21 - 2014-11-17 15:57 - 01453932 _____ C:\Windows\WindowsUpdate.log
2015-07-13 20:16 - 2015-02-11 13:58 - 00013995 _____ C:\Windows\setupact.log
2015-07-13 20:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 11:17 - 2014-11-18 21:33 - 00000000 ____D C:\Users\[user]\AppData\Local\Battle.net
2015-07-10 10:44 - 2014-11-17 16:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-09 23:48 - 2014-11-18 01:54 - 00000000 ____D C:\Users\[user]\AppData\Local\Spotify
2015-07-09 23:20 - 2014-11-18 01:53 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Spotify
2015-07-09 19:11 - 2015-01-15 03:49 - 00000132 _____ C:\Users\[user]\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-07-09 19:03 - 2015-06-04 11:53 - 00000000 ____D C:\AdwCleaner
2015-07-09 01:36 - 2014-11-27 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 01:36 - 2014-11-17 19:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 01:36 - 2014-11-17 19:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 00:44 - 2015-03-21 16:58 - 00012182 _____ C:\Windows\PFRO.log
2015-07-09 00:44 - 2014-11-17 16:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 00:14 - 2014-11-17 22:45 - 00000000 ____D C:\Users\[user]\AppData\Roaming\OBS
2015-07-07 23:08 - 2015-01-07 14:08 - 00000000 ____D C:\Users\[user]\AppData\Local\Arma 3
2015-07-07 18:23 - 2015-05-26 15:30 - 00000000 ____D C:\Users\[user]\AppData\Local\Deployment
2015-06-30 23:07 - 2015-06-02 12:35 - 00000000 ____D C:\Users\[user]\.chatty
2015-06-30 15:19 - 2014-11-18 01:48 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Audacity
2015-06-30 14:07 - 2014-12-17 18:55 - 00000000 ____D C:\Windows\pss
2015-06-29 21:04 - 2015-04-07 18:49 - 00000000 ____D C:\Users\[user]\Desktop\dayz0.55
2015-06-29 04:17 - 2014-11-18 21:52 - 00000000 ____D C:\Users\[user]\AppData\Roaming\vlc
2015-06-29 02:08 - 2014-11-19 15:48 - 00000000 __SHD C:\Users\[user]\AppData\Local\EmieUserList
2015-06-29 02:08 - 2014-11-19 15:48 - 00000000 __SHD C:\Users\[user]\AppData\Local\EmieSiteList
2015-06-29 02:08 - 2014-11-19 15:48 - 00000000 __SHD C:\Users\[user]\AppData\Local\EmieBrowserModeList
2015-06-26 23:31 - 2014-11-17 15:57 - 00000000 ____D C:\Users\[user]
2015-06-26 21:36 - 2014-11-17 16:38 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 19:16 - 2015-01-04 22:10 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 18:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-23 17:19 - 2014-11-17 22:45 - 00000000 ____D C:\Program Files\OBS
2015-06-23 13:30 - 2014-11-17 19:52 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 04:08 - 2014-11-06 05:40 - 08890576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-06-23 04:08 - 2014-11-06 05:40 - 01440592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-06-23 04:08 - 2014-11-06 05:40 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-06-23 04:08 - 2014-11-06 05:39 - 08786040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-06-23 03:14 - 2014-11-06 04:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-06-23 03:11 - 2014-11-06 04:14 - 01246208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-06-17 10:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-15 20:56 - 2014-11-18 00:59 - 00000828 _____ C:\Users\[user]\Desktop\Dxtory.lnk
2015-06-15 20:56 - 2014-11-18 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0

==================== Files in the root of some directories =======

2014-11-20 14:22 - 2015-01-15 03:49 - 0000132 _____ () C:\Users\[user]\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-01-15 03:49 - 2015-07-09 19:11 - 0000132 _____ () C:\Users\[user]\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-17 18:46 - 2015-03-17 18:46 - 0000098 _____ () C:\Users\[user]\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg
2015-03-17 18:16 - 2015-03-17 18:25 - 0006856 _____ () C:\Users\[user]\AppData\Roaming\TheHunterPrimevalSettings_live.bin
2015-03-17 18:15 - 2015-03-17 18:15 - 0000040 _____ () C:\Users\[user]\AppData\Roaming\TheHunterPrimevalSettings_live.cfg

Some files in TEMP:
====================
C:\Users\[user]\AppData\Local\Temp\raptrpatch.exe
C:\Users\[user]\AppData\Local\Temp\raptr_stub.exe
C:\Users\[user]\AppData\Local\Temp\tmp1DEB.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-09 11:18

==================== End of log ============================
         
--- --- ---


[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by [user] at 2015-07-13 21:17:34
Running from E:\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1498198781-3518620365-1429332980-500 - Administrator - Disabled)
[user] (S-1-5-21-1498198781-3518620365-1429332980-1000 - Administrator - Enabled) => C:\Users\[user]
Gast (S-1-5-21-1498198781-3518620365-1429332980-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1498198781-3518620365-1429332980-1002 - Limited - Enabled)
[user2] (S-1-5-21-1498198781-3518620365-1429332980-1003 - Administrator - Enabled) => C:\Users\[user2]

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden
CCGLauncher version 0.0.0.7 (HKLM-x32\...\{78D51CE5-799C-4FCA-9635-6F61E19EA5E3}_is1) (Version: 0.0.0.7 - Custom Combat Gaming)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
DayZLauncher version 0.0.0.7 (HKLM-x32\...\{E31045B4-9DB5-44DF-9EBD-BD4CFDE640FD}_is1) (Version: 0.0.0.7 - Maca134)
DebugMode FrameServer (HKLM-x32\...\DebugMode FrameServer) (Version:  - )
Don't Starve (HKLM-x32\...\GOGPACKDONTSTARVE_is1) (Version: 2.7.0.16 - GOG.com)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.29 - Dropbox, Inc.) Hidden
Dxtory version 2.0.130 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.130 - ExKode Co. Ltd.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hektor (HKLM-x32\...\Steam App 334070) (Version:  - Rubycone)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKVToolNix 7.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PingPlotter 4.00.3 (HKLM-x32\...\{170A0B35-1F88-423B-B023-5B3DF90F9A8E}) (Version: 4.0.3.6 - Pingman Tools, LLC)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Resident Evil / biohazard HD REMASTER (HKLM-x32\...\Steam App 304240) (Version:  - CAPCOM Co., Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Slender: The Arrival (HKLM-x32\...\Steam App 252330) (Version:  - Blue Isle Studios)
Spotify (HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
theHunter: Primal (HKLM-x32\...\Steam App 322920) (Version:  - Expansive Worlds)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software)
TwitchAlerts (HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7C8BBDE-FE98-11E1-87C9-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireshark 1.12.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WS Launcher (HKLM-x32\...\{575E5E77-2C8E-405F-AB8E-9A7418B704CF}) (Version: 0.0.0.9 - Launcher)
WS Launcher (HKLM-x32\...\{7F654DB0-0749-43AA-8918-FBE2F9BEB891}) (Version: 3.0.2.5 - Launcher)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-06-2015 12:34:28 Geplanter Prüfpunkt
26-06-2015 12:56:31 Windows Update
30-06-2015 13:48:41 Windows Update
01-07-2015 03:00:13 Windows Update
07-07-2015 17:59:42 Windows Update
13-07-2015 20:00:01 Windows Update
13-07-2015 20:17:56 Removed Java 8 Update 45 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-09 18:55 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {22A7DA14-F00D-4DAE-BAB4-8FACD50F83EB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {2CEB3F23-FDC0-4FDE-B59A-ABEC3B65C783} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {63B57EB4-5813-406B-BABF-B2B9875E1869} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {7DFA040F-DA19-4011-B539-8E6DA5A34ED8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {AF962107-80FD-4BA0-A768-E223B9F87C63} - System32\Tasks\avast! Emergency Update => F:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-22] (Avast Software s.r.o.)
Task: {FA65A090-CEB8-461C-9F0F-E3B77C452C2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-18 20:00 - 2015-05-18 20:00 - 00104400 _____ () F:\Program Files\AVAST Software\Avast\log.dll
2015-05-18 20:00 - 2015-05-18 20:00 - 00081728 _____ () F:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-13 19:55 - 2015-07-13 19:55 - 02956288 _____ () F:\Program Files\AVAST Software\Avast\defs\15071301\algo.dll
2014-11-17 16:31 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D1 Audio\Customapp\VmixP8.dll
2015-03-28 17:11 - 2015-03-28 17:12 - 40540672 _____ () F:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-17 20:25 - 2015-04-16 19:40 - 00776192 _____ () F:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 02:22 - 2015-04-23 04:16 - 04962816 _____ () F:\Program Files (x86)\Steam\v8.dll
2015-01-20 02:22 - 2015-04-23 04:16 - 01556992 _____ () F:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 02:22 - 2015-04-23 04:16 - 01187840 _____ () F:\Program Files (x86)\Steam\icuuc.dll
2014-11-17 20:25 - 2015-06-04 20:56 - 02407104 _____ () F:\Program Files (x86)\Steam\video.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 02396672 _____ () F:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00442880 _____ () F:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00479744 _____ () F:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00332800 _____ () F:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00485888 _____ () F:\Program Files (x86)\Steam\libswscale-3.dll
2014-11-17 20:25 - 2015-06-04 20:56 - 00703168 _____ () F:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-11-17 20:25 - 2015-05-11 21:01 - 36302728 _____ () F:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-14 13:51 - 2015-05-11 21:01 - 08958344 _____ () F:\Program Files (x86)\Steam\bin\pdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 80.69.103.78 - 80.69.102.158

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:\Windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^[user]^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\[user]\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: LWS => F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SoftEther VPN Client UI Helper => "F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\[user]\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{D357D961-E459-420E-AED8-41C43388C48C}C:\users\[user]\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\[user]\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{23A91F7B-E589-465B-AC1B-F4FCF82459F0}C:\users\[user]\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\[user]\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1ADF1F9B-3FE8-4177-8077-3214478F6BC4}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E10D5ACD-7340-4A78-A83C-C50BDAB0E271}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{348BD086-6F1B-4DBB-ABF3-2F9EE8BF5B97}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B2B0B0DD-9299-469F-9D3A-86FE2DD6E0F1}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6F82AEBB-B957-4DF2-90BA-6DD83C757698}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{81BF78AA-DBB9-4CFA-93A7-A40649AB067E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{797D826B-AB5C-4072-82AC-5143840710F8}C:\users\[user]\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\[user]\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B1726B87-0795-4893-A88F-9253F7DF4E50}C:\users\[user]\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\[user]\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A672B2EB-BD37-48F9-8FC1-FFBB1BF241E7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{96CC6F77-DBE9-4BBA-BDB5-A0300D98C953}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{E25206BC-3C08-46B2-B348-3F18E1489A2B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3C1DE7D8-D01C-413B-ABA3-6650D2C4E5D0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{418C25A6-AE4B-413F-9FC8-1AD1A9ACD953}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BC013988-F13B-45F1-A139-C757219FDBF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BD9158BE-D6D1-4F08-BAAD-50D7E902945B}] => (Allow) F:\Program Files (x86)\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{33083C9C-167C-43B9-8736-58085AFF860A}] => (Allow) F:\Program Files (x86)\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{9BAE11BE-6BB8-41AC-9DA8-E493EF1EFCC6}] => (Allow) F:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{3CBC552F-59FD-4B95-A8F4-1F9748598B1B}] => (Allow) F:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{F1544B66-CCC4-4952-A038-8ACC791BBFBF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{C3355802-5561-4DDF-A518-9F15DB383673}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{620FE6A2-44BA-4528-9AC1-9FEE52D1FB72}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{874F3A89-1F43-4F4F-8FEB-23223E50A8F1}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{8CE09709-C7D6-409B-90CF-D75816C8D2B7}] => (Block) F:\Program Files\Photoshop\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{8D0C7839-403B-48C7-8931-7823A4D2D7E8}] => (Block) F:\Program Files\Photoshop\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{DF596239-8964-42AF-BDAD-768DA63E7577}] => (Block) F:\Program Files\Photoshop\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{C9617F72-D45C-47EB-A7E9-D12A9A5C2985}F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe
FirewallRules: [UDP Query User{CC366227-F7DC-4D6C-9B0F-E558B29A462A}F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe
FirewallRules: [TCP Query User{8D721BF2-BEC9-4762-B70A-62276FBDD35D}F:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) F:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{7289EE43-DD49-48C2-A805-9F91C73EAC30}F:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) F:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{C08FDCF6-A84C-4E3B-8D94-36E09761980B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{6F7B3176-F503-4D39-8B2F-1A26DFCFB647}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{3141EE2F-BF2F-4BC6-BC2F-B6045216214E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{0A778F50-F146-41AC-86C1-C98F955D6276}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{B4349BDE-E254-42C3-85E2-DA2747A3D065}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{49B11CEF-DFA6-4E82-B422-72E60DEBCE0B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{858058B3-D6F1-4228-9B81-9378C2375395}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{A35F1B94-5D79-40A3-A97D-B94EE915FFA0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{6B6CD793-037A-450B-9345-A03743332D3D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{978CDA68-4E54-43FE-94FA-1EFF3CBAEC56}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{AF0DCCE2-8AA0-4ECC-BF93-AD58013FE49D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{ACF20418-F17E-468F-BD11-18AD1F84DB60}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3C2946A1-9262-47C8-B4EB-56058104F868}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{12380E54-B8F0-4F5F-9512-4783C43E573F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{00DF5F87-40DA-4661-8550-A7D87E7F7E40}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{ADDE8ACE-FB89-4491-B572-1B22771F0A4E}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{89481AAE-65DE-46F9-BADE-F23FEEA548C0}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{A3258D18-052A-4F32-AB2F-9D52D9D5DD7D}] => (Allow) F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{F2411616-A278-4B16-99D2-CB6C08454FBC}] => (Allow) F:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{32760B3F-524B-4047-AAB8-8C8976C330BC}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{2D9B8368-1B7A-42B7-8927-43E9FC38CEBD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{5C9A358E-FFAF-4B13-BE59-5C879B81B265}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{2653C44E-7536-43C4-A48C-8FA1CDCF583A}F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{F1B0D6D2-514F-48E5-835D-7BE6B955822B}F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{4C390EB5-1F5B-4D93-A122-468655376086}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2E5862C-BADE-4CF7-AB39-5A0ECD1B67AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{989ABF3D-65CE-4C1F-9420-36D4B76D3436}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{2C4015A8-1D18-4526-9FD2-D7E1D459F5ED}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{A3FD2E47-4E36-45F7-AC6B-2F4B2FDCA886}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6D2B6D23-225F-42CC-9292-31AC4A878460}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BC234D6B-8B6C-4B14-972E-E528FAD0C0EF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{9377CE36-6662-4B63-9878-8D89CF91DF5C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FAB8A6CD-56B1-44EA-B1C6-F873C1A46E55}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{9D1F9698-2E82-4339-81DF-2C60B31BA822}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [TCP Query User{A6F33C2B-B745-4166-8689-0D552D41A300}F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe
FirewallRules: [UDP Query User{4F92BE1C-CC34-4B9E-B669-B2FE63D7E9CB}F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe
FirewallRules: [TCP Query User{836DBD50-60CF-4FDB-94FB-06234000D4A5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CCBA68E1-5921-4775-A41F-87733329B614}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{6E428937-E46E-4CD5-8D25-753F2631C9CF}F:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) F:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{E8E52207-0157-4F4A-B51D-C358D85B688F}F:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) F:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{F9969388-637E-4F45-8CED-3BAE75F4E5B8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0B767D6E-0722-4188-8AE3-34FFEAB796C3}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{79DD403C-049D-4040-A15F-E6CA22912645}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{8972BFB4-E4FB-46E1-B20F-50450AC3DD21}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9314D975-B6CF-450A-B5C3-5D933307ACC1}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
FirewallRules: [{2D0B065D-A51A-430F-91CF-3FA7C9D846CF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
FirewallRules: [{340DF4FF-9C15-4F9E-9C0C-228C705900E8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{92824602-055E-4F47-AAC2-CB28B4B32326}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{71AD1EE7-EFB5-4E38-8FB0-E091344B7C73}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{D786540A-DE5C-4820-9572-4A290C0722D8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{B084FC52-AD9D-4289-9CD0-2C3AAA7D25CB}] => (Allow) F:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BE6250F5-8AE5-4345-BB5D-13FEEC3CA8D1}] => (Allow) F:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5AFDACE3-E962-4848-9781-F836896E02A6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Hektor\HektorWin.exe
FirewallRules: [{8CB2FA5D-63A3-47A6-88E8-F6177F0B3A33}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Hektor\HektorWin.exe
FirewallRules: [{A2521D70-4D74-4808-A0DC-06BEB3ABE424}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{1732CA4D-06D5-4C73-AD4B-B7356A67E0D4}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{510E0B8F-3AE0-4CCD-80BE-1CF0FF244ECB}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9DCDFCFF-C124-40B4-9A4D-9045BE0C3309}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E9A0E264-F875-4F79-85F9-9725A2051C82}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3A9035EA-5265-4755-BCAE-875DE01ADBA3}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{EB3DF9CA-1D25-4A82-ABC6-E3879CF09B18}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2015 12:47:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x170c
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/09/2015 11:48:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x204
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/09/2015 06:18:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x199c
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 07:05:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1310

Startzeit: 01d0b9a01652977d

Endzeit: 19

Anwendungspfad: F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Berichts-ID:

Error: (07/08/2015 06:46:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x19fc
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 04:10:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0xdc4
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 02:20:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm UNKNOWN, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10bc

Startzeit: 01d0b9782de094ab

Endzeit: 9

Anwendungspfad: UNKNOWN

Berichts-ID: 751c8c20-256b-11e5-9aa3-00ac738c1840

Error: (07/08/2015 02:55:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x17e0
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 12:55:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x1fb4
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/02/2015 12:43:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x6a4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3


System errors:
=============
Error: (07/10/2015 10:48:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.201.1399.0)

Error: (07/10/2015 10:44:46 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/09/2015 10:28:50 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/30/2015 02:13:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/22/2015 09:40:05 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/22/2015 06:00:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F319F1B8-7587-4146-AF9C-0D6D77819BF1}

Error: (06/15/2015 08:24:46 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort3 gefunden.

Error: (06/15/2015 08:24:46 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (06/15/2015 08:24:40 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (06/10/2015 01:26:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 18%
Total physical RAM: 16303.1 MB
Available physical RAM: 13233.92 MB
Total Virtual: 32604.41 MB
Available Virtual: 29332.98 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:18.09 GB) NTFS
Drive d: (Aufnahme) (Fixed) (Total:931.51 GB) (Free:483.55 GB) NTFS
Drive e: (Videos) (Fixed) (Total:465.76 GB) (Free:86.61 GB) NTFS
Drive f: (Spiele & Programme) (Fixed) (Total:585.94 GB) (Free:338.85 GB) NTFS
Drive g: (Daten) (Fixed) (Total:247.92 GB) (Free:154.02 GB) NTFS
Drive h: (Technicolor CM) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0B5736DE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9D2D32F1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 57EFD952)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=247.9 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---
__________________

Geändert von KlausH123 (13.07.2015 um 20:29 Uhr)

Alt 13.07.2015, 22:28   #4
KlausH123
 
Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Ich poste die Ergebnisse nochmal, da das Programm nicht auf dem Desktop lief.


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-07-2015
Ran by [user] (administrator) on [user]-PC on 13-07-2015 23:17:55
Running from C:\Users\[user]\Desktop
Loaded Profiles: [user] (Available Profiles: [user] & [user2])
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Avast Software s.r.o.) F:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) F:\Program Files\AVAST Software\Avast\afwServ.exe
(Avast Software) F:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) F:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(CMedia) C:\Program Files\ASUS Xonar D1 Audio\Customapp\AsusAudioCenter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Avast Software s.r.o.) F:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Advanced Micro Devices Inc.) F:\Program Files\AMD\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) F:\Program Files\AMD\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Valve Corporation) F:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Trend Micro Inc.) E:\Downloads\HiJackThis204(1).exe
(Valve Corporation) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\[user]\Desktop\FRST64(1).exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => F:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-18] (Avast Software s.r.o.)
HKLM-x32\...\Run: [GrooveMonitor] => F:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] => F:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\Run: [Dxtory Update Checker 2.0] => F:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-11-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => F:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-18] (Avast Software s.r.o.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.26.dll [2015-06-10] (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-28] (Avast Software s.r.o.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> F:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> F:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-28] (Avast Software s.r.o.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 80.69.103.78 80.69.102.158
Tcpip\..\Interfaces\{5D6E13FD-ADDB-4F36-80F3-79C63EC79F63}: [DhcpNameServer] 80.69.103.78 80.69.102.158

FireFox:
========
FF ProfilePath: C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default
FF Homepage: hxxp://www.google.de/
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-09] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-09] ()
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default\Extensions\firefox@ghostery.com.xpi [2014-11-17]
FF Extension: BetterTTV - C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default\Extensions\jid0-OeCFXKAPh2tC0bN3Li9ajRAZx6c@jetpack.xpi [2014-11-17]
FF Extension: Adblock Plus - C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Profiles\k6znsua0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-11-17]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - F:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - F:\Program Files\AVAST Software\Avast\WebRep\FF [2014-11-17]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - F:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-03-28]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - F:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; F:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-18] (Avast Software s.r.o.)
R2 avast! Firewall; F:\Program Files\AVAST Software\Avast\afwServ.exe [107448 2015-06-22] (Avast Software s.r.o.)
R3 AvastVBoxSvc; F:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-18] (Avast Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1141248 2015-06-10] ()
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-26] (Dropbox, Inc.)
S3 Microsoft Office Groove Audit Service; F:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S4 SDScannerService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S4 SDUpdateService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
S4 SDWSCService; F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-18] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28144 2015-06-22] (Avast Software s.r.o.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-18] (Avast Software s.r.o.)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449896 2015-06-22] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-18] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-18] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-18] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-18] (Avast Software s.r.o.)
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-11-17] (The OpenVPN Project)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-18] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2734080 2013-04-11] (C-Media Inc)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [495376 2013-05-30] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0004.sys [28768 2014-12-17] (SoftEther VPN Project at University of Tsukuba, Japan.)
R2 VBoxAswDrv; F:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-18] (Avast Software)
S3 WinRing0_1_2_0; \??\F:\Program Files\Intel Corporation\Intel Processor Diagnostic Tool 64bit\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 23:17 - 2015-07-13 23:18 - 00017250 _____ C:\Users\[user]\Desktop\FRST.txt
2015-07-13 23:17 - 2015-07-13 23:17 - 02133504 _____ (Farbar) C:\Users\[user]\Desktop\FRST64(1).exe
2015-07-13 21:17 - 2015-07-13 23:17 - 00000000 ____D C:\FRST
2015-07-13 20:11 - 2015-07-13 20:12 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Raptr
2015-07-13 20:11 - 2015-07-13 20:11 - 00000000 ____D C:\Users\[user]\AppData\Roaming\library_dir
2015-07-13 20:11 - 2015-07-13 20:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-07-13 20:11 - 2015-07-13 20:11 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-07-13 20:10 - 2015-07-13 20:10 - 00052335 _____ C:\Windows\SysWOW64\CCCInstall_201507132010563129.log
2015-07-13 20:10 - 2015-07-13 20:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-13 20:09 - 2015-07-13 20:09 - 00000000 ____D C:\ProgramData\ATI
2015-07-13 20:08 - 2015-07-13 20:08 - 00000000 ____D C:\Program Files\AMD
2015-07-09 19:05 - 2015-07-09 19:05 - 00000000 ____D C:\Users\[user]\Documents\ProcAlyzer Dumps
2015-07-07 19:03 - 2015-07-09 00:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-01 03:00 - 2015-07-01 03:00 - 00000000 ____D C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2015-06-29 10:44 - 2015-06-29 10:44 - 00000000 ____D C:\Users\[user]\AppData\Local\Logitech® Webcam-Software
2015-06-29 10:42 - 2015-06-29 10:42 - 00000000 ____D C:\Users\[user]\Documents\Videomaskenprojekte
2015-06-29 10:42 - 2015-06-29 10:42 - 00000000 ____D C:\ProgramData\LogiShrd
2015-06-29 10:38 - 2015-06-29 10:38 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Leadertech
2015-06-29 10:38 - 2015-06-29 10:38 - 00000000 ____D C:\ProgramData\Logitech
2015-06-29 10:37 - 2015-06-29 10:37 - 00001624 _____ C:\Users\Public\Desktop\Logitech Webcam Software  .lnk
2015-06-29 10:37 - 2015-06-29 10:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-06-29 10:35 - 2015-06-29 10:38 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-06-29 10:35 - 2015-06-29 10:35 - 00008150 _____ C:\Windows\system32\lvcoinst.log
2015-06-26 23:31 - 2015-06-26 23:39 - 00000000 ___RD C:\Users\[user]\Dropbox
2015-06-26 23:31 - 2015-06-26 23:31 - 00001230 _____ C:\Users\[user]\Desktop\Dropbox.lnk
2015-06-26 23:30 - 2015-06-26 23:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-06-26 23:29 - 2015-07-13 22:34 - 00001212 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2015-06-26 23:29 - 2015-07-13 20:16 - 00001208 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2015-06-26 23:29 - 2015-06-26 23:38 - 00000000 ____D C:\Users\[user]\AppData\Local\Dropbox
2015-06-26 23:29 - 2015-06-26 23:31 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-06-26 23:29 - 2015-06-26 23:29 - 00004208 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2015-06-26 23:29 - 2015-06-26 23:29 - 00003956 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2015-06-26 23:29 - 2015-06-26 23:29 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Dropbox
2015-06-26 23:29 - 2015-06-26 23:29 - 00000000 ____D C:\ProgramData\Dropbox
2015-06-23 04:09 - 2015-06-23 04:09 - 00141792 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\amdhcp64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00128384 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\amdhcp32.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00107784 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdave64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00100568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdave32.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atimpc64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdpcom64.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atimpc32.dll
2015-06-23 04:09 - 2015-06-23 04:09 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdpcom32.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 11941000 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atidxx64.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 10087472 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atidxx32.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 07927568 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdva.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 07407400 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiumdag.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 01191320 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\aticfx32.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 00152056 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiuxp64.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiuxpag.dll
2015-06-23 04:08 - 2015-06-23 04:08 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiu9pag.dll
2015-06-23 04:05 - 2015-06-23 04:05 - 00297672 _____ (Advanced Micro Devices) C:\Windows\system32\Drivers\amdacpksd.sys
2015-06-23 04:03 - 2015-06-23 04:03 - 21612032 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmdag.sys
2015-06-23 03:59 - 2015-06-23 03:59 - 47782912 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl64.dll
2015-06-23 03:59 - 2015-06-23 03:59 - 00235008 _____ C:\Windows\system32\clinfo.exe
2015-06-23 03:58 - 2015-06-23 03:58 - 39712256 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl.dll
2015-06-23 03:57 - 2015-06-23 03:57 - 00065024 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-06-23 03:57 - 2015-06-23 03:57 - 00059392 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-06-23 03:55 - 2015-06-23 03:55 - 27535872 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\amdocl12cl64.dll
2015-06-23 03:55 - 2015-06-23 03:55 - 22318592 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\amdocl12cl.dll
2015-06-23 03:33 - 2015-06-23 03:33 - 06476288 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmantle64.dll
2015-06-23 03:33 - 2015-06-23 03:33 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantle64.dll
2015-06-23 03:33 - 2015-06-23 03:33 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantle32.dll
2015-06-23 03:28 - 2015-06-23 03:28 - 05067264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmantle32.dll
2015-06-23 03:27 - 2015-06-23 03:27 - 30749184 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atio6axx.dll
2015-06-23 03:25 - 2015-06-23 03:25 - 00093184 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\mantleaxl64.dll
2015-06-23 03:25 - 2015-06-23 03:25 - 00086528 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\mantleaxl32.dll
2015-06-23 03:22 - 2015-06-23 03:22 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\amdmmcl6.dll
2015-06-23 03:22 - 2015-06-23 03:22 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\amdmmcl.dll
2015-06-23 03:21 - 2015-06-23 03:21 - 25296896 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atioglxx.dll
2015-06-23 03:21 - 2015-06-23 03:21 - 00865792 _____ (AMD) C:\Windows\system32\coinst_15.20.dll
2015-06-23 03:20 - 2015-06-23 03:20 - 03437632 _____ C:\Windows\system32\atiumd6a.cap
2015-06-23 03:19 - 2015-06-23 03:19 - 00660224 _____ C:\Windows\SysWOW64\atiapfxx.blb
2015-06-23 03:19 - 2015-06-23 03:19 - 00660224 _____ C:\Windows\system32\atiapfxx.blb
2015-06-23 03:19 - 2015-06-23 03:19 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiapfxx.exe
2015-06-23 03:19 - 2015-06-23 03:19 - 00062464 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalrt64.dll
2015-06-23 03:19 - 2015-06-23 03:19 - 00055808 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticalcl64.dll
2015-06-23 03:19 - 2015-06-23 03:19 - 00052224 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalrt.dll
2015-06-23 03:19 - 2015-06-23 03:19 - 00049152 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticalcl.dll
2015-06-23 03:18 - 2015-06-23 03:18 - 15716864 _____ (Advanced Micro Devices Inc.) C:\Windows\system32\aticaldd64.dll
2015-06-23 03:18 - 2015-06-23 03:18 - 14302208 _____ (Advanced Micro Devices Inc.) C:\Windows\SysWOW64\aticaldd.dll
2015-06-23 03:16 - 2015-06-23 03:16 - 03471376 _____ C:\Windows\SysWOW64\atiumdva.cap
2015-06-23 03:14 - 2015-06-23 03:14 - 00670720 _____ (AMD) C:\Windows\system32\atieclxx.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00245760 _____ (AMD) C:\Windows\system32\atiesrxx.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00204800 _____ C:\Windows\system32\amdgfxinfo64.dll
2015-06-23 03:14 - 2015-06-23 03:14 - 00190976 _____ (AMD) C:\Windows\system32\atitmm64.dll
2015-06-23 03:14 - 2015-06-23 03:14 - 00189952 _____ C:\Windows\SysWOW64\amdgfxinfo32.dll
2015-06-23 03:14 - 2015-06-23 03:14 - 00160256 _____ C:\Windows\system32\atieah64.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00143872 _____ C:\Windows\SysWOW64\atieah32.exe
2015-06-23 03:14 - 2015-06-23 03:14 - 00029696 _____ (AMD) C:\Windows\system32\atimuixx.dll
2015-06-23 03:12 - 2015-06-23 03:12 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atisamu64.dll
2015-06-23 03:12 - 2015-06-23 03:12 - 00080896 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atisamu32.dll
2015-06-23 03:11 - 2015-06-23 03:11 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxy.dll
2015-06-23 03:11 - 2015-06-23 03:11 - 00926720 _____ (Advanced Micro Devices, Inc.) C:\Windows\SysWOW64\atiadlxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00663552 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\atikmpag.sys
2015-06-23 03:10 - 2015-06-23 03:10 - 00156672 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6txx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00141824 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atigktxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00075264 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atig6pxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\SysWOW64\atiglpxx.dll
2015-06-23 03:10 - 2015-06-23 03:10 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiglpxx.dll
2015-06-23 03:09 - 2015-06-23 03:09 - 00102912 _____ C:\Windows\system32\hsa-thunk64.dll
2015-06-23 03:09 - 2015-06-23 03:09 - 00102400 _____ C:\Windows\SysWOW64\hsa-thunk.dll
2015-06-23 03:07 - 2015-06-23 03:07 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\Drivers\ati2erec.dll
2015-06-22 21:36 - 2015-06-22 21:36 - 00001000 _____ C:\Users\Public\Desktop\Avast Internet Security.lnk
2015-06-22 21:35 - 2015-06-22 21:35 - 00449896 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswNdisFlt.sys
2015-06-22 21:35 - 2015-05-18 20:00 - 00364472 _____ (Avast Software s.r.o.) C:\Windows\system32\aswBoot.exe
2015-06-22 17:58 - 2015-06-22 21:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-06-22 17:58 - 2015-06-22 17:58 - 00001060 _____ C:\Users\Public\Desktop\Avast SafeZone.lnk
2015-06-22 17:57 - 2015-06-22 17:57 - 00028144 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswKbd.sys
2015-06-22 09:14 - 2015-06-22 09:14 - 00830518 _____ C:\Windows\system32\amdicdxx.dat
2015-06-17 08:29 - 2015-06-17 08:29 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\Mozilla
2015-06-17 08:29 - 2015-06-17 08:29 - 00000000 ____D C:\Users\[user2]\AppData\Local\Mozilla
2015-06-17 08:28 - 2015-06-17 08:34 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\OBS
2015-06-17 08:28 - 2015-06-17 08:28 - 00001248 _____ C:\Users\[user2]\Desktop\OBS - Verknüpfung.lnk
2015-06-17 08:26 - 2015-06-17 08:26 - 00114992 _____ C:\Users\[user2]\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-17 08:26 - 2015-06-17 08:26 - 00001425 _____ C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-17 08:26 - 2015-06-17 08:26 - 00000020 ___SH C:\Users\[user2]\ntuser.ini
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Vorlagen
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Startmenü
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Netzwerkumgebung
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Lokale Einstellungen
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Eigene Dateien
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Druckumgebung
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Documents\Eigene Musik
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Documents\Eigene Bilder
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\AppData\Local\Verlauf
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\AppData\Local\Anwendungsdaten
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 _SHDL C:\Users\[user2]\Anwendungsdaten
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\AVAST Software
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\ATI
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\ASUS
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\Adobe
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Local\VirtualStore
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Local\GWX
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]\AppData\Local\ATI
2015-06-17 08:26 - 2015-06-17 08:26 - 00000000 ____D C:\Users\[user2]
2015-06-17 08:26 - 2014-12-10 04:02 - 00000000 ____D C:\Users\[user2]\AppData\Local\Microsoft Help
2015-06-17 08:26 - 2014-11-19 00:43 - 00000000 ____D C:\Users\[user2]\AppData\Roaming\Macromedia
2015-06-17 08:26 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-17 08:26 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\[user2]\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-06-16 05:05 - 2015-07-13 20:25 - 00007507 _____ C:\Users\[user]\Desktop\hijackthis.log

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-13 22:36 - 2014-11-27 13:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-13 22:21 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-13 22:21 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-13 22:15 - 2014-11-17 15:57 - 01458208 _____ C:\Windows\WindowsUpdate.log
2015-07-13 20:16 - 2015-02-11 13:58 - 00013995 _____ C:\Windows\setupact.log
2015-07-13 20:16 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-10 11:17 - 2014-11-18 21:33 - 00000000 ____D C:\Users\[user]\AppData\Local\Battle.net
2015-07-10 10:44 - 2014-11-17 16:38 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-07-09 23:48 - 2014-11-18 01:54 - 00000000 ____D C:\Users\[user]\AppData\Local\Spotify
2015-07-09 23:20 - 2014-11-18 01:53 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Spotify
2015-07-09 19:11 - 2015-01-15 03:49 - 00000132 _____ C:\Users\[user]\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-07-09 19:03 - 2015-06-04 11:53 - 00000000 ____D C:\AdwCleaner
2015-07-09 01:36 - 2014-11-27 13:01 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-09 01:36 - 2014-11-17 19:26 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-09 01:36 - 2014-11-17 19:26 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 00:44 - 2015-03-21 16:58 - 00012182 _____ C:\Windows\PFRO.log
2015-07-09 00:44 - 2014-11-17 16:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-08 00:14 - 2014-11-17 22:45 - 00000000 ____D C:\Users\[user]\AppData\Roaming\OBS
2015-07-07 23:08 - 2015-01-07 14:08 - 00000000 ____D C:\Users\[user]\AppData\Local\Arma 3
2015-07-07 18:23 - 2015-05-26 15:30 - 00000000 ____D C:\Users\[user]\AppData\Local\Deployment
2015-06-30 23:07 - 2015-06-02 12:35 - 00000000 ____D C:\Users\[user]\.chatty
2015-06-30 15:19 - 2014-11-18 01:48 - 00000000 ____D C:\Users\[user]\AppData\Roaming\Audacity
2015-06-30 14:07 - 2014-12-17 18:55 - 00000000 ____D C:\Windows\pss
2015-06-29 21:04 - 2015-04-07 18:49 - 00000000 ____D C:\Users\[user]\Desktop\dayz0.55
2015-06-29 04:17 - 2014-11-18 21:52 - 00000000 ____D C:\Users\[user]\AppData\Roaming\vlc
2015-06-29 02:08 - 2014-11-19 15:48 - 00000000 __SHD C:\Users\[user]\AppData\Local\EmieUserList
2015-06-29 02:08 - 2014-11-19 15:48 - 00000000 __SHD C:\Users\[user]\AppData\Local\EmieSiteList
2015-06-29 02:08 - 2014-11-19 15:48 - 00000000 __SHD C:\Users\[user]\AppData\Local\EmieBrowserModeList
2015-06-26 23:31 - 2014-11-17 15:57 - 00000000 ____D C:\Users\[user]
2015-06-26 21:36 - 2014-11-17 16:38 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
2015-06-25 19:16 - 2015-01-04 22:10 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-06-25 18:01 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-23 17:19 - 2014-11-17 22:45 - 00000000 ____D C:\Program Files\OBS
2015-06-23 13:30 - 2014-11-17 19:52 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-06-23 04:08 - 2014-11-06 05:40 - 08890576 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd6a.dll
2015-06-23 04:08 - 2014-11-06 05:40 - 01440592 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\aticfx64.dll
2015-06-23 04:08 - 2014-11-06 05:40 - 00120144 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiu9p64.dll
2015-06-23 04:08 - 2014-11-06 05:39 - 08786040 _____ (Advanced Micro Devices, Inc. ) C:\Windows\system32\atiumd64.dll
2015-06-23 03:14 - 2014-11-06 04:26 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atidemgy.dll
2015-06-23 03:11 - 2014-11-06 04:14 - 01246208 _____ (Advanced Micro Devices, Inc.) C:\Windows\system32\atiadlxx.dll
2015-06-17 10:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-15 20:56 - 2014-11-18 00:59 - 00000828 _____ C:\Users\[user]\Desktop\Dxtory.lnk
2015-06-15 20:56 - 2014-11-18 00:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dxtory2.0

==================== Files in the root of some directories =======

2014-11-20 14:22 - 2015-01-15 03:49 - 0000132 _____ () C:\Users\[user]\AppData\Roaming\Adobe GIF Format CS5 Prefs
2015-01-15 03:49 - 2015-07-09 19:11 - 0000132 _____ () C:\Users\[user]\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-03-17 18:46 - 2015-03-17 18:46 - 0000098 _____ () C:\Users\[user]\AppData\Roaming\theHunterPrimal_LauncherSettings_live.cfg
2015-03-17 18:16 - 2015-03-17 18:25 - 0006856 _____ () C:\Users\[user]\AppData\Roaming\TheHunterPrimevalSettings_live.bin
2015-03-17 18:15 - 2015-03-17 18:15 - 0000040 _____ () C:\Users\[user]\AppData\Roaming\TheHunterPrimevalSettings_live.cfg

Some files in TEMP:
====================
C:\Users\[user]\AppData\Local\Temp\raptrpatch.exe
C:\Users\[user]\AppData\Local\Temp\raptr_stub.exe
C:\Users\[user]\AppData\Local\Temp\tmp1DEB.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-09 11:18

==================== End of log ============================
         
--- --- ---



[CODE]Additional
FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x64) Version:13-07-2015
Ran by [user] at 2015-07-13 23:18:33
Running from C:\Users\[user]\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1498198781-3518620365-1429332980-500 - Administrator - Disabled)
[user] (S-1-5-21-1498198781-3518620365-1429332980-1000 - Administrator - Enabled) => C:\Users\[user]
Gast (S-1-5-21-1498198781-3518620365-1429332980-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1498198781-3518620365-1429332980-1002 - Limited - Enabled)
[user2] (S-1-5-21-1498198781-3518620365-1429332980-1003 - Administrator - Enabled) => C:\Users\[user2]

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 18.0.0.180 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{14D58A97-B60E-A858-34D8-95469C02F7EC}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
ASUS Xonar D1 Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Internet Security (HKLM-x32\...\Avast) (Version: 10.2.2218 - AVAST Software)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version:  - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
CameraHelperMsi (x32 Version: 13.40.836.0 - Logitech) Hidden
CCGLauncher version 0.0.0.7 (HKLM-x32\...\{78D51CE5-799C-4FCA-9635-6F61E19EA5E3}_is1) (Version: 0.0.0.7 - Custom Combat Gaming)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.72 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{7B2CA5E9-763C-4FCE-81EE-13E81ABFE908}) (Version: 0.92.115 - Dotjosh Studios)
DayZLauncher version 0.0.0.7 (HKLM-x32\...\{E31045B4-9DB5-44DF-9EBD-BD4CFDE640FD}_is1) (Version: 0.0.0.7 - Maca134)
DebugMode FrameServer (HKLM-x32\...\DebugMode FrameServer) (Version:  - )
Don't Starve (HKLM-x32\...\GOGPACKDONTSTARVE_is1) (Version: 2.7.0.16 - GOG.com)
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.6.7 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.29 - Dropbox, Inc.) Hidden
Dxtory version 2.0.130 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.130 - ExKode Co. Ltd.)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version:  - Bethesda Game Studios)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube Download version 3.2.51.1215 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.51.1215 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.52.1215 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.52.1215 - DVDVideoSoft Ltd.)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version:  - Telltale Games)
Grand Theft Auto V (HKLM-x32\...\Steam App 271590) (Version:  - Rockstar North)
H1Z1 (HKLM-x32\...\Steam App 295110) (Version:  - Sony Online Entertainment)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hektor (HKLM-x32\...\Steam App 334070) (Version:  - Rubycone)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.40 - Logitech Inc.)
LWS VideoEffects (Version: 13.30.1379.0 - Logitech) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
MKVToolNix 7.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus)
Mozilla Firefox 39.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 de)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1.1 - Mozilla)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PingPlotter 4.00.3 (HKLM-x32\...\{170A0B35-1F88-423B-B023-5B3DF90F9A8E}) (Version: 4.0.3.6 - Pingman Tools, LLC)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Resident Evil / biohazard HD REMASTER (HKLM-x32\...\Steam App 304240) (Version:  - CAPCOM Co., Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.6 - Rockstar Games)
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version:  - )
Slender: The Arrival (HKLM-x32\...\Steam App 252330) (Version:  - Blue Isle Studios)
Spotify (HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Startfenster (HKLM\...\Startfenster) (Version:  - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Forest (HKLM-x32\...\Steam App 242760) (Version:  - Endnight Games Ltd)
The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version:  - CD PROJEKT RED)
theHunter: Primal (HKLM-x32\...\Steam App 322920) (Version:  - Expansive Worlds)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version:  - 11 bit studios)
TreeSize Free V3.2.1 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.2.1 - JAM Software)
TwitchAlerts (HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\...\fb3f6ca9b67f53a3) (Version: 1.0.0.8 - TwitchAlerts)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A7C8BBDE-FE98-11E1-87C9-F04DA23A5C58}) (Version: 12.0.367 - Sony)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Wireshark 1.12.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.5 - The Wireshark developer community, hxxp://www.wireshark.org)
WS Launcher (HKLM-x32\...\{575E5E77-2C8E-405F-AB8E-9A7418B704CF}) (Version: 0.0.0.9 - Launcher)
WS Launcher (HKLM-x32\...\{7F654DB0-0749-43AA-8918-FBE2F9BEB891}) (Version: 3.0.2.5 - Launcher)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-06-2015 12:34:28 Geplanter Prüfpunkt
26-06-2015 12:56:31 Windows Update
30-06-2015 13:48:41 Windows Update
01-07-2015 03:00:13 Windows Update
07-07-2015 17:59:42 Windows Update
13-07-2015 20:00:01 Windows Update
13-07-2015 20:17:56 Removed Java 8 Update 45 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-07-09 18:55 - 00450771 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	www.0scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	www.1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	www.1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	www.100888290cs.com
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	10sek.com
127.0.0.1	www.10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	123fporn.info
127.0.0.1	www.123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {22A7DA14-F00D-4DAE-BAB4-8FACD50F83EB} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {2CEB3F23-FDC0-4FDE-B59A-ABEC3B65C783} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-09] (Adobe Systems Incorporated)
Task: {63B57EB4-5813-406B-BABF-B2B9875E1869} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {7DFA040F-DA19-4011-B539-8E6DA5A34ED8} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-06-26] (Dropbox, Inc.)
Task: {AF962107-80FD-4BA0-A768-E223B9F87C63} - System32\Tasks\avast! Emergency Update => F:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-06-22] (Avast Software s.r.o.)
Task: {FA65A090-CEB8-461C-9F0F-E3B77C452C2F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-05-18 20:00 - 2015-05-18 20:00 - 00104400 _____ () F:\Program Files\AVAST Software\Avast\log.dll
2015-05-18 20:00 - 2015-05-18 20:00 - 00081728 _____ () F:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-13 19:55 - 2015-07-13 19:55 - 02956288 _____ () F:\Program Files\AVAST Software\Avast\defs\15071301\algo.dll
2014-11-17 16:31 - 2012-06-06 09:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D1 Audio\Customapp\VmixP8.dll
2015-03-28 17:11 - 2015-03-28 17:12 - 40540672 _____ () F:\Program Files\AVAST Software\Avast\libcef.dll
2014-11-17 20:25 - 2015-04-16 19:40 - 00776192 _____ () F:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 02:22 - 2015-04-23 04:16 - 04962816 _____ () F:\Program Files (x86)\Steam\v8.dll
2015-01-20 02:22 - 2015-04-23 04:16 - 01556992 _____ () F:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 02:22 - 2015-04-23 04:16 - 01187840 _____ () F:\Program Files (x86)\Steam\icuuc.dll
2014-11-17 20:25 - 2015-06-04 20:56 - 02407104 _____ () F:\Program Files (x86)\Steam\video.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 02396672 _____ () F:\Program Files (x86)\Steam\libavcodec-56.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00442880 _____ () F:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00479744 _____ () F:\Program Files (x86)\Steam\libavformat-56.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00332800 _____ () F:\Program Files (x86)\Steam\libavresample-2.dll
2014-11-17 20:25 - 2014-12-01 23:31 - 00485888 _____ () F:\Program Files (x86)\Steam\libswscale-3.dll
2014-11-17 20:25 - 2015-06-04 20:56 - 00703168 _____ () F:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-11-17 20:25 - 2015-05-11 21:01 - 36302728 _____ () F:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-14 13:51 - 2015-05-11 21:01 - 08958344 _____ () F:\Program Files (x86)\Steam\bin\pdf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7866 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1498198781-3518620365-1429332980-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\[user]\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp
DNS Servers: 80.69.103.78 - 80.69.102.158

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service Interface => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) ME Service => 2
MSCONFIG\Services: Intel(R) PROSet Monitoring Service => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: SDScannerService => 2
MSCONFIG\Services: SDUpdateService => 2
MSCONFIG\Services: SDWSCService => 2
MSCONFIG\Services: SEVPNCLIENT => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: UMVPFSrv => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoftEther VPN Client Manager Startup.lnk => C:\Windows\pss\SoftEther VPN Client Manager Startup.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^[user]^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Produktregistrierung.lnk => C:\Windows\pss\Logitech . Produktregistrierung.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\[user]\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: IAStorIcon => "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IMSS => "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
MSCONFIG\startupreg: LWS => F:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Raptr => C:\PROGRA~2\Raptr\raptrstub.exe --startup
MSCONFIG\startupreg: SDTray => "F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
MSCONFIG\startupreg: SoftEther VPN Client UI Helper => "F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe" /uihelp
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\[user]\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{D357D961-E459-420E-AED8-41C43388C48C}C:\users\[user]\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\[user]\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{23A91F7B-E589-465B-AC1B-F4FCF82459F0}C:\users\[user]\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\[user]\appdata\local\akamai\netsession_win.exe
FirewallRules: [{1ADF1F9B-3FE8-4177-8077-3214478F6BC4}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E10D5ACD-7340-4A78-A83C-C50BDAB0E271}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{348BD086-6F1B-4DBB-ABF3-2F9EE8BF5B97}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{B2B0B0DD-9299-469F-9D3A-86FE2DD6E0F1}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6F82AEBB-B957-4DF2-90BA-6DD83C757698}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [{81BF78AA-DBB9-4CFA-93A7-A40649AB067E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ.exe
FirewallRules: [TCP Query User{797D826B-AB5C-4072-82AC-5143840710F8}C:\users\[user]\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\[user]\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B1726B87-0795-4893-A88F-9253F7DF4E50}C:\users\[user]\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\[user]\appdata\roaming\spotify\spotify.exe
FirewallRules: [{A672B2EB-BD37-48F9-8FC1-FFBB1BF241E7}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{96CC6F77-DBE9-4BBA-BDB5-A0300D98C953}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2\arma2.exe
FirewallRules: [{E25206BC-3C08-46B2-B348-3F18E1489A2B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3C1DE7D8-D01C-413B-ABA3-6650D2C4E5D0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{418C25A6-AE4B-413F-9FC8-1AD1A9ACD953}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BC013988-F13B-45F1-A139-C757219FDBF8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{BD9158BE-D6D1-4F08-BAAD-50D7E902945B}] => (Allow) F:\Program Files (x86)\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{33083C9C-167C-43B9-8736-58085AFF860A}] => (Allow) F:\Program Files (x86)\Battlenet\Battle.net\Battle.net.exe
FirewallRules: [{9BAE11BE-6BB8-41AC-9DA8-E493EF1EFCC6}] => (Allow) F:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{3CBC552F-59FD-4B95-A8F4-1F9748598B1B}] => (Allow) F:\Program Files (x86)\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{F1544B66-CCC4-4952-A038-8ACC791BBFBF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{C3355802-5561-4DDF-A518-9F15DB383673}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{620FE6A2-44BA-4528-9AC1-9FEE52D1FB72}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{874F3A89-1F43-4F4F-8FEB-23223E50A8F1}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{8CE09709-C7D6-409B-90CF-D75816C8D2B7}] => (Block) F:\Program Files\Photoshop\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{8D0C7839-403B-48C7-8931-7823A4D2D7E8}] => (Block) F:\Program Files\Photoshop\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [{DF596239-8964-42AF-BDAD-768DA63E7577}] => (Block) F:\Program Files\Photoshop\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe
FirewallRules: [TCP Query User{C9617F72-D45C-47EB-A7E9-D12A9A5C2985}F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe
FirewallRules: [UDP Query User{CC366227-F7DC-4D6C-9B0F-E558B29A462A}F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\dayz\dayz_experimental.exe
FirewallRules: [TCP Query User{8D721BF2-BEC9-4762-B70A-62276FBDD35D}F:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) F:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [UDP Query User{7289EE43-DD49-48C2-A805-9F91C73EAC30}F:\program files (x86)\dayzlauncher\dayzlauncher.exe] => (Allow) F:\program files (x86)\dayzlauncher\dayzlauncher.exe
FirewallRules: [{C08FDCF6-A84C-4E3B-8D94-36E09761980B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{6F7B3176-F503-4D39-8B2F-1A26DFCFB647}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Forest\TheForest.exe
FirewallRules: [{3141EE2F-BF2F-4BC6-BC2F-B6045216214E}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{0A778F50-F146-41AC-86C1-C98F955D6276}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3.exe
FirewallRules: [{B4349BDE-E254-42C3-85E2-DA2747A3D065}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{49B11CEF-DFA6-4E82-B422-72E60DEBCE0B}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{858058B3-D6F1-4228-9B81-9378C2375395}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{A35F1B94-5D79-40A3-A97D-B94EE915FFA0}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{6B6CD793-037A-450B-9345-A03743332D3D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{978CDA68-4E54-43FE-94FA-1EFF3CBAEC56}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\DayZ\DayZ_BE.exe
FirewallRules: [{AF0DCCE2-8AA0-4ECC-BF93-AD58013FE49D}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{ACF20418-F17E-468F-BD11-18AD1F84DB60}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{3C2946A1-9262-47C8-B4EB-56058104F868}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{12380E54-B8F0-4F5F-9512-4783C43E573F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{00DF5F87-40DA-4661-8550-A7D87E7F7E40}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe
FirewallRules: [{ADDE8ACE-FB89-4491-B572-1B22771F0A4E}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmgr.exe
FirewallRules: [{89481AAE-65DE-46F9-BADE-F23FEEA548C0}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmd.exe
FirewallRules: [{A3258D18-052A-4F32-AB2F-9D52D9D5DD7D}] => (Allow) F:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
FirewallRules: [{F2411616-A278-4B16-99D2-CB6C08454FBC}] => (Allow) F:\Program Files\SoftEther VPN Client\vpnclient.exe
FirewallRules: [{32760B3F-524B-4047-AAB8-8C8976C330BC}] => (Allow) F:\Program Files\SoftEther VPN Client\vpncmd_x64.exe
FirewallRules: [{2D9B8368-1B7A-42B7-8927-43E9FC38CEBD}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{5C9A358E-FFAF-4B13-BE59-5C879B81B265}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{2653C44E-7536-43C4-A48C-8FA1CDCF583A}F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{F1B0D6D2-514F-48E5-835D-7BE6B955822B}F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [{4C390EB5-1F5B-4D93-A122-468655376086}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D2E5862C-BADE-4CF7-AB39-5A0ECD1B67AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{989ABF3D-65CE-4C1F-9420-36D4B76D3436}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{2C4015A8-1D18-4526-9FD2-D7E1D459F5ED}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Resident Evil Biohazard HD REMASTER\bhd.exe
FirewallRules: [{A3FD2E47-4E36-45F7-AC6B-2F4B2FDCA886}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{6D2B6D23-225F-42CC-9292-31AC4A878460}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{BC234D6B-8B6C-4B14-972E-E528FAD0C0EF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{9377CE36-6662-4B63-9878-8D89CF91DF5C}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{FAB8A6CD-56B1-44EA-B1C6-F873C1A46E55}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [{9D1F9698-2E82-4339-81DF-2C60B31BA822}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Fallout 3 goty\FalloutLauncher.exe
FirewallRules: [TCP Query User{A6F33C2B-B745-4166-8689-0D552D41A300}F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe
FirewallRules: [UDP Query User{4F92BE1C-CC34-4B9E-B669-B2FE63D7E9CB}F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\thehunterprimal\game\thehunterprimal.exe
FirewallRules: [TCP Query User{836DBD50-60CF-4FDB-94FB-06234000D4A5}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{CCBA68E1-5921-4775-A41F-87733329B614}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{6E428937-E46E-4CD5-8D25-753F2631C9CF}F:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) F:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [UDP Query User{E8E52207-0157-4F4A-B51D-C358D85B688F}F:\program files (x86)\secondlifeviewer\slvoice.exe] => (Allow) F:\program files (x86)\secondlifeviewer\slvoice.exe
FirewallRules: [{F9969388-637E-4F45-8CED-3BAE75F4E5B8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{0B767D6E-0722-4188-8AE3-34FFEAB796C3}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{79DD403C-049D-4040-A15F-E6CA22912645}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{8972BFB4-E4FB-46E1-B20F-50450AC3DD21}F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{9314D975-B6CF-450A-B5C3-5D933307ACC1}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
FirewallRules: [{2D0B065D-A51A-430F-91CF-3FA7C9D846CF}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto V\GTA5.exe
FirewallRules: [{340DF4FF-9C15-4F9E-9C0C-228C705900E8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{92824602-055E-4F47-AAC2-CB28B4B32326}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\The Witcher 3\bin\x64\witcher3.exe
FirewallRules: [{71AD1EE7-EFB5-4E38-8FB0-E091344B7C73}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{D786540A-DE5C-4820-9572-4A290C0722D8}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\theHunterPrimal\launcher\launcher.exe
FirewallRules: [{B084FC52-AD9D-4289-9CD0-2C3AAA7D25CB}] => (Allow) F:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BE6250F5-8AE5-4345-BB5D-13FEEC3CA8D1}] => (Allow) F:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{5AFDACE3-E962-4848-9781-F836896E02A6}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Hektor\HektorWin.exe
FirewallRules: [{8CB2FA5D-63A3-47A6-88E8-F6177F0B3A33}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Hektor\HektorWin.exe
FirewallRules: [{A2521D70-4D74-4808-A0DC-06BEB3ABE424}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{1732CA4D-06D5-4C73-AD4B-B7356A67E0D4}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{510E0B8F-3AE0-4CCD-80BE-1CF0FF244ECB}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{9DCDFCFF-C124-40B4-9A4D-9045BE0C3309}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{E9A0E264-F875-4F79-85F9-9725A2051C82}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{3A9035EA-5265-4755-BCAE-875DE01ADBA3}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
FirewallRules: [{EB3DF9CA-1D25-4A82-ABC6-E3879CF09B18}] => (Allow) F:\Program Files (x86)\Steam\steamapps\common\Don't Starve Together Beta\bin\dontstarve_steam.exe
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Faulty Device Manager Devices =============

Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/10/2015 12:47:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x170c
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/09/2015 11:48:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x204
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/09/2015 06:18:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x199c
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 07:05:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1310

Startzeit: 01d0b9a01652977d

Endzeit: 19

Anwendungspfad: F:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Berichts-ID:

Error: (07/08/2015 06:46:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x19fc
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 04:10:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0xdc4
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 02:20:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm UNKNOWN, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10bc

Startzeit: 01d0b9782de094ab

Endzeit: 9

Anwendungspfad: UNKNOWN

Berichts-ID: 751c8c20-256b-11e5-9aa3-00ac738c1840

Error: (07/08/2015 02:55:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x17e0
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/08/2015 12:55:11 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Hearthstone.exe, Version: 2.7.0.9166, Zeitstempel: 0x55384543
Name des fehlerhaften Moduls: DxtoryCore.dll, Version: 2.0.0.130, Zeitstempel: 0x557e6865
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00022a4d
ID des fehlerhaften Prozesses: 0x1fb4
Startzeit der fehlerhaften Anwendung: 0xHearthstone.exe0
Pfad der fehlerhaften Anwendung: Hearthstone.exe1
Pfad des fehlerhaften Moduls: Hearthstone.exe2
Berichtskennung: Hearthstone.exe3

Error: (07/02/2015 12:43:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 38.0.5.5623, Zeitstempel: 0x5563c49a
Name des fehlerhaften Moduls: mozalloc.dll, Version: 38.0.5.5623, Zeitstempel: 0x5563b229
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0x6a4
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3


System errors:
=============
Error: (07/10/2015 10:48:50 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597 (Definition 1.201.1399.0)

Error: (07/10/2015 10:44:46 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (07/09/2015 10:28:50 AM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/30/2015 02:13:42 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (06/22/2015 09:40:05 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/22/2015 06:00:07 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {F319F1B8-7587-4146-AF9C-0D6D77819BF1}

Error: (06/15/2015 08:24:46 PM) (Source: atapi) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Ide\IdePort3 gefunden.

Error: (06/15/2015 08:24:46 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (06/15/2015 08:24:40 PM) (Source: cdrom) (EventID: 15) (User: )
Description: Das Gerät \Device\CdRom0 ist für den Zugriff noch nicht bereit.

Error: (06/10/2015 01:26:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16303.1 MB
Available physical RAM: 12250.59 MB
Total Virtual: 32604.41 MB
Available Virtual: 28185.07 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:18.05 GB) NTFS
Drive d: (Aufnahme) (Fixed) (Total:931.51 GB) (Free:483.55 GB) NTFS
Drive e: (Videos) (Fixed) (Total:465.76 GB) (Free:86.61 GB) NTFS
Drive f: (Spiele & Programme) (Fixed) (Total:585.94 GB) (Free:338.85 GB) NTFS
Drive g: (Daten) (Fixed) (Total:247.92 GB) (Free:154.02 GB) NTFS
Drive h: (Technicolor CM) (CDROM) (Total:0.09 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0B5736DE)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9D2D32F1)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 57EFD952)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=247.9 GB) - (Type=07 NTFS)

==================== End of log ============================
         
--- --- ---

Alt 14.07.2015, 10:17   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Anhand der IP bekommt man keinen Wohnort raus. Ausser man ist bei der Polizeit, hat nen Gerichtsbeschluss, und der Anbieter gibt die Daten zu deiner IP raus.


Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.07.2015, 20:21   #6
KlausH123
 
Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.14.02
  rootkit: v2015.07.10.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17843
Bekay :: [user]-PC [administrator]

14.07.2015 11:50:38
mbar-log-2015-07-14 (11-50-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 396081
Time elapsed: 8 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
12:05:44.0468 0x1624  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
12:05:47.0996 0x1624  ============================================================
12:05:47.0996 0x1624  Current date / time: 2015/07/14 12:05:47.0996
12:05:47.0996 0x1624  SystemInfo:
12:05:47.0996 0x1624  
12:05:47.0996 0x1624  OS Version: 6.1.7601 ServicePack: 1.0
12:05:47.0996 0x1624  Product type: Workstation
12:05:47.0996 0x1624  ComputerName: [user]-PC
12:05:47.0996 0x1624  UserName: [user]
12:05:47.0996 0x1624  Windows directory: C:\Windows
12:05:47.0996 0x1624  System windows directory: C:\Windows
12:05:47.0996 0x1624  Running under WOW64
12:05:47.0996 0x1624  Processor architecture: Intel x64
12:05:47.0996 0x1624  Number of processors: 8
12:05:47.0996 0x1624  Page size: 0x1000
12:05:47.0996 0x1624  Boot type: Normal boot
12:05:47.0996 0x1624  ============================================================
12:05:50.0172 0x1624  KLMD registered as C:\Windows\system32\drivers\93796126.sys
12:05:50.0345 0x1624  System UUID: {BC88A5EF-B8EB-EE3D-14B3-7A578CF6667B}
12:05:50.0583 0x1624  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:50.0583 0x1624  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:50.0597 0x1624  Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:05:50.0601 0x1624  ============================================================
12:05:50.0601 0x1624  \Device\Harddisk2\DR2:
12:05:50.0601 0x1624  MBR partitions:
12:05:50.0601 0x1624  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:05:50.0601 0x1624  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC31E000
12:05:50.0601 0x1624  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x493E0000
12:05:50.0601 0x1624  \Device\Harddisk2\DR2\Partition4: MBR, Type 0x7, StartLBA 0x55730800, BlocksNum 0x1EFD5800
12:05:50.0601 0x1624  \Device\Harddisk0\DR0:
12:05:50.0601 0x1624  MBR partitions:
12:05:50.0601 0x1624  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
12:05:50.0601 0x1624  \Device\Harddisk1\DR1:
12:05:50.0601 0x1624  MBR partitions:
12:05:50.0601 0x1624  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A384800
12:05:50.0601 0x1624  ============================================================
12:05:50.0622 0x1624  C: <-> \Device\Harddisk2\DR2\Partition2
12:05:50.0653 0x1624  D: <-> \Device\Harddisk0\DR0\Partition1
12:05:50.0678 0x1624  E: <-> \Device\Harddisk1\DR1\Partition1
12:05:50.0738 0x1624  F: <-> \Device\Harddisk2\DR2\Partition3
12:05:50.0783 0x1624  G: <-> \Device\Harddisk2\DR2\Partition4
12:05:50.0783 0x1624  ============================================================
12:05:50.0783 0x1624  Initialize success
12:05:50.0783 0x1624  ============================================================
12:06:16.0467 0x17d4  ============================================================
12:06:16.0467 0x17d4  Scan started
12:06:16.0467 0x17d4  Mode: Manual; SigCheck; TDLFS; 
12:06:16.0467 0x17d4  ============================================================
12:06:16.0467 0x17d4  KSN ping started
12:06:30.0445 0x17d4  KSN ping finished: true
12:06:32.0430 0x17d4  ================ Scan system memory ========================
12:06:32.0430 0x17d4  System memory - ok
12:06:32.0430 0x17d4  ================ Scan services =============================
12:06:32.0547 0x17d4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
12:06:32.0590 0x17d4  1394ohci - ok
12:06:32.0646 0x17d4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
12:06:32.0656 0x17d4  ACPI - ok
12:06:32.0669 0x17d4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
12:06:32.0685 0x17d4  AcpiPmi - ok
12:06:32.0768 0x17d4  [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:06:32.0774 0x17d4  AdobeARMservice - ok
12:06:32.0825 0x17d4  [ B8F7DF2DD3AA8A5AA865162F011636AD, 733AC203ABEEC3295E2CB5FC623260406EA1CF8A4DD317C637F014C9D6612DEB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:06:32.0833 0x17d4  AdobeFlashPlayerUpdateSvc - ok
12:06:32.0861 0x17d4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
12:06:32.0873 0x17d4  adp94xx - ok
12:06:32.0879 0x17d4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
12:06:32.0889 0x17d4  adpahci - ok
12:06:32.0893 0x17d4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
12:06:32.0900 0x17d4  adpu320 - ok
12:06:32.0912 0x17d4  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
12:06:32.0930 0x17d4  AeLookupSvc - ok
12:06:32.0954 0x17d4  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
12:06:32.0978 0x17d4  AFD - ok
12:06:32.0988 0x17d4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
12:06:32.0993 0x17d4  agp440 - ok
12:06:33.0014 0x17d4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
12:06:33.0029 0x17d4  ALG - ok
12:06:33.0049 0x17d4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
12:06:33.0054 0x17d4  aliide - ok
12:06:33.0075 0x17d4  [ E8E046DB17671161DE74D1BB4E42D4B5, 49E0989DBA83AD0E6343FF85183C272C3DDDFF46A82D4F03C96E1EF84732020B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:06:33.0100 0x17d4  AMD External Events Utility - ok
12:06:33.0118 0x17d4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
12:06:33.0123 0x17d4  amdide - ok
12:06:33.0138 0x17d4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
12:06:33.0149 0x17d4  AmdK8 - ok
12:06:33.0159 0x17d4  amdkmdag - ok
12:06:33.0183 0x17d4  [ D3714915E9DFE9ED65AC8AFA7BC2AC19, 1DCDACE2F6A1237BFA8CEE5ECDE33BD32F8CD94DC8E566174E2A16E092740D37 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
12:06:33.0222 0x17d4  amdkmdap - ok
12:06:33.0224 0x17d4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
12:06:33.0239 0x17d4  AmdPPM - ok
12:06:33.0260 0x17d4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
12:06:33.0266 0x17d4  amdsata - ok
12:06:33.0290 0x17d4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
12:06:33.0298 0x17d4  amdsbs - ok
12:06:33.0310 0x17d4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
12:06:33.0316 0x17d4  amdxata - ok
12:06:33.0338 0x17d4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
12:06:33.0353 0x17d4  AppID - ok
12:06:33.0376 0x17d4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
12:06:33.0384 0x17d4  AppIDSvc - ok
12:06:33.0409 0x17d4  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
12:06:33.0424 0x17d4  Appinfo - ok
12:06:33.0465 0x17d4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
12:06:33.0491 0x17d4  AppMgmt - ok
12:06:33.0494 0x17d4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
12:06:33.0500 0x17d4  arc - ok
12:06:33.0502 0x17d4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
12:06:33.0509 0x17d4  arcsas - ok
12:06:33.0578 0x17d4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:06:33.0585 0x17d4  aspnet_state - ok
12:06:33.0620 0x17d4  [ B5B4C90E9F52DA8586F1E5461AD90A5D, D1EAA34E6AEB014E942D22F8CB5FB19BF1E2EADE5B5357274C001F44FDC25F05 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
12:06:33.0628 0x17d4  aswHwid - ok
12:06:33.0641 0x17d4  [ 2EF62E6F46345480A2946AA7D7EB28F5, E1952C776CA41A2D9242154BD6613559BFE4D38E47C7C4AE894108B479B2F9D0 ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
12:06:33.0646 0x17d4  aswKbd - ok
12:06:33.0657 0x17d4  [ 300CB8E510855189CAD0B72FFB5590CB, EB50DC553FA8FD9DE3F60AAFED20702EAFBB1498EBD3220A39CC52A12F694246 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
12:06:33.0662 0x17d4  aswMonFlt - ok
12:06:33.0689 0x17d4  [ 81A2A421E6D7B43AA9E87A5FCB5730C3, CF232DBB07FAD95248FED789E67592D73027F145E08BD5269A3773E48693641B ] aswNdisFlt      C:\Windows\system32\DRIVERS\aswNdisFlt.sys
12:06:33.0700 0x17d4  aswNdisFlt - ok
12:06:33.0710 0x17d4  [ 6D37D8DB30D086739507C5F6E542656A, 746D9E32E729138EA19062F4E6B6C98B6833504020A296E3E2A9CD92E0FED0B9 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
12:06:33.0715 0x17d4  aswRdr - ok
12:06:33.0729 0x17d4  [ 07E32DFCA422A2920482D762D01957EC, A6502D26266D708E55EB2883897673AD3087C41D9EA0B41CD6BF6BD923EBDCB8 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
12:06:33.0735 0x17d4  aswRvrt - ok
12:06:33.0771 0x17d4  [ 3B4AC2DBFC86F7247C1FF1FAF2860530, A54A693D01C02AAE2B78BFE9B3900B5A6DD0C2C37C8FA58B14B5F57107032FF5 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
12:06:33.0791 0x17d4  aswSnx - ok
12:06:33.0820 0x17d4  [ A04F190FCD762E7BCC9BFC70563C52DB, 2BF6823F2EADBDA28DF1CCECCAC84D9FF37D3CFB66A7B402575C6B9FCFB45EB3 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
12:06:33.0831 0x17d4  aswSP - ok
12:06:33.0840 0x17d4  [ 6E53278ECCFFBC2ACC2A5006745ED4BB, 392170073A8933DB43CD1D64AD087F972F1971BF83BCAFE5B8FA1273C02026CE ] aswStm          C:\Windows\system32\drivers\aswStm.sys
12:06:33.0847 0x17d4  aswStm - ok
12:06:33.0863 0x17d4  [ E4ABC023E251D2BB6B98C9FCAF5CF16D, 2A94320A3EF16E641B693BF6EABABB57C891B914B00F73ACD7ADB8CA5089EC40 ] aswTap          C:\Windows\system32\DRIVERS\aswTap.sys
12:06:33.0869 0x17d4  aswTap - ok
12:06:33.0875 0x17d4  [ 91782404718C6352C26B3242BAC3F0F1, 84B1CDD1EBC83FAEBDCC8F67B13CA405C6CF0C518FC016603889EBE48FC91AB9 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
12:06:33.0883 0x17d4  aswVmm - ok
12:06:33.0892 0x17d4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
12:06:33.0910 0x17d4  AsyncMac - ok
12:06:33.0930 0x17d4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
12:06:33.0936 0x17d4  atapi - ok
12:06:33.0979 0x17d4  [ 4EB5F2611381CB79DDDD627F3F1503CB, 53584998C32B1D2AD6B898CBDBEAC72100B8FAC25B5BCFDA88E0C3588244F335 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
12:06:33.0987 0x17d4  AtiHDAudioService - ok
12:06:34.0026 0x17d4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:06:34.0057 0x17d4  AudioEndpointBuilder - ok
12:06:34.0082 0x17d4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
12:06:34.0097 0x17d4  AudioSrv - ok
12:06:34.0151 0x17d4  [ 54236E79A44F909612391C8A2D70D512, B0DF5BCC4F90AF087D0306F8D81F90B2CAE0176813E3AA6A7D5460F7878677CD ] avast! Antivirus F:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:06:34.0161 0x17d4  avast! Antivirus - ok
12:06:34.0206 0x17d4  [ C569E7F268C43D6C9C4D74EE2F06CCD8, 8E66A2C610E00D0F01CECAC8E32824D3B54E823781E953C8A506BAB4CFDE7F23 ] avast! Firewall F:\Program Files\AVAST Software\Avast\afwServ.exe
12:06:34.0212 0x17d4  avast! Firewall - ok
12:06:34.0322 0x17d4  [ 46C430FE178028F7AD151B62EBA3EEC5, C883B7A974A629549470B28532640C1FD2166CC4F95C69E4C4A1596AF5A5A331 ] AvastVBoxSvc    F:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
12:06:34.0381 0x17d4  AvastVBoxSvc - ok
12:06:34.0431 0x17d4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
12:06:34.0454 0x17d4  AxInstSV - ok
12:06:34.0471 0x17d4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
12:06:34.0496 0x17d4  b06bdrv - ok
12:06:34.0510 0x17d4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
12:06:34.0538 0x17d4  b57nd60a - ok
12:06:34.0581 0x17d4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
12:06:34.0600 0x17d4  BDESVC - ok
12:06:34.0612 0x17d4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
12:06:34.0646 0x17d4  Beep - ok
12:06:34.0708 0x17d4  [ C4C9CFB7E42CD1CAF172D92D5A3E4AA9, 448205E4E766C3A8E77BD5713C2458BE5507CD680366E2F0507FAE68FAE5CDEF ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
12:06:34.0728 0x17d4  BEService - ok
12:06:34.0787 0x17d4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
12:06:34.0803 0x17d4  BFE - ok
12:06:34.0821 0x17d4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
12:06:34.0851 0x17d4  BITS - ok
12:06:34.0868 0x17d4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
12:06:34.0874 0x17d4  blbdrive - ok
12:06:34.0894 0x17d4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
12:06:34.0901 0x17d4  bowser - ok
12:06:34.0903 0x17d4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:06:34.0923 0x17d4  BrFiltLo - ok
12:06:34.0925 0x17d4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:06:34.0941 0x17d4  BrFiltUp - ok
12:06:34.0957 0x17d4  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
12:06:34.0977 0x17d4  Browser - ok
12:06:34.0983 0x17d4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
12:06:35.0006 0x17d4  Brserid - ok
12:06:35.0008 0x17d4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
12:06:35.0030 0x17d4  BrSerWdm - ok
12:06:35.0032 0x17d4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
12:06:35.0047 0x17d4  BrUsbMdm - ok
12:06:35.0048 0x17d4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
12:06:35.0055 0x17d4  BrUsbSer - ok
12:06:35.0073 0x17d4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
12:06:35.0082 0x17d4  BTHMODEM - ok
12:06:35.0094 0x17d4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
12:06:35.0124 0x17d4  bthserv - ok
12:06:35.0136 0x17d4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
12:06:35.0155 0x17d4  cdfs - ok
12:06:35.0173 0x17d4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
12:06:35.0181 0x17d4  cdrom - ok
12:06:35.0196 0x17d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
12:06:35.0215 0x17d4  CertPropSvc - ok
12:06:35.0217 0x17d4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
12:06:35.0225 0x17d4  circlass - ok
12:06:35.0239 0x17d4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
12:06:35.0250 0x17d4  CLFS - ok
12:06:35.0310 0x17d4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:06:35.0316 0x17d4  clr_optimization_v2.0.50727_32 - ok
12:06:35.0335 0x17d4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:06:35.0342 0x17d4  clr_optimization_v2.0.50727_64 - ok
12:06:35.0398 0x17d4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:06:35.0406 0x17d4  clr_optimization_v4.0.30319_32 - ok
12:06:35.0416 0x17d4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:06:35.0424 0x17d4  clr_optimization_v4.0.30319_64 - ok
12:06:35.0426 0x17d4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
12:06:35.0432 0x17d4  CmBatt - ok
12:06:35.0454 0x17d4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
12:06:35.0459 0x17d4  cmdide - ok
12:06:35.0527 0x17d4  [ A22223EBADA0DA435D82FF97067E9CC5, 2974145532F7ABAA66E897289379B676FBB19757B84CFE2D4967CEB9961B1157 ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
12:06:35.0570 0x17d4  cmudaxp - ok
12:06:35.0608 0x17d4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
12:06:35.0621 0x17d4  CNG - ok
12:06:35.0636 0x17d4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
12:06:35.0641 0x17d4  Compbatt - ok
12:06:35.0655 0x17d4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
12:06:35.0663 0x17d4  CompositeBus - ok
12:06:35.0665 0x17d4  COMSysApp - ok
12:06:35.0667 0x17d4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
12:06:35.0673 0x17d4  crcdisk - ok
12:06:35.0691 0x17d4  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
12:06:35.0709 0x17d4  CryptSvc - ok
12:06:35.0735 0x17d4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
12:06:35.0759 0x17d4  CSC - ok
12:06:35.0796 0x17d4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
12:06:35.0819 0x17d4  CscService - ok
12:06:35.0845 0x17d4  dbupdate - ok
12:06:35.0846 0x17d4  dbupdatem - ok
12:06:35.0872 0x17d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
12:06:35.0898 0x17d4  DcomLaunch - ok
12:06:35.0917 0x17d4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
12:06:35.0939 0x17d4  defragsvc - ok
12:06:35.0959 0x17d4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
12:06:35.0981 0x17d4  DfsC - ok
12:06:36.0003 0x17d4  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
12:06:36.0010 0x17d4  dg_ssudbus - ok
12:06:36.0022 0x17d4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
12:06:36.0033 0x17d4  Dhcp - ok
12:06:36.0115 0x17d4  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
12:06:36.0138 0x17d4  DiagTrack - ok
12:06:36.0152 0x17d4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
12:06:36.0185 0x17d4  discache - ok
12:06:36.0221 0x17d4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
12:06:36.0227 0x17d4  Disk - ok
12:06:36.0246 0x17d4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
12:06:36.0255 0x17d4  Dnscache - ok
12:06:36.0282 0x17d4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
12:06:36.0313 0x17d4  dot3svc - ok
12:06:36.0331 0x17d4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
12:06:36.0362 0x17d4  DPS - ok
12:06:36.0388 0x17d4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
12:06:36.0412 0x17d4  drmkaud - ok
12:06:36.0455 0x17d4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
12:06:36.0474 0x17d4  DXGKrnl - ok
12:06:36.0515 0x17d4  [ 73F8DE25B04A66CE3BE5D09A10DE56E6, ABA5AA50D936897CC71D710BBCF9A1B1CCCAC290FCD10A710E4471C1CDDE1093 ] e1dexpress      C:\Windows\system32\DRIVERS\e1d62x64.sys
12:06:36.0525 0x17d4  e1dexpress - ok
12:06:36.0547 0x17d4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
12:06:36.0575 0x17d4  EapHost - ok
12:06:36.0668 0x17d4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
12:06:36.0717 0x17d4  ebdrv - ok
12:06:36.0741 0x17d4  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] EFS             C:\Windows\System32\lsass.exe
12:06:36.0757 0x17d4  EFS - ok
12:06:36.0794 0x17d4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
12:06:36.0810 0x17d4  ehRecvr - ok
12:06:36.0831 0x17d4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
12:06:36.0839 0x17d4  ehSched - ok
12:06:36.0856 0x17d4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
12:06:36.0868 0x17d4  elxstor - ok
12:06:36.0886 0x17d4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
12:06:36.0893 0x17d4  ErrDev - ok
12:06:36.0917 0x17d4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
12:06:36.0942 0x17d4  EventSystem - ok
12:06:36.0955 0x17d4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
12:06:36.0975 0x17d4  exfat - ok
12:06:36.0986 0x17d4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
12:06:37.0007 0x17d4  fastfat - ok
12:06:37.0044 0x17d4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
12:06:37.0061 0x17d4  Fax - ok
12:06:37.0064 0x17d4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
12:06:37.0078 0x17d4  fdc - ok
12:06:37.0096 0x17d4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
12:06:37.0116 0x17d4  fdPHost - ok
12:06:37.0124 0x17d4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
12:06:37.0158 0x17d4  FDResPub - ok
12:06:37.0176 0x17d4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
12:06:37.0182 0x17d4  FileInfo - ok
12:06:37.0188 0x17d4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
12:06:37.0206 0x17d4  Filetrace - ok
12:06:37.0208 0x17d4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
12:06:37.0214 0x17d4  flpydisk - ok
12:06:37.0223 0x17d4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
12:06:37.0232 0x17d4  FltMgr - ok
12:06:37.0269 0x17d4  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
12:06:37.0292 0x17d4  FontCache - ok
12:06:37.0314 0x17d4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:06:37.0319 0x17d4  FontCache3.0.0.0 - ok
12:06:37.0333 0x17d4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
12:06:37.0339 0x17d4  FsDepends - ok
12:06:37.0360 0x17d4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
12:06:37.0366 0x17d4  Fs_Rec - ok
12:06:37.0399 0x17d4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
12:06:37.0409 0x17d4  fvevol - ok
12:06:37.0430 0x17d4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
12:06:37.0436 0x17d4  gagp30kx - ok
12:06:37.0466 0x17d4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
12:06:37.0514 0x17d4  gpsvc - ok
12:06:37.0517 0x17d4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
12:06:37.0531 0x17d4  hcw85cir - ok
12:06:37.0586 0x17d4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:06:37.0599 0x17d4  HdAudAddService - ok
12:06:37.0612 0x17d4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
12:06:37.0622 0x17d4  HDAudBus - ok
12:06:37.0624 0x17d4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
12:06:37.0638 0x17d4  HidBatt - ok
12:06:37.0641 0x17d4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
12:06:37.0650 0x17d4  HidBth - ok
12:06:37.0652 0x17d4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
12:06:37.0660 0x17d4  HidIr - ok
12:06:37.0663 0x17d4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
12:06:37.0682 0x17d4  hidserv - ok
12:06:37.0711 0x17d4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
12:06:37.0718 0x17d4  HidUsb - ok
12:06:37.0734 0x17d4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
12:06:37.0766 0x17d4  hkmsvc - ok
12:06:37.0807 0x17d4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:06:37.0818 0x17d4  HomeGroupListener - ok
12:06:37.0828 0x17d4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:06:37.0839 0x17d4  HomeGroupProvider - ok
12:06:37.0851 0x17d4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
12:06:37.0857 0x17d4  HpSAMD - ok
12:06:37.0881 0x17d4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
12:06:37.0898 0x17d4  HTTP - ok
12:06:37.0914 0x17d4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
12:06:37.0920 0x17d4  hwpolicy - ok
12:06:37.0934 0x17d4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
12:06:37.0942 0x17d4  i8042prt - ok
12:06:37.0973 0x17d4  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\Windows\system32\DRIVERS\iaStorA.sys
12:06:37.0987 0x17d4  iaStorA - ok
12:06:37.0995 0x17d4  [ CE5CD8CBE940965867D507AB8EA2795A, 1CC2C23A1436E4C911DD3B942D8F6DABB7249AB04426F9AB6B6045034226DD25 ] iaStorF         C:\Windows\system32\DRIVERS\iaStorF.sys
12:06:38.0000 0x17d4  iaStorF - ok
12:06:38.0013 0x17d4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
12:06:38.0024 0x17d4  iaStorV - ok
12:06:38.0068 0x17d4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:06:38.0085 0x17d4  idsvc - ok
12:06:38.0100 0x17d4  IEEtwCollectorService - ok
12:06:38.0116 0x17d4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
12:06:38.0122 0x17d4  iirsp - ok
12:06:38.0153 0x17d4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
12:06:38.0171 0x17d4  IKEEXT - ok
12:06:38.0199 0x17d4  [ CBF7341E55A8348C7AB01A9870C7D948, A5084DF3C6321788C88A9E6B5F43FE5BCFDBB579BDE3A4D5F55558C6D13035A5 ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe
12:06:38.0207 0x17d4  Intel(R) PROSet Monitoring Service - ok
12:06:38.0214 0x17d4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
12:06:38.0219 0x17d4  intelide - ok
12:06:38.0227 0x17d4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
12:06:38.0234 0x17d4  intelppm - ok
12:06:38.0245 0x17d4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
12:06:38.0265 0x17d4  IPBusEnum - ok
12:06:38.0284 0x17d4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:06:38.0303 0x17d4  IpFilterDriver - ok
12:06:38.0330 0x17d4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
12:06:38.0359 0x17d4  iphlpsvc - ok
12:06:38.0370 0x17d4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
12:06:38.0389 0x17d4  IPMIDRV - ok
12:06:38.0392 0x17d4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
12:06:38.0422 0x17d4  IPNAT - ok
12:06:38.0430 0x17d4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
12:06:38.0454 0x17d4  IRENUM - ok
12:06:38.0468 0x17d4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
12:06:38.0473 0x17d4  isapnp - ok
12:06:38.0496 0x17d4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
12:06:38.0504 0x17d4  iScsiPrt - ok
12:06:38.0538 0x17d4  [ 78D369F8A81A341109FBA1DB64B4C512, E584F693255CCBF7006E7D35984149CF599BB0849A8F02EFDD6223DF0D606049 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:06:38.0543 0x17d4  iusb3hcs - ok
12:06:38.0564 0x17d4  [ 5B632ABA038CE2E2D5D2D1115C6B26D1, 605A8FFA704E4369CF9D17DF8630DC9E196B8920D47F1CC5151759E60B234C1F ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
12:06:38.0574 0x17d4  iusb3hub - ok
12:06:38.0596 0x17d4  [ EA841584EF59528D11F20355770E427E, 515737761BB2A0A233F4AD141E28D93E3B9789320A15B7D5FB3DB5AC3CD8E249 ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:06:38.0611 0x17d4  iusb3xhc - ok
12:06:38.0639 0x17d4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
12:06:38.0646 0x17d4  kbdclass - ok
12:06:38.0648 0x17d4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
12:06:38.0661 0x17d4  kbdhid - ok
12:06:38.0686 0x17d4  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] KeyIso          C:\Windows\system32\lsass.exe
12:06:38.0693 0x17d4  KeyIso - ok
12:06:38.0706 0x17d4  [ BF69D973523D539A35807946C6DA7E16, 38F2C59B0857131961DBEA48C4A5DFA9BE7B564941935086B8DC8DBEF896F3EC ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
12:06:38.0712 0x17d4  KSecDD - ok
12:06:38.0725 0x17d4  [ 272C27711C8AA6E7815EE33F8ACA9C66, 0A5A10A7A3E87DB92E06395A6676B94FE8B7AD6704864075D443CDC9BABDB4DF ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
12:06:38.0733 0x17d4  KSecPkg - ok
12:06:38.0737 0x17d4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
12:06:38.0765 0x17d4  ksthunk - ok
12:06:38.0779 0x17d4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
12:06:38.0803 0x17d4  KtmRm - ok
12:06:38.0831 0x17d4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
12:06:38.0853 0x17d4  LanmanServer - ok
12:06:38.0878 0x17d4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:06:38.0905 0x17d4  LanmanWorkstation - ok
12:06:38.0931 0x17d4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
12:06:38.0950 0x17d4  lltdio - ok
12:06:38.0965 0x17d4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
12:06:38.0988 0x17d4  lltdsvc - ok
12:06:38.0997 0x17d4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
12:06:39.0033 0x17d4  lmhosts - ok
12:06:39.0064 0x17d4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
12:06:39.0071 0x17d4  LSI_FC - ok
12:06:39.0074 0x17d4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
12:06:39.0081 0x17d4  LSI_SAS - ok
12:06:39.0083 0x17d4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:06:39.0089 0x17d4  LSI_SAS2 - ok
12:06:39.0092 0x17d4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:06:39.0099 0x17d4  LSI_SCSI - ok
12:06:39.0111 0x17d4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
12:06:39.0131 0x17d4  luafv - ok
12:06:39.0169 0x17d4  [ A832517901EEF41C206D70FCEC89B275, 33D42BFDD88F4BD8B1639CC5105E814FF7167750566F5057555FFED6D5DD7754 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys
12:06:39.0178 0x17d4  LVRS64 - ok
12:06:39.0295 0x17d4  [ 644E919936A8017B5F205E7FE7EDD19F, AE0BE09DF7192B2E8504DA8D65928C59C62635E0C8D08C6A4EB2A15D512E3E52 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
12:06:39.0364 0x17d4  LVUVC64 - ok
12:06:39.0393 0x17d4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
12:06:39.0402 0x17d4  Mcx2Svc - ok
12:06:39.0404 0x17d4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
12:06:39.0409 0x17d4  megasas - ok
12:06:39.0414 0x17d4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
12:06:39.0423 0x17d4  MegaSR - ok
12:06:39.0453 0x17d4  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
12:06:39.0459 0x17d4  MEIx64 - ok
12:06:39.0536 0x17d4  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service F:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:06:39.0542 0x17d4  Microsoft Office Groove Audit Service - ok
12:06:39.0565 0x17d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
12:06:39.0601 0x17d4  MMCSS - ok
12:06:39.0627 0x17d4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
12:06:39.0645 0x17d4  Modem - ok
12:06:39.0654 0x17d4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
12:06:39.0662 0x17d4  monitor - ok
12:06:39.0679 0x17d4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
12:06:39.0684 0x17d4  mouclass - ok
12:06:39.0690 0x17d4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
12:06:39.0696 0x17d4  mouhid - ok
12:06:39.0731 0x17d4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
12:06:39.0737 0x17d4  mountmgr - ok
12:06:39.0771 0x17d4  [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:06:39.0779 0x17d4  MozillaMaintenance - ok
12:06:39.0792 0x17d4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
12:06:39.0799 0x17d4  mpio - ok
12:06:39.0813 0x17d4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
12:06:39.0831 0x17d4  mpsdrv - ok
12:06:39.0871 0x17d4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
12:06:39.0901 0x17d4  MpsSvc - ok
12:06:39.0927 0x17d4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
12:06:39.0935 0x17d4  MRxDAV - ok
12:06:39.0956 0x17d4  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
12:06:39.0964 0x17d4  mrxsmb - ok
12:06:39.0983 0x17d4  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:06:40.0007 0x17d4  mrxsmb10 - ok
12:06:40.0038 0x17d4  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:06:40.0046 0x17d4  mrxsmb20 - ok
12:06:40.0068 0x17d4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
12:06:40.0073 0x17d4  msahci - ok
12:06:40.0098 0x17d4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
12:06:40.0105 0x17d4  msdsm - ok
12:06:40.0115 0x17d4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
12:06:40.0136 0x17d4  MSDTC - ok
12:06:40.0149 0x17d4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
12:06:40.0167 0x17d4  Msfs - ok
12:06:40.0179 0x17d4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
12:06:40.0212 0x17d4  mshidkmdf - ok
12:06:40.0227 0x17d4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
12:06:40.0232 0x17d4  msisadrv - ok
12:06:40.0251 0x17d4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
12:06:40.0281 0x17d4  MSiSCSI - ok
12:06:40.0283 0x17d4  msiserver - ok
12:06:40.0301 0x17d4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
12:06:40.0319 0x17d4  MSKSSRV - ok
12:06:40.0328 0x17d4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
12:06:40.0346 0x17d4  MSPCLOCK - ok
12:06:40.0359 0x17d4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
12:06:40.0391 0x17d4  MSPQM - ok
12:06:40.0420 0x17d4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
12:06:40.0431 0x17d4  MsRPC - ok
12:06:40.0439 0x17d4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
12:06:40.0444 0x17d4  mssmbios - ok
12:06:40.0446 0x17d4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
12:06:40.0464 0x17d4  MSTEE - ok
12:06:40.0466 0x17d4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
12:06:40.0473 0x17d4  MTConfig - ok
12:06:40.0486 0x17d4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
12:06:40.0492 0x17d4  Mup - ok
12:06:40.0509 0x17d4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
12:06:40.0547 0x17d4  napagent - ok
12:06:40.0596 0x17d4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
12:06:40.0609 0x17d4  NativeWifiP - ok
12:06:40.0676 0x17d4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
12:06:40.0693 0x17d4  NDIS - ok
12:06:40.0720 0x17d4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
12:06:40.0756 0x17d4  NdisCap - ok
12:06:40.0770 0x17d4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
12:06:40.0805 0x17d4  NdisTapi - ok
12:06:40.0835 0x17d4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
12:06:40.0854 0x17d4  Ndisuio - ok
12:06:40.0878 0x17d4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
12:06:40.0905 0x17d4  NdisWan - ok
12:06:40.0938 0x17d4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
12:06:40.0956 0x17d4  NDProxy - ok
12:06:40.0992 0x17d4  [ DAED75AD4EE2BDD36457A90049DBFAF8, CF5310061B7C43507E5986C35A4404C6CDDF371AE695E95741C5391E6789B021 ] Neo_VPN         C:\Windows\system32\DRIVERS\Neo_0004.sys
12:06:40.0998 0x17d4  Neo_VPN - ok
12:06:41.0010 0x17d4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
12:06:41.0030 0x17d4  NetBIOS - ok
12:06:41.0037 0x17d4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
12:06:41.0071 0x17d4  NetBT - ok
12:06:41.0086 0x17d4  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] Netlogon        C:\Windows\system32\lsass.exe
12:06:41.0093 0x17d4  Netlogon - ok
12:06:41.0104 0x17d4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
12:06:41.0140 0x17d4  Netman - ok
12:06:41.0163 0x17d4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:41.0171 0x17d4  NetMsmqActivator - ok
12:06:41.0174 0x17d4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:41.0182 0x17d4  NetPipeActivator - ok
12:06:41.0201 0x17d4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
12:06:41.0227 0x17d4  netprofm - ok
12:06:41.0240 0x17d4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:41.0249 0x17d4  NetTcpActivator - ok
12:06:41.0252 0x17d4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:06:41.0260 0x17d4  NetTcpPortSharing - ok
12:06:41.0288 0x17d4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
12:06:41.0295 0x17d4  nfrd960 - ok
12:06:41.0315 0x17d4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
12:06:41.0327 0x17d4  NlaSvc - ok
12:06:41.0337 0x17d4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
12:06:41.0355 0x17d4  Npfs - ok
12:06:41.0389 0x17d4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
12:06:41.0409 0x17d4  nsi - ok
12:06:41.0417 0x17d4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
12:06:41.0443 0x17d4  nsiproxy - ok
12:06:41.0499 0x17d4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
12:06:41.0526 0x17d4  Ntfs - ok
12:06:41.0531 0x17d4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
12:06:41.0548 0x17d4  Null - ok
12:06:41.0590 0x17d4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
12:06:41.0597 0x17d4  nvraid - ok
12:06:41.0613 0x17d4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
12:06:41.0620 0x17d4  nvstor - ok
12:06:41.0664 0x17d4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
12:06:41.0670 0x17d4  nv_agp - ok
12:06:41.0732 0x17d4  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:06:41.0742 0x17d4  odserv - ok
12:06:41.0764 0x17d4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
12:06:41.0772 0x17d4  ohci1394 - ok
12:06:41.0793 0x17d4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:06:41.0800 0x17d4  ose - ok
12:06:41.0826 0x17d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
12:06:41.0852 0x17d4  p2pimsvc - ok
12:06:41.0878 0x17d4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
12:06:41.0908 0x17d4  p2psvc - ok
12:06:41.0921 0x17d4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
12:06:41.0929 0x17d4  Parport - ok
12:06:41.0949 0x17d4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
12:06:41.0955 0x17d4  partmgr - ok
12:06:41.0976 0x17d4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
12:06:41.0998 0x17d4  PcaSvc - ok
12:06:42.0015 0x17d4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
12:06:42.0023 0x17d4  pci - ok
12:06:42.0042 0x17d4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
12:06:42.0047 0x17d4  pciide - ok
12:06:42.0051 0x17d4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
12:06:42.0059 0x17d4  pcmcia - ok
12:06:42.0084 0x17d4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
12:06:42.0090 0x17d4  pcw - ok
12:06:42.0110 0x17d4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
12:06:42.0126 0x17d4  PEAUTH - ok
12:06:42.0174 0x17d4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
12:06:42.0198 0x17d4  PeerDistSvc - ok
12:06:42.0258 0x17d4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
12:06:42.0277 0x17d4  PerfHost - ok
12:06:42.0330 0x17d4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
12:06:42.0366 0x17d4  pla - ok
12:06:42.0402 0x17d4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
12:06:42.0415 0x17d4  PlugPlay - ok
12:06:42.0429 0x17d4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
12:06:42.0436 0x17d4  PNRPAutoReg - ok
12:06:42.0442 0x17d4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
12:06:42.0452 0x17d4  PNRPsvc - ok
12:06:42.0474 0x17d4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
12:06:42.0509 0x17d4  PolicyAgent - ok
12:06:42.0535 0x17d4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
12:06:42.0557 0x17d4  Power - ok
12:06:42.0600 0x17d4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
12:06:42.0632 0x17d4  PptpMiniport - ok
12:06:42.0644 0x17d4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
12:06:42.0665 0x17d4  Processor - ok
12:06:42.0686 0x17d4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
12:06:42.0697 0x17d4  ProfSvc - ok
12:06:42.0708 0x17d4  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] ProtectedStorage C:\Windows\system32\lsass.exe
12:06:42.0716 0x17d4  ProtectedStorage - ok
12:06:42.0736 0x17d4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
12:06:42.0755 0x17d4  Psched - ok
12:06:42.0790 0x17d4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
12:06:42.0814 0x17d4  ql2300 - ok
12:06:42.0819 0x17d4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
12:06:42.0825 0x17d4  ql40xx - ok
12:06:42.0841 0x17d4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
12:06:42.0855 0x17d4  QWAVE - ok
12:06:42.0867 0x17d4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
12:06:42.0876 0x17d4  QWAVEdrv - ok
12:06:42.0878 0x17d4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
12:06:42.0909 0x17d4  RasAcd - ok
12:06:42.0935 0x17d4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
12:06:42.0953 0x17d4  RasAgileVpn - ok
12:06:42.0962 0x17d4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
12:06:42.0983 0x17d4  RasAuto - ok
12:06:42.0989 0x17d4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
12:06:43.0008 0x17d4  Rasl2tp - ok
12:06:43.0024 0x17d4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
12:06:43.0048 0x17d4  RasMan - ok
12:06:43.0056 0x17d4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
12:06:43.0085 0x17d4  RasPppoe - ok
12:06:43.0116 0x17d4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
12:06:43.0151 0x17d4  RasSstp - ok
12:06:43.0171 0x17d4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
12:06:43.0193 0x17d4  rdbss - ok
12:06:43.0205 0x17d4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
12:06:43.0213 0x17d4  rdpbus - ok
12:06:43.0233 0x17d4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
12:06:43.0260 0x17d4  RDPCDD - ok
12:06:43.0275 0x17d4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
12:06:43.0298 0x17d4  RDPDR - ok
12:06:43.0309 0x17d4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
12:06:43.0328 0x17d4  RDPENCDD - ok
12:06:43.0330 0x17d4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
12:06:43.0349 0x17d4  RDPREFMP - ok
12:06:43.0427 0x17d4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:06:43.0441 0x17d4  RdpVideoMiniport - ok
12:06:43.0467 0x17d4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
12:06:43.0477 0x17d4  RDPWD - ok
12:06:43.0495 0x17d4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
12:06:43.0503 0x17d4  rdyboost - ok
12:06:43.0527 0x17d4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
12:06:43.0562 0x17d4  RemoteAccess - ok
12:06:43.0609 0x17d4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
12:06:43.0631 0x17d4  RemoteRegistry - ok
12:06:43.0639 0x17d4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
12:06:43.0670 0x17d4  RpcEptMapper - ok
12:06:43.0691 0x17d4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
12:06:43.0706 0x17d4  RpcLocator - ok
12:06:43.0739 0x17d4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
12:06:43.0765 0x17d4  RpcSs - ok
12:06:43.0772 0x17d4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
12:06:43.0791 0x17d4  rspndr - ok
12:06:43.0811 0x17d4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
12:06:43.0818 0x17d4  s3cap - ok
12:06:43.0830 0x17d4  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] SamSs           C:\Windows\system32\lsass.exe
12:06:43.0838 0x17d4  SamSs - ok
12:06:43.0852 0x17d4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
12:06:43.0858 0x17d4  sbp2port - ok
12:06:43.0875 0x17d4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
12:06:43.0898 0x17d4  SCardSvr - ok
12:06:43.0917 0x17d4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
12:06:43.0936 0x17d4  scfilter - ok
12:06:43.0957 0x17d4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
12:06:44.0006 0x17d4  Schedule - ok
12:06:44.0029 0x17d4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
12:06:44.0048 0x17d4  SCPolicySvc - ok
12:06:44.0060 0x17d4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
12:06:44.0071 0x17d4  SDRSVC - ok
12:06:44.0142 0x17d4  [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService F:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
12:06:44.0169 0x17d4  SDScannerService - ok
12:06:44.0255 0x17d4  [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService F:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
12:06:44.0286 0x17d4  SDUpdateService - ok
12:06:44.0301 0x17d4  [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService    F:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
12:06:44.0308 0x17d4  SDWSCService - ok
12:06:44.0335 0x17d4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
12:06:44.0370 0x17d4  secdrv - ok
12:06:44.0393 0x17d4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
12:06:44.0427 0x17d4  seclogon - ok
12:06:44.0445 0x17d4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
12:06:44.0481 0x17d4  SENS - ok
12:06:44.0498 0x17d4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
12:06:44.0507 0x17d4  SensrSvc - ok
12:06:44.0530 0x17d4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
12:06:44.0541 0x17d4  Serenum - ok
12:06:44.0550 0x17d4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
12:06:44.0565 0x17d4  Serial - ok
12:06:44.0575 0x17d4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
12:06:44.0597 0x17d4  sermouse - ok
12:06:44.0629 0x17d4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
12:06:44.0650 0x17d4  SessionEnv - ok
12:06:44.0692 0x17d4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
12:06:44.0699 0x17d4  sffdisk - ok
12:06:44.0707 0x17d4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
12:06:44.0727 0x17d4  sffp_mmc - ok
12:06:44.0738 0x17d4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
12:06:44.0746 0x17d4  sffp_sd - ok
12:06:44.0754 0x17d4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
12:06:44.0760 0x17d4  sfloppy - ok
12:06:44.0783 0x17d4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
12:06:44.0807 0x17d4  SharedAccess - ok
12:06:44.0828 0x17d4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:06:44.0862 0x17d4  ShellHWDetection - ok
12:06:44.0864 0x17d4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:06:44.0870 0x17d4  SiSRaid2 - ok
12:06:44.0872 0x17d4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
12:06:44.0879 0x17d4  SiSRaid4 - ok
12:06:44.0897 0x17d4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
12:06:44.0932 0x17d4  Smb - ok
12:06:44.0947 0x17d4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
12:06:44.0956 0x17d4  SNMPTRAP - ok
12:06:44.0965 0x17d4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
12:06:44.0971 0x17d4  spldr - ok
12:06:44.0991 0x17d4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
12:06:45.0005 0x17d4  Spooler - ok
12:06:45.0092 0x17d4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
12:06:45.0156 0x17d4  sppsvc - ok
12:06:45.0171 0x17d4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
12:06:45.0191 0x17d4  sppuinotify - ok
12:06:45.0217 0x17d4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
12:06:45.0229 0x17d4  srv - ok
12:06:45.0245 0x17d4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
12:06:45.0273 0x17d4  srv2 - ok
12:06:45.0291 0x17d4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
12:06:45.0310 0x17d4  srvnet - ok
12:06:45.0324 0x17d4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
12:06:45.0362 0x17d4  SSDPSRV - ok
12:06:45.0376 0x17d4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
12:06:45.0397 0x17d4  SstpSvc - ok
12:06:45.0431 0x17d4  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
12:06:45.0439 0x17d4  ssudmdm - ok
12:06:45.0490 0x17d4  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:06:45.0505 0x17d4  Steam Client Service - ok
12:06:45.0513 0x17d4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
12:06:45.0519 0x17d4  stexstor - ok
12:06:45.0541 0x17d4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
12:06:45.0573 0x17d4  stisvc - ok
12:06:45.0601 0x17d4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
12:06:45.0607 0x17d4  storflt - ok
12:06:45.0621 0x17d4  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll
12:06:45.0640 0x17d4  StorSvc - ok
12:06:45.0653 0x17d4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
12:06:45.0659 0x17d4  storvsc - ok
12:06:45.0669 0x17d4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
12:06:45.0675 0x17d4  swenum - ok
12:06:45.0784 0x17d4  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:06:45.0795 0x17d4  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:06:48.0767 0x17d4  Detect skipped due to KSN trusted
12:06:48.0767 0x17d4  SwitchBoard - ok
12:06:48.0784 0x17d4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
12:06:48.0817 0x17d4  swprv - ok
12:06:48.0867 0x17d4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
12:06:48.0900 0x17d4  SysMain - ok
12:06:48.0924 0x17d4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:06:48.0945 0x17d4  TabletInputService - ok
12:06:48.0961 0x17d4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
12:06:48.0984 0x17d4  TapiSrv - ok
12:06:48.0996 0x17d4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
12:06:49.0016 0x17d4  TBS - ok
12:06:49.0063 0x17d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
12:06:49.0093 0x17d4  Tcpip - ok
12:06:49.0130 0x17d4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
12:06:49.0159 0x17d4  TCPIP6 - ok
12:06:49.0176 0x17d4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
12:06:49.0182 0x17d4  tcpipreg - ok
12:06:49.0188 0x17d4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
12:06:49.0211 0x17d4  TDPIPE - ok
12:06:49.0228 0x17d4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
12:06:49.0241 0x17d4  TDTCP - ok
12:06:49.0259 0x17d4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
12:06:49.0266 0x17d4  tdx - ok
12:06:49.0278 0x17d4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
12:06:49.0285 0x17d4  TermDD - ok
12:06:49.0320 0x17d4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
12:06:49.0336 0x17d4  TermService - ok
12:06:49.0342 0x17d4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
12:06:49.0364 0x17d4  Themes - ok
12:06:49.0380 0x17d4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
12:06:49.0399 0x17d4  THREADORDER - ok
12:06:49.0416 0x17d4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
12:06:49.0444 0x17d4  TrkWks - ok
12:06:49.0486 0x17d4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:06:49.0516 0x17d4  TrustedInstaller - ok
12:06:49.0545 0x17d4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
12:06:49.0551 0x17d4  tssecsrv - ok
12:06:49.0581 0x17d4  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
12:06:49.0587 0x17d4  TsUsbFlt - ok
12:06:49.0620 0x17d4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
12:06:49.0648 0x17d4  tunnel - ok
12:06:49.0657 0x17d4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
12:06:49.0663 0x17d4  uagp35 - ok
12:06:49.0683 0x17d4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
12:06:49.0716 0x17d4  udfs - ok
12:06:49.0734 0x17d4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
12:06:49.0743 0x17d4  UI0Detect - ok
12:06:49.0766 0x17d4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
12:06:49.0772 0x17d4  uliagpkx - ok
12:06:49.0788 0x17d4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
12:06:49.0807 0x17d4  umbus - ok
12:06:49.0824 0x17d4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
12:06:49.0839 0x17d4  UmPass - ok
12:06:49.0862 0x17d4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
12:06:49.0886 0x17d4  UmRdpService - ok
12:06:49.0953 0x17d4  [ AEBE8F338432F9DE5AE0CAE4D4BAED76, A11DE1BAEF6E0D30B8801C0AEC589F0DA6FEC5E010BD6A18584D96E0AF9243B8 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
12:06:49.0964 0x17d4  UMVPFSrv - ok
12:06:49.0978 0x17d4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
12:06:50.0002 0x17d4  upnphost - ok
12:06:50.0033 0x17d4  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
12:06:50.0040 0x17d4  usbaudio - ok
12:06:50.0067 0x17d4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
12:06:50.0074 0x17d4  usbccgp - ok
12:06:50.0087 0x17d4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
12:06:50.0094 0x17d4  usbcir - ok
12:06:50.0104 0x17d4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys
12:06:50.0124 0x17d4  usbehci - ok
12:06:50.0145 0x17d4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
12:06:50.0163 0x17d4  usbhub - ok
12:06:50.0181 0x17d4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
12:06:50.0197 0x17d4  usbohci - ok
12:06:50.0227 0x17d4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
12:06:50.0235 0x17d4  usbprint - ok
12:06:50.0242 0x17d4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:06:50.0249 0x17d4  USBSTOR - ok
12:06:50.0260 0x17d4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
12:06:50.0267 0x17d4  usbuhci - ok
12:06:50.0281 0x17d4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
12:06:50.0301 0x17d4  UxSms - ok
12:06:50.0319 0x17d4  [ 17A6A9AAD04CCC6EE53290585BFC43AF, E4901D86C6470D21ABA0F6D9615A613E5C74A3FEF931E497F51B6AFA5715332B ] VaultSvc        C:\Windows\system32\lsass.exe
12:06:50.0327 0x17d4  VaultSvc - ok
12:06:50.0348 0x17d4  [ EB2461E88E1E9F2243FAA3F167BFB94E, 1A7E51BC964CC42A2839FE6DB20A7E2E695E827B62851B0B25CCDB091A144D24 ] VBoxAswDrv      F:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
12:06:50.0357 0x17d4  VBoxAswDrv - ok
12:06:50.0372 0x17d4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
12:06:50.0378 0x17d4  vdrvroot - ok
12:06:50.0392 0x17d4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
12:06:50.0418 0x17d4  vds - ok
12:06:50.0420 0x17d4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
12:06:50.0428 0x17d4  vga - ok
12:06:50.0434 0x17d4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
12:06:50.0451 0x17d4  VgaSave - ok
12:06:50.0472 0x17d4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
12:06:50.0480 0x17d4  vhdmp - ok
12:06:50.0494 0x17d4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
12:06:50.0500 0x17d4  viaide - ok
12:06:50.0511 0x17d4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
12:06:50.0518 0x17d4  vmbus - ok
12:06:50.0535 0x17d4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
12:06:50.0541 0x17d4  VMBusHID - ok
12:06:50.0552 0x17d4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
12:06:50.0559 0x17d4  volmgr - ok
12:06:50.0577 0x17d4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
12:06:50.0587 0x17d4  volmgrx - ok
12:06:50.0600 0x17d4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
12:06:50.0610 0x17d4  volsnap - ok
12:06:50.0618 0x17d4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
12:06:50.0625 0x17d4  vsmraid - ok
12:06:50.0661 0x17d4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
12:06:50.0701 0x17d4  VSS - ok
12:06:50.0709 0x17d4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
12:06:50.0724 0x17d4  vwifibus - ok
12:06:50.0760 0x17d4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
12:06:50.0802 0x17d4  W32Time - ok
12:06:50.0805 0x17d4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
12:06:50.0818 0x17d4  WacomPen - ok
12:06:50.0836 0x17d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
12:06:50.0856 0x17d4  WANARP - ok
12:06:50.0859 0x17d4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
12:06:50.0876 0x17d4  Wanarpv6 - ok
12:06:50.0940 0x17d4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
12:06:50.0962 0x17d4  WatAdminSvc - ok
12:06:51.0002 0x17d4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
12:06:51.0030 0x17d4  wbengine - ok
12:06:51.0048 0x17d4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
12:06:51.0073 0x17d4  WbioSrvc - ok
12:06:51.0096 0x17d4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
12:06:51.0111 0x17d4  wcncsvc - ok
12:06:51.0117 0x17d4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:06:51.0137 0x17d4  WcsPlugInService - ok
12:06:51.0140 0x17d4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
12:06:51.0145 0x17d4  Wd - ok
12:06:51.0183 0x17d4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
12:06:51.0200 0x17d4  Wdf01000 - ok
12:06:51.0236 0x17d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
12:06:51.0245 0x17d4  WdiServiceHost - ok
12:06:51.0248 0x17d4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
12:06:51.0256 0x17d4  WdiSystemHost - ok
12:06:51.0276 0x17d4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
12:06:51.0289 0x17d4  WebClient - ok
12:06:51.0302 0x17d4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
12:06:51.0330 0x17d4  Wecsvc - ok
12:06:51.0341 0x17d4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
12:06:51.0362 0x17d4  wercplsupport - ok
12:06:51.0372 0x17d4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
12:06:51.0404 0x17d4  WerSvc - ok
12:06:51.0415 0x17d4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
12:06:51.0432 0x17d4  WfpLwf - ok
12:06:51.0434 0x17d4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
12:06:51.0440 0x17d4  WIMMount - ok
12:06:51.0450 0x17d4  WinDefend - ok
12:06:51.0453 0x17d4  WinHttpAutoProxySvc - ok
12:06:51.0487 0x17d4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
12:06:51.0525 0x17d4  Winmgmt - ok
12:06:51.0588 0x17d4  WinRing0_1_2_0 - ok
12:06:51.0660 0x17d4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
12:06:51.0694 0x17d4  WinRM - ok
12:06:51.0727 0x17d4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
12:06:51.0735 0x17d4  WinUsb - ok
12:06:51.0755 0x17d4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
12:06:51.0786 0x17d4  Wlansvc - ok
12:06:51.0818 0x17d4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
12:06:51.0832 0x17d4  WmiAcpi - ok
12:06:51.0851 0x17d4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
12:06:51.0876 0x17d4  wmiApSrv - ok
12:06:51.0892 0x17d4  WMPNetworkSvc - ok
12:06:51.0902 0x17d4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
12:06:51.0918 0x17d4  WPCSvc - ok
12:06:51.0933 0x17d4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
12:06:51.0943 0x17d4  WPDBusEnum - ok
12:06:51.0951 0x17d4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
12:06:51.0970 0x17d4  ws2ifsl - ok
12:06:51.0980 0x17d4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
12:06:51.0992 0x17d4  wscsvc - ok
12:06:51.0993 0x17d4  WSearch - ok
12:06:52.0062 0x17d4  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
12:06:52.0103 0x17d4  wuauserv - ok
12:06:52.0134 0x17d4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
12:06:52.0152 0x17d4  WudfPf - ok
12:06:52.0174 0x17d4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
12:06:52.0183 0x17d4  WUDFRd - ok
12:06:52.0209 0x17d4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
12:06:52.0217 0x17d4  wudfsvc - ok
12:06:52.0237 0x17d4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
12:06:52.0248 0x17d4  WwanSvc - ok
12:06:52.0268 0x17d4  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B, 2C324592F3F2D50BABA7123B6F9FC922667CC132777E019FF615F2D6F273A45E ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
12:06:52.0275 0x17d4  xusb21 - ok
12:06:52.0284 0x17d4  ================ Scan global ===============================
12:06:52.0302 0x17d4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:06:52.0323 0x17d4  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
12:06:52.0331 0x17d4  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
12:06:52.0343 0x17d4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:06:52.0372 0x17d4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
12:06:52.0377 0x17d4  [ Global ] - ok
12:06:52.0377 0x17d4  ================ Scan MBR ==================================
12:06:52.0383 0x17d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
12:06:52.0645 0x17d4  \Device\Harddisk2\DR2 - ok
12:06:52.0646 0x17d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:06:52.0709 0x17d4  \Device\Harddisk0\DR0 - ok
12:06:52.0711 0x17d4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:06:52.0757 0x17d4  \Device\Harddisk1\DR1 - ok
12:06:52.0757 0x17d4  ================ Scan VBR ==================================
12:06:52.0758 0x17d4  [ B17CE3A585549A025394D8F978E1327A ] \Device\Harddisk2\DR2\Partition1
12:06:52.0793 0x17d4  \Device\Harddisk2\DR2\Partition1 - ok
12:06:52.0794 0x17d4  [ C6763D736E00D3CFFB8A1BF1560D5138 ] \Device\Harddisk2\DR2\Partition2
12:06:52.0840 0x17d4  \Device\Harddisk2\DR2\Partition2 - ok
12:06:52.0841 0x17d4  [ 1024FCDCBA47AEEA03FBB015F1AE863E ] \Device\Harddisk2\DR2\Partition3
12:06:52.0885 0x17d4  \Device\Harddisk2\DR2\Partition3 - ok
12:06:52.0885 0x17d4  [ 858BC5B924D5D09C1540B5EC8AE17C04 ] \Device\Harddisk2\DR2\Partition4
12:06:52.0886 0x17d4  \Device\Harddisk2\DR2\Partition4 - ok
12:06:52.0887 0x17d4  [ CC0759E551D05A4A71E3D4198143E0E9 ] \Device\Harddisk0\DR0\Partition1
12:06:52.0926 0x17d4  \Device\Harddisk0\DR0\Partition1 - ok
12:06:52.0927 0x17d4  [ FC24DCC54343EB673F9AB0AB3B18684D ] \Device\Harddisk1\DR1\Partition1
12:06:52.0928 0x17d4  \Device\Harddisk1\DR1\Partition1 - ok
12:06:52.0928 0x17d4  ================ Scan generic autorun ======================
12:06:53.0000 0x17d4  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\syswow64\RunDll32.exe
12:06:53.0008 0x17d4  Cmaudio8788 - ok
12:06:53.0042 0x17d4  [ 094E4E76FB9AB960A73F841BC6733F42, 01C1BFF17BEC6588E192EC4D7ACB74FC9B95ECA7CB8BB9585B04FC8EA73C3B43 ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
12:06:53.0050 0x17d4  USB3MON - ok
12:06:53.0164 0x17d4  [ 65C6AA484AD2287D20541C7735989437, 1842787640391F4A4CD9ED0A531298A61F4B2FB09BEC98FEE256313AFB458EDB ] F:\Program Files\AVAST Software\Avast\AvastUI.exe
12:06:53.0241 0x17d4  AvastUI.exe - ok
12:06:53.0261 0x17d4  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] F:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
12:06:53.0266 0x17d4  GrooveMonitor - ok
12:06:53.0422 0x17d4  [ D9F25B1C673DEEF18A45AD2080DC9A5E, 76C4E520099F0CF3556158B6C154B68E4F954D4CA6A1851FB08979207F482200 ] F:\Program Files\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
12:06:53.0436 0x17d4  StartCCC - ok
12:06:53.0469 0x17d4  Dropbox - ok
12:06:53.0513 0x17d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:06:53.0535 0x17d4  Sidebar - ok
12:06:53.0551 0x17d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:06:53.0561 0x17d4  mctadmin - ok
12:06:53.0591 0x17d4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:06:53.0613 0x17d4  Sidebar - ok
12:06:53.0616 0x17d4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:06:53.0627 0x17d4  mctadmin - ok
12:06:53.0658 0x17d4  [ 406E7DF08CE79BE3016CC6D15E2ED956, 9DA8D10AE642B9411A3EB253F97918A6F470F1772F0057964267497CE0BDA53A ] F:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe
12:06:53.0666 0x17d4  Dxtory Update Checker 2.0 - detected UnsignedFile.Multi.Generic ( 1 )
12:06:56.0625 0x17d4  Detect skipped due to KSN trusted
12:06:56.0625 0x17d4  Dxtory Update Checker 2.0 - ok
12:06:56.0625 0x17d4  Waiting for KSN requests completion. In queue: 97
12:06:57.0625 0x17d4  Waiting for KSN requests completion. In queue: 97
12:06:58.0625 0x17d4  Waiting for KSN requests completion. In queue: 97
12:06:59.0668 0x17d4  AV detected via SS2: avast! Antivirus, F:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41000 ( enabled : updated )
12:06:59.0669 0x17d4  FW detected via SS2: avast! Antivirus, F:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2218.942 ), 0x41010 ( enabled )
12:07:02.0045 0x17d4  ============================================================
12:07:02.0045 0x17d4  Scan finished
12:07:02.0045 0x17d4  ============================================================
12:07:02.0049 0x15a0  Detected object count: 0
12:07:02.0049 0x15a0  Actual detected object count: 0
         
Den Logs nach zu urteilen ist mein System sauber, nur was das bei Hackern zu bedeuten hat ist die Frage. Kann er es auch ohne Trojaner/Virus bewerkstelligen, sodass mein System sauber aussieht, aber es nicht ist? Ich kann mir nur vorstellen, dass es ein Hacker gewesen sein muss, weil er auch eine unbeteiligte Person angerufen hat...

Alt 15.07.2015, 12:27   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



er braucht physischen Zugrif zum PC. oder direkten Zugrif mit Teamviewer, Steam, whatever.

In der Theorie kann ein Profi das aber so machen, das nix gefunden wird.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 15.07.2015, 16:01   #8
KlausH123
 
Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Gibt es weitere Tools oder Möglichkeiten das zu testen?
So wie es bisher scheint würde ich ja vermuten, dass jemand aus dem privaten Umfeld sich einen Scherz erlaubt hat. Nur das später auch eine mir relativ unbekannte Person "angegeriffen" wurde macht mich total stutzig.

Alt 16.07.2015, 07:42   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Du kannst mit der Rescue CD mit Linux booten und das System von aussen scannen. Du kannst nen Offline MBR Dump ziehen und den scannen lassen, oder im Hexeditor von Hand prüfen.

Aber ich sag Dir schon jetzt: Da wird nix bei rum kommen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.07.2015, 23:04   #10
KlausH123
 
Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Also einfach damit leben?

Alt 17.07.2015, 10:57   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Naja, as said, rein theoretisch: Ein Pro, mit Zugang zum Rechner, kann da was einbauen was kein Mensch findet, auch kein Scanner.

Aber dazu müsstest Du schon immens intressant sein damit sich einer die Mühe macht. Wenn Du Angst hast, und auf Nummer sicher gehen willst, musst du alles formatieren und neuaufsetzen, und alle Passwörter ändern.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.07.2015, 17:20   #12
KlausH123
 
Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Okay, dann vielen Dank für die Hilfe!

Alt 18.07.2015, 09:31   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Vermutlich Gehackt. Was tun? - Standard

Vermutlich Gehackt. Was tun?



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Vermutlich Gehackt. Was tun?
adobe, antivirus, avast, bho, browser, email, explorer, firefox, firewall, flash player, hijack, hijackthis, hkus\s-1-5-18, internet, internet explorer, logfile, mozilla, security, senden, software, system, trojaner, usb, viren, windows, wlan



Ähnliche Themen: Vermutlich Gehackt. Was tun?


  1. Videoportal Twitch vermutlich gehackt
    Nachrichten - 24.03.2015 (0)
  2. Trojaner-Hersteller FinFisher wurde vermutlich gehackt
    Nachrichten - 07.08.2014 (0)
  3. Mein Email Account wurde vermutlich gehackt
    Plagegeister aller Art und deren Bekämpfung - 05.08.2014 (12)
  4. vermutlich BKA Virus
    Log-Analyse und Auswertung - 11.08.2013 (9)
  5. Vista und vermutlich GVU Trojaner ?
    Plagegeister aller Art und deren Bekämpfung - 05.04.2013 (6)
  6. pc hat vermutlich viren, spy und Co. :(
    Log-Analyse und Auswertung - 08.07.2011 (9)
  7. Vermutlich Keylogger im System
    Plagegeister aller Art und deren Bekämpfung - 07.02.2011 (17)
  8. [Gehackt]Gehackt dank nem kleinen Bruder
    Plagegeister aller Art und deren Bekämpfung - 03.02.2011 (2)
  9. Vermutlich Trojaner auf dem PC - was tun?
    Antiviren-, Firewall- und andere Schutzprogramme - 05.07.2010 (1)
  10. Hilfe mit Hijacklog -> (gehackt- vermutlich ein Keylogger)
    Log-Analyse und Auswertung - 01.06.2009 (3)
  11. Vermutlich Tjojaner Befall!
    Log-Analyse und Auswertung - 10.02.2009 (3)
  12. Vundo/Virtumonde (vermutlich)
    Plagegeister aller Art und deren Bekämpfung - 07.01.2009 (27)
  13. Trojaner vermutlich B.tmp.exe
    Plagegeister aller Art und deren Bekämpfung - 05.12.2008 (2)
  14. Amazon Account gehackt + E-mail gehackt !
    Plagegeister aller Art und deren Bekämpfung - 05.05.2008 (16)
  15. Vermutlich Vundo.Gen
    Log-Analyse und Auswertung - 06.04.2008 (1)
  16. Vermutlich ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 16.12.2007 (7)
  17. Vermutlich ein Backdoor
    Log-Analyse und Auswertung - 15.01.2005 (18)

Zum Thema Vermutlich Gehackt. Was tun? - Hallo werte Mitglieder des Trojaner Boards, ich habe die Befürchtung, dass ich Opfer eines Hackers bin. Der Verdacht beruht darauf, dass ich einen Drohanruf (Morddrohungen etc.) auf mein Handy bekam, - Vermutlich Gehackt. Was tun?...
Archiv
Du betrachtest: Vermutlich Gehackt. Was tun? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.