Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Telekom Abuse Team warnt vor Bedrohung.

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.12.2014, 14:44   #1
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Hallo Trojaner Board,

ich habe eine E-Mail der Telekom erhalten, in der auf einen potenziellen Trojanerbefall von mindestens einem Rechner im Netz gesprochen wird.

Zitat:
Sehr geehrte Kundin,
sehr geehrter Kunde,

uns liegen Hinweise von Sicherheitsexperten vor, dass mindestens ein
Rechner, der sich über Ihren Internetzugang mit dem Internet verbindet,
mit einem Virus/Trojaner infiziert ist.

Die folgende IP-Adresse war zu dem genannten Zeitpunkt Ihnen zugeordnet:

IP-Adresse: XX.XXX.XX.XXX
Zeitangabe: 26.12.2014, 21:48:55 (MEZ)
Ich bin mit der Meldung ziemlich überfordert. Ich habe zwar bereits Avast Antivirus am laufen(bisher keine Funde), vertraue diesem aber nicht wirklich, deswegen frage ich hier nach Hilfe.

In meinem Haushalt befinden sich derzeit 2 Windows-Rechner, sowie 2 Mac-Books am Netzwerk. Zusätzlich ist das ganze über einen NAS zum Datenaustausch verkoppelt.

Ich hoffe jemand von euch kann mir Helfen

Freundliche Grüße

Alt 28.12.2014, 15:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



hi,

von den Windows Rechnern:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 28.12.2014, 15:50   #3
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Schon mal Danke für die Hilfe, habe jetzt auf beiden PCs die Programme laufen lassen.

PC 1:
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pascal (administrator) on PASCALS-PC on 28-12-2014 16:41:03
Running from C:\Users\Pascal\Downloads
Loaded Profile: Pascal (Available profiles: Pascal)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(BUFFALO INC.) E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) E:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
() E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) E:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) E:\Program Files (x86)\Battle.net\Battle.net.5383\Battle.net.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Razer Inc.) E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) E:\Program Files (x86)\Common Files\Steam\SteamService.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
(Razer, Inc.) E:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
(Razer, Inc.) C:\Users\Pascal\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
(Oracle Corporation) E:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Skype Technologies S.A.) E:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies) E:\Program Files (x86)\Skype\Updater\Updater.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => E:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-09] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => E:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [224128 2014-06-16] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-20] (Valve Corporation)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Battle.net] => E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2864688 2014-12-10] (Blizzard Entertainment)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-26] (Electronic Arts)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED] => E:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
AppInit_DLLs: E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1317152 2013-12-16] (Conduit)
AppInit_DLLs-x32: E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1009440 2013-12-16] (Conduit)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> E:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3314958&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SP458F5A41-0949-48B7-95C9-4438B8D5A1CF&q={searchTerms}&SSPV=
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: No Name -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} ->  No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_32.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
Toolbar: HKLM-x32 - No Name - {553891B7-A0D5-4526-BE18-D3CE461D6310} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default
FF DefaultSearchEngine: Microsoft (Bing)
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> E:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> E:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> E:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> E:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: ubisoft.com/uplaypc -> E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\searchplugins\bing-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-20]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (ZenMate) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-09]
CHR Extension: (Twitch Live) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-08-30]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2014-07-07]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (avast! Online Security) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-09] (AVAST Software)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 DAUpdaterSvc; E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 gupdate; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-08-01] (Apple Inc.)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [118896 2014-02-13] (Mozilla Foundation)
R2 NasPmService; E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-26] (Electronic Arts)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
R3 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-12] ()
R2 Razer Game Scanner Service; E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
R2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
R3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-12-20] (Valve Corporation)
R2 Stereo Service; E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768 2014-12-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-09] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-11-21] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-09] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-09] ()
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [37888 2014-09-02] (LogMeIn Inc.) [File not signed]
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 16:41 - 2014-12-28 16:41 - 00024387 _____ () C:\Users\Pascal\Downloads\FRST.txt
2014-12-28 16:41 - 2014-12-28 16:41 - 00000000 ____D () C:\FRST
2014-12-28 16:29 - 2014-12-28 16:29 - 02123264 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2014-12-28 01:34 - 2014-12-28 16:40 - 00000000 ____D () E:\Program Files (x86)\Mod Organizer
2014-12-28 01:34 - 2014-12-28 01:34 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2014-12-27 19:52 - 2014-12-27 19:52 - 00002032 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-27 19:52 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-27 19:51 - 2014-12-27 19:52 - 00000000 ____D () C:\WINDOWS\LastGood
2014-12-27 19:51 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-27 19:51 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-27 19:51 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-27 19:51 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-27 19:51 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-27 04:12 - 2014-12-27 18:55 - 00000000 ____D () C:\ENB FXAA SweetFX Manager
2014-12-26 02:06 - 2014-12-27 21:03 - 00000000 ____D () C:\Users\Pascal\Downloads\Skyrim
2014-12-26 01:33 - 2014-12-26 01:34 - 18816637 _____ () C:\Users\Pascal\Desktop\Mod Organizer v1_2_14 installer-1334-1-2-14.exe
2014-12-25 23:00 - 2014-12-25 23:00 - 00012678 _____ () C:\Users\Pascal\Desktop\Mods.csv
2014-12-25 18:22 - 2014-12-25 18:22 - 00000000 ____D () C:\Users\Pascal\AppData\Local\RzStats
2014-12-24 16:10 - 2014-12-24 16:10 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-24 16:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-24 16:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-24 01:20 - 2014-11-17 22:37 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2014-12-24 01:19 - 2014-12-24 01:19 - 00068072 _____ () C:\WINDOWS\DPINST.LOG
2014-12-24 01:19 - 2014-10-31 23:27 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-12-12 15:47 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 15:47 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 23:18 - 2014-12-10 23:18 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 16:02 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 16:02 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 15:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 15:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 15:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 15:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 15:56 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 15:56 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 15:56 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 15:56 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 15:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 15:56 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 15:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 15:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 15:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 15:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 15:55 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 15:55 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 15:55 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 15:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 15:55 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-04 16:15 - 2014-12-04 16:15 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Risk_of_Rain

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 16:41 - 2013-10-20 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-12-28 16:38 - 2014-03-16 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\ClassicShell
2014-12-28 16:37 - 2013-10-20 15:26 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Battle.net
2014-12-28 16:35 - 2013-10-20 12:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1010802133-681624663-1200860190-1001
2014-12-28 16:21 - 2014-03-31 14:49 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 16:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-28 15:59 - 2014-03-16 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-28 15:48 - 2013-10-20 14:21 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-12-28 15:25 - 2014-08-06 00:56 - 01618609 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-28 14:54 - 2013-10-20 14:10 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CE681B-6CA3-4450-AB68-D7D283842AA0}
2014-12-28 14:51 - 2014-03-31 14:49 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-28 03:05 - 2014-08-06 15:59 - 00000000 ____D () E:\Program Files (x86)\RivaTuner Statistics Server
2014-12-28 00:34 - 2013-11-05 18:57 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-12-27 19:52 - 2014-08-11 00:05 - 00005484 _____ () C:\WINDOWS\setupact.log
2014-12-27 19:52 - 2014-03-16 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-27 19:52 - 2013-10-20 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-27 18:29 - 2014-10-07 18:19 - 00000000 ___RD () E:\Program Files (x86)\Skype
2014-12-27 18:29 - 2013-10-20 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-26 20:33 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-26 20:33 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-26 20:33 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-26 20:27 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-26 02:05 - 2013-10-26 21:17 - 00322560 ___SH () C:\Users\Pascal\Desktop\Thumbs.db
2014-12-26 02:04 - 2014-08-05 22:28 - 00090624 ___SH () C:\Users\Pascal\Downloads\Thumbs.db
2014-12-25 22:43 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\vlc
2014-12-25 18:15 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-25 17:48 - 2013-08-22 15:44 - 05074848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-24 14:38 - 2013-12-25 00:59 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Razer
2014-12-24 01:20 - 2013-12-25 00:59 - 00000000 ____D () C:\ProgramData\Razer
2014-12-24 01:19 - 2013-12-25 00:00 - 00000000 ____D () E:\Program Files (x86)\Razer
2014-12-20 02:18 - 2013-11-14 23:22 - 00000000 ____D () E:\Program Files (x86)\StarCraft II
2014-12-19 14:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 11:48 - 2014-04-19 18:42 - 00000000 ____D () E:\Program Files (x86)\World of Warcraft
2014-12-18 21:34 - 2014-07-06 15:31 - 00000000 ____D () C:\Users\Pascal\.gimp-2.8
2014-12-14 20:14 - 2013-11-24 21:45 - 00000000 ____D () C:\ProgramData\Origin
2014-12-14 18:44 - 2014-11-26 18:53 - 00001205 _____ () C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2014-12-14 18:37 - 2013-11-24 21:45 - 00000000 ____D () E:\Program Files (x86)\Origin
2014-12-13 11:08 - 2014-11-21 14:18 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-13 11:08 - 2014-06-29 01:26 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-03-16 16:58 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-03-16 16:58 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2014-03-16 16:58 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 17:10 - 2013-10-25 16:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-11 19:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 14:03 - 2013-10-20 15:26 - 00000000 ____D () E:\Program Files (x86)\Battle.net
2014-12-11 14:02 - 2014-08-14 15:14 - 00044654 _____ () C:\WINDOWS\PFRO.log
2014-12-10 23:18 - 2014-07-09 22:18 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 16:55 - 2013-10-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 16:55 - 2013-10-20 12:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 16:52 - 2013-10-20 12:39 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 21:02 - 2013-10-20 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-09 18:59 - 2014-03-16 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-09 14:24 - 2014-07-12 16:52 - 00000000 ____D () E:\Program Files (x86)\Diablo III Public Test
2014-12-08 14:02 - 2014-03-20 21:03 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-05 20:42 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\dvdcss
2014-12-04 21:15 - 2014-01-25 15:24 - 00000000 ____D () E:\Program Files (x86)\Hearthstone

Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Pascal\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Pascal\AppData\Local\Temp\nvStInst.exe
C:\Users\Pascal\AppData\Local\Temp\pyl4699.tmp.exe
C:\Users\Pascal\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pascal\AppData\Local\Temp\sonarinst.exe
C:\Users\Pascal\AppData\Local\Temp\__pythonRunner.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-19 14:47

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---


Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Pascal at 2014-12-28 16:41:24
Running from C:\Users\Pascal\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version:  - Cold Beam Games)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BRINK (HKLM-x32\...\Steam App 22350) (Version:  - Splash Damage)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version:  - Techland)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CastleStorm (HKLM-x32\...\Steam App 241410) (Version:  - Zen Studios)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CodeBlocks (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
Cyberduck 4.4.5 (14721) (HKLM-x32\...\Cyberduck) (Version: 4.4.5 (14721) - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.24.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version:  - Going Loud Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Awakening Redesigned) (Version:  - )
Dragon Age II (HKLM-x32\...\Steam App 47900) (Version:  - BioWare)
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned © Morrigan) (Version:  - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned- Leliana's Song) (Version:  - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Wynne) (Version:  - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version:  - WayForward)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ESO Survey Live version 1.4.5 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.4.5 - Immersyve, Inc.)
EVE Online (HKLM-x32\...\Steam App 8500) (Version:  - CCP)
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - Black Forest Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version:  - Paradox Development Studio)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Minifigures Online (HKLM-x32\...\LEGO Minifigures Online_is1) (Version: 1.0.0 - Funcom)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
MouseCraft (HKLM-x32\...\Steam App 252750) (Version:  - Crunching Koalas)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Firefox 32.0.3 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.2 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.2.0 - Electronic Arts)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShootMania Storm (HKLM-x32\...\Steam App 229870) (Version:  - Nadeo)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Solar 2 (HKLM-x32\...\Steam App 97000) (Version:  - Murudai)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Marines (HKLM-x32\...\Steam App 253630) (Version:  - )
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version:  - Image&Form)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version:  - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Game Studios®)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version:  - Stridemann)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visitenkarten (HKLM-x32\...\{B3C40846-559F-4334-BAD5-E138F483A5C5}) (Version:  - )
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 3.0.4.3 - Wrye & Wrye Bash Development Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-12-2014 18:19:32 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {31603D6A-F053-4F98-836F-425073C5D8B6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {715327AB-EB6B-49DD-B8C7-2ED805EEF144} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-09] (AVAST Software)
Task: {83214325-2D0C-46EE-933F-0679FAD52A3B} - System32\Tasks\Apple\AppleSoftwareUpdate => E:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DDC57E8-CFCE-4711-98E3-1F35528EC83C} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {9B5AA326-9FC9-49CD-8D15-A3E8C9AC1690} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {B4142FBD-2FAA-49A4-9616-B898AD227D3F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {CC8A2D10-AD23-424F-BAD2-9E2DCFEF69C9} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {DA482AF7-E48A-45C4-A620-18B49C75E965} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-09] (Adobe Systems Incorporated)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-30 10:32 - 2013-05-30 10:32 - 00034304 _____ () C:\WINDOWS\System32\ssd3clm.dll
2014-08-15 16:48 - 2014-08-15 16:48 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-10-31 23:27 - 2014-10-31 23:27 - 00183488 _____ () E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-03-16 16:58 - 2014-12-13 09:03 - 00117576 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-01 20:29 - 2014-05-01 20:29 - 00098304 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-03-16 23:35 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-03-16 23:35 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2013-12-17 17:34 - 2014-12-13 01:13 - 00708240 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-17 17:34 - 2014-12-13 01:13 - 00854160 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-11-20 09:23 - 2014-11-20 09:23 - 00289792 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
2014-08-09 21:06 - 2014-08-09 21:06 - 00301152 _____ () E:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-12-26 19:21 - 2014-12-26 19:21 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14122601\algo.dll
2014-12-27 19:47 - 2014-12-27 19:47 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14122701\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 02396672 _____ () E:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00479744 _____ () E:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00332800 _____ () E:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00442880 _____ () E:\Program Files (x86)\Steam\libavutil-54.dll
2014-11-13 14:10 - 2014-11-11 19:47 - 00774656 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2014-12-03 14:09 - 2014-12-02 01:29 - 05002752 _____ () E:\Program Files (x86)\Steam\v8.dll
2014-12-21 11:34 - 2014-12-20 00:38 - 02226880 _____ () E:\Program Files (x86)\Steam\video.dll
2014-12-03 14:09 - 2014-12-02 01:29 - 01612800 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2014-12-03 14:09 - 2014-12-02 01:29 - 01210368 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2014-12-03 14:09 - 2014-12-01 22:31 - 00485888 _____ () E:\Program Files (x86)\Steam\libswscale-3.dll
2014-12-21 11:34 - 2014-12-20 00:38 - 00696000 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () E:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () E:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 26065408 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\libcef.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00739840 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\libGLESv2.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00907776 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\platforms\qwindows.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00130048 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\libEGL.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00020992 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qgif.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00021504 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qico.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00205312 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qjpeg.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00225792 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qmng.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00015872 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qsvg.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00312832 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\imageformats\qtiff.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00010240 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick.2\qtquick2plugin.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00054272 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQuick\Layouts\qquicklayoutsplugin.dll
2014-12-10 19:47 - 2014-12-10 19:47 - 00010240 _____ () E:\Program Files (x86)\Battle.net\Battle.net.5383\qml\QtQml\Models.2\modelsplugin.dll
2014-12-21 11:34 - 2014-12-20 00:38 - 34641288 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01077064 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 00211272 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 09009480 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01677128 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-08-09 21:06 - 2014-08-09 21:06 - 19329904 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll
2014-12-24 14:38 - 2014-01-04 01:20 - 34755072 _____ () C:\Users\Pascal\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll
2014-11-20 07:02 - 2014-11-20 07:02 - 00193024 _____ () C:\ProgramData\Razer\Synapse\RzStats\RigWrapper.dll
2014-12-24 14:38 - 2014-01-04 01:20 - 00970240 _____ () C:\Users\Pascal\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\ffmpegsumo.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 14913352 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
2014-06-16 15:45 - 2014-06-16 15:45 - 03022960 _____ () E:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-06-16 15:45 - 2014-06-16 15:45 - 00158832 _____ () E:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-06-16 15:45 - 2014-06-16 15:45 - 00023152 _____ () E:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Pascal\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "ESO Survey Live.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "NAS Scheduler.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "BUFFALO NAS Navigator2.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "EADM"

========================= Accounts: ==========================

Administrator (S-1-5-21-1010802133-681624663-1200860190-500 - Administrator - Disabled)
Gast (S-1-5-21-1010802133-681624663-1200860190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1010802133-681624663-1200860190-1004 - Limited - Enabled)
Pascal (S-1-5-21-1010802133-681624663-1200860190-1001 - Administrator - Enabled) => C:\Users\Pascal

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2014 07:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 8.0.800.0, Zeitstempel: 0x5463d697
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000002da0f02
ID des fehlerhaften Prozesses: 0x5c0c
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3
Vollständiger Name des fehlerhaften Pakets: nvcplui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvcplui.exe5

Error: (12/27/2014 07:51:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvcplui.exe, Version: 8.0.800.0, Zeitstempel: 0x5463d697
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000002da0f02
ID des fehlerhaften Prozesses: 0x5c0c
Startzeit der fehlerhaften Anwendung: 0xnvcplui.exe0
Pfad der fehlerhaften Anwendung: nvcplui.exe1
Pfad des fehlerhaften Moduls: nvcplui.exe2
Berichtskennung: nvcplui.exe3
Vollständiger Name des fehlerhaften Pakets: nvcplui.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: nvcplui.exe5

Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable).

Error: (12/27/2014 06:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkyrimLauncher.exe, Version: 1.3.22.0, Zeitstempel: 0x4f3956c2
Name des fehlerhaften Moduls: enbhelper.dll, Version: 0.0.0.0, Zeitstempel: 0x52505db0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000110e
ID des fehlerhaften Prozesses: 0x4ebc
Startzeit der fehlerhaften Anwendung: 0xSkyrimLauncher.exe0
Pfad der fehlerhaften Anwendung: SkyrimLauncher.exe1
Pfad des fehlerhaften Moduls: SkyrimLauncher.exe2
Berichtskennung: SkyrimLauncher.exe3
Vollständiger Name des fehlerhaften Pakets: SkyrimLauncher.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: SkyrimLauncher.exe5

Error: (12/27/2014 03:18:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: GameScannerService.exe, Version: 1.0.6.2565, Zeitstempel: 0x54540ccd
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0008af3e
ID des fehlerhaften Prozesses: 0x6ec
Startzeit der fehlerhaften Anwendung: 0xGameScannerService.exe0
Pfad der fehlerhaften Anwendung: GameScannerService.exe1
Pfad des fehlerhaften Moduls: GameScannerService.exe2
Berichtskennung: GameScannerService.exe3
Vollständiger Name des fehlerhaften Pakets: GameScannerService.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GameScannerService.exe5

Error: (12/27/2014 02:48:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2488

Startzeit: 01d02174e1b5f24a

Endzeit: 4294967295

Anwendungspfad: E:\Program Files (x86)\Java\jre8\bin\javaw.exe

Berichts-ID: 79300537-8d6a-11e4-bf1d-bc5ff4bc94c0

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/27/2014 02:17:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: ModOrganizer.exe, Version: 1.2.14.0, Zeitstempel: 0x54315b0e
Name des fehlerhaften Moduls: ModOrganizer.exe, Version: 1.2.14.0, Zeitstempel: 0x54315b0e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00027edf
ID des fehlerhaften Prozesses: 0x1568
Startzeit der fehlerhaften Anwendung: 0xModOrganizer.exe0
Pfad der fehlerhaften Anwendung: ModOrganizer.exe1
Pfad des fehlerhaften Moduls: ModOrganizer.exe2
Berichtskennung: ModOrganizer.exe3
Vollständiger Name des fehlerhaften Pakets: ModOrganizer.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ModOrganizer.exe5

Error: (12/27/2014 02:17:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 25e8

Startzeit: 01d0216f709bec51

Endzeit: 4294967295

Anwendungspfad: E:\Program Files (x86)\Java\jre8\bin\javaw.exe

Berichts-ID: 1eebb338-8d66-11e4-bf1d-bc5ff4bc94c0

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (12/27/2014 01:52:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.11.12 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2f20

Startzeit: 01d0216caeb4880c

Endzeit: 11

Anwendungspfad: E:\Program Files (x86)\Java\jre8\bin\javaw.exe

Berichts-ID: 9144d531-8d62-11e4-bf1d-bc5ff4bc94c0

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (12/28/2014 04:36:21 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/28/2014 04:35:51 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/28/2014 03:50:20 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}

Error: (12/28/2014 03:50:16 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}

Error: (12/27/2014 08:18:36 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (12/27/2014 08:14:22 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (12/27/2014 08:13:00 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (12/27/2014 07:51:56 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (12/27/2014 07:51:26 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {0002DF01-0000-0000-C000-000000000046}

Error: (12/27/2014 06:20:27 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}


Microsoft Office Sessions:
=========================
Error: (12/27/2014 07:51:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvcplui.exe8.0.800.05463d697unknown0.0.0.000000000c000041d0000000002da0f025c0c01d02205f5e0594dE:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exeunknown572f8286-8df9-11e4-bf1d-bc5ff4bc94c0

Error: (12/27/2014 07:51:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nvcplui.exe8.0.800.05463d697unknown0.0.0.000000000c00000050000000002da0f025c0c01d02205f5e0594dE:\Program Files\NVIDIA Corporation\Control Panel Client\nvcplui.exeunknown5683051c-8df9-11e4-bf1d-bc5ff4bc94c0

Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (12/27/2014 06:19:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: 
Details:
AddCoreCsiFiles : RtlConvertNtFilePathToWin32Path() failed.

System Error:
0xC0000039 (unresolvable)

Error: (12/27/2014 06:09:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SkyrimLauncher.exe1.3.22.04f3956c2enbhelper.dll0.0.0.052505db0c00000050000110e4ebc01d021f7e35f58c8C:\Skyrim\steamapps\common\Skyrim\SkyrimLauncher.exeC:\Skyrim\steamapps\common\Skyrim\enbseries\enbhelper.dll27945158-8deb-11e4-bf1d-bc5ff4bc94c0

Error: (12/27/2014 03:18:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: GameScannerService.exe1.0.6.256554540ccdMSVCR100.dll10.0.40219.3254df2be1ec00004170008af3e6ec01d02141f0d1c42fE:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exeC:\WINDOWS\SYSTEM32\MSVCR100.dllaeb39e62-8d6e-11e4-bf1d-bc5ff4bc94c0

Error: (12/27/2014 02:48:37 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.12248801d02174e1b5f24a4294967295E:\Program Files (x86)\Java\jre8\bin\javaw.exe79300537-8d6a-11e4-bf1d-bc5ff4bc94c0

Error: (12/27/2014 02:17:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: ModOrganizer.exe1.2.14.054315b0eModOrganizer.exe1.2.14.054315b0ec000000500027edf156801d021427862da2cE:\Program Files (x86)\Mod Organizer\ModOrganizer.exeE:\Program Files (x86)\Mod Organizer\ModOrganizer.exe23552f29-8d66-11e4-bf1d-bc5ff4bc94c0

Error: (12/27/2014 02:17:29 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.1225e801d0216f709bec514294967295E:\Program Files (x86)\Java\jre8\bin\javaw.exe1eebb338-8d66-11e4-bf1d-bc5ff4bc94c0

Error: (12/27/2014 01:52:05 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.11.122f2001d0216caeb4880c11E:\Program Files (x86)\Java\jre8\bin\javaw.exe9144d531-8d62-11e4-bf1d-bc5ff4bc94c0


CodeIntegrity Errors:
===================================
  Date: 2014-09-04 00:25:19.004
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-09 23:48:39.975
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-18 23:58:22.793
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pascal\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-18 23:58:22.738
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 21%
Total physical RAM: 16315.5 MB
Available physical RAM: 12801.49 MB
Total Pagefile: 18747.5 MB
Available Pagefile: 14629.28 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.93 GB) (Free:28.46 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:149.58 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3964B577)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB3FFC79)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 28.12.2014, 15:51   #4
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



PC2:
FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Hartmut und Marion (administrator) on WOHNZIMMER-PC on 28-12-2014 16:33:48
Running from C:\Users\Hartmut und Marion\Downloads
Loaded Profiles: Hartmut und Marion & UpdatusUser (Available profiles: Hartmut und Marion & UpdatusUser & Marion)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ABBYY) C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Software 2000 Limited) C:\Windows\System32\spool\drivers\x64\3\HP1006MC.EXE
(Freedom Scientific, Inc.) C:\Program Files\Freedom Scientific\Shared\fsSynth\1.0\x86\fsSynth32.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Dropbox, Inc.) C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe
(BUFFALO INC.) C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
(Freedom Scientific LLC.) C:\Program Files\Freedom Scientific\JAWS\15.0\fsATProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [456704 2012-02-20] ()
HKLM\...\Run: [JAWS] => C:\Program Files\Freedom Scientific\JAWS\15.0\jfw.exe [7308104 2014-10-14] (Freedom Scientific, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [615584 2011-03-01] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [379552 2011-03-01] (Atheros Commnucations)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-08-08] (AVAST Software)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1326408 2013-11-15] (Apple Inc.)
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Run: [EEDSpeedLauncher] => rundll32.exe C:\Windows\system32\eed_ec.dll,SpeedLauncher
Startup: C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (BUFFALO INC.)
Startup: C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> C:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4274152114-28096137-2579490511-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKU\S-1-5-21-4274152114-28096137-2579490511-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Hartmut und Marion\AppData\Roaming\Mozilla\Firefox\Profiles\lsrcai77.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: iCloud Bookmarks - C:\Users\Hartmut und Marion\AppData\Roaming\Mozilla\Firefox\Profiles\lsrcai77.default\Extensions\firefoxdav@icloud.com [2014-11-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-02-23]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Professional.11.0; C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe [819976 2011-10-12] (ABBYY)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [76448 2011-03-01] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-12] (AVAST Software)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 JTVNCProxy_15.0; C:\Program Files\Freedom Scientific\JAWS\15.0\JTVNCProxy.exe [20808 2014-10-14] (Freedom Scientific BLV Group LLC)
R2 NasPmService; C:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-12] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-12] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-12] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-12] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-12] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-12] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-12] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-12] ()
R1 Freedom Scientific Kernel Manager; C:\Windows\System32\fsKMgr.dll [29712 2014-07-25] (Freedom Scientific, Inc.)
S3 FSBRLDSP; C:\Windows\System32\DRIVERS\FSBRLDSP.sys [46440 2012-09-13] (Freedom Scientific BLV Group, LLC.)
R3 fsvidmir_service; C:\Windows\System32\DRIVERS\fsvidmir.sys [15856 2014-07-25] (Freedom Scientific, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [104048 2013-02-23] (Qualcomm Atheros Co., Ltd.)
S3 PowerBrl; C:\Windows\system32\Drivers\powerbrl.sys [18720 2014-10-14] (Freedom Scientific BLV Group, LLC.)
R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2008-07-11] (SafeNet, Inc.)
S3 STHDA; system32\DRIVERS\stwrt64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 16:33 - 2014-12-28 16:34 - 00011054 _____ () C:\Users\Hartmut und Marion\Downloads\FRST.txt
2014-12-28 16:33 - 2014-12-28 16:33 - 02123264 _____ (Farbar) C:\Users\Hartmut und Marion\Downloads\FRST64.exe
2014-12-28 16:33 - 2014-12-28 16:33 - 00000000 ____D () C:\FRST
2014-12-24 15:44 - 2014-12-13 06:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-24 15:44 - 2014-12-13 04:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-24 15:39 - 2014-12-24 15:39 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-14 14:21 - 2014-12-14 14:21 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-09 21:03 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-09 21:03 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 21:03 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-09 21:03 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-09 21:03 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-09 21:03 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-09 21:03 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-09 21:03 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-09 21:03 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-09 21:03 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 20:39 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 20:39 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 20:39 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 20:38 - 2014-11-27 02:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 20:38 - 2014-11-27 02:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 20:38 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 20:38 - 2014-11-22 04:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 20:38 - 2014-11-22 04:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 20:38 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 20:38 - 2014-11-22 03:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 20:38 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 20:38 - 2014-11-22 03:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 20:38 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 20:38 - 2014-11-22 03:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 20:38 - 2014-11-22 03:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 20:38 - 2014-11-22 03:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 20:38 - 2014-11-22 03:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 20:38 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 20:38 - 2014-11-22 03:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 20:38 - 2014-11-22 03:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 20:38 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 20:38 - 2014-11-22 03:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 20:38 - 2014-11-22 03:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 20:38 - 2014-11-22 03:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 20:38 - 2014-11-22 03:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 20:38 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 20:38 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 20:38 - 2014-11-22 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 20:38 - 2014-11-22 03:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 20:38 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 20:38 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 20:38 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 20:38 - 2014-11-22 02:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 20:38 - 2014-11-22 02:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 20:38 - 2014-11-22 02:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 20:38 - 2014-11-22 02:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 20:38 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 20:38 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 20:38 - 2014-11-22 02:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 20:38 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 20:38 - 2014-11-22 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 20:38 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 20:38 - 2014-11-22 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 20:38 - 2014-11-22 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 20:38 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 20:38 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 20:38 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 20:38 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 20:38 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 20:38 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 20:38 - 2014-11-22 02:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 20:38 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 20:38 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 20:38 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 20:38 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 20:38 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 20:38 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 20:38 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 20:38 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 20:38 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 20:36 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 20:36 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 20:36 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 20:36 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 20:36 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 20:36 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 20:36 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 20:36 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 20:36 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 20:36 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 20:36 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 20:36 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 20:36 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 20:36 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-01 07:00 - 2014-12-01 07:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-28 16:33 - 2013-02-23 17:32 - 00000000 ____D () C:\Users\Hartmut und Marion\Documents\Outlook-Dateien
2014-12-28 16:32 - 2014-01-14 20:10 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Local\50134896-6E1D-452D-8201-714E0BCD48B0.aplzod
2014-12-28 16:19 - 2013-02-23 14:23 - 01876057 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 16:18 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-28 16:18 - 2009-07-14 05:45 - 00028912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-28 16:15 - 2014-04-21 17:09 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-28 16:08 - 2011-04-12 08:43 - 00702942 _____ () C:\Windows\system32\perfh007.dat
2014-12-28 16:08 - 2011-04-12 08:43 - 00150582 _____ () C:\Windows\system32\perfc007.dat
2014-12-28 16:08 - 2009-07-14 06:13 - 01629284 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-28 16:04 - 2013-10-11 21:04 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Local\CrashDumps
2014-12-28 16:04 - 2013-02-23 17:53 - 00000000 ___RD () C:\Users\Hartmut und Marion\Dropbox
2014-12-28 16:04 - 2013-02-23 17:50 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox
2014-12-28 16:03 - 2014-08-26 19:04 - 00000035 _____ () C:\Users\Public\Documents\AtherosServiceConfig.ini
2014-12-28 16:03 - 2013-02-23 17:04 - 00000087 _____ () C:\Windows\SysWOW64\ssprs.tgz
2014-12-28 16:03 - 2013-02-23 17:04 - 00000073 _____ () C:\Windows\SysWOW64\ssprs.dll
2014-12-28 16:03 - 2010-11-21 04:24 - 00000219 _____ () C:\Windows\SysWOW64\xkjreog.tgz
2014-12-28 16:03 - 2010-11-21 04:24 - 00000205 _____ () C:\Windows\SysWOW64\xkjreog.dll
2014-12-28 16:02 - 2014-06-12 14:12 - 00013107 _____ () C:\Windows\setupact.log
2014-12-28 16:02 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-27 15:00 - 2014-08-25 09:14 - 00000000 ____D () C:\Users\Hartmut und Marion\Documents\AMEC
2014-12-26 14:46 - 2013-02-23 17:53 - 00001061 _____ () C:\Users\Hartmut und Marion\Desktop\Dropbox.lnk
2014-12-26 14:46 - 2013-02-23 17:51 - 00000000 ____D () C:\Users\Hartmut und Marion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-24 16:07 - 2013-03-09 13:07 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-16 20:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-14 15:15 - 2014-04-21 17:09 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-14 15:15 - 2013-03-08 14:48 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-14 15:15 - 2013-03-08 14:48 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-14 14:21 - 2014-06-12 14:12 - 00211690 _____ () C:\Windows\PFRO.log
2014-12-14 14:21 - 2014-05-06 18:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-14 14:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-14 14:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-09 21:06 - 2013-02-23 17:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-09 20:41 - 2013-06-05 20:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-09 20:38 - 2013-02-23 16:17 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Some content of TEMP:
====================
C:\Users\Hartmut und Marion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzf_y4o.dll
C:\Users\Hartmut und Marion\AppData\Local\Temp\vcredist2005_x86.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-26 16:01

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Hartmut und Marion at 2014-12-28 16:34:32
Running from C:\Users\Hartmut und Marion\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ABBYY FineReader 11 (HKLM-x32\...\{F1100000-0009-0000-0001-074957833700}) (Version: 11.0.376 - ABBYY)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Bluetooth Suite (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.02.000.60 - ASUS Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.0.14.15 - Atheros Communications Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
CanoScan LiDE 100 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ2413) (Version:  - )
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Dropbox (HKU\S-1-5-21-4274152114-28096137-2579490511-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Freedom Scientific Braille (Version: 11.0.1090.1 - Freedom Scientific) Hidden
Freedom Scientific Braille (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Document Server (Version: 11.0.1090.1 - Freedom Scientific) Hidden
Freedom Scientific Document Server (Version: 15.0.9806.0 - Freedom Scientific) Hidden
Freedom Scientific Elevation (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Fehlerberichterstattung (HKLM\...\ErrorReportingClient) (Version: 1.0.6323.0 - Freedom Scientific)
Freedom Scientific Fehlerberichterstattung (Version: 1.0.6323.0 - Freedom Scientific) Hidden
Freedom Scientific FSReader 2.0 (HKLM\...\FSReader2.0) (Version: 2.0.1039 - Freedom Scientific)
Freedom Scientific FSReader 2.0 (Version: 2.0.1039 - Freedom Scientific) Hidden
Freedom Scientific FSReader 3.0 (HKLM\...\FSReader3.0) (Version: 3.0.5859.101 - Freedom Scientific)
Freedom Scientific FSReader 3.0 (Version: 3.0.5859.101 - Freedom Scientific) Hidden
Freedom Scientific FSRibbonSrv 1.0 (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific JAWS 15.0 (HKLM\...\JAWS15.0) (Version: 15.0.12085.400 - Freedom Scientific)
Freedom Scientific JAWS 15.0 (Version: 15.0.12085.400 - Freedom Scientific) Hidden
Freedom Scientific Ocr (HKLM\...\FSOcr64) (Version: 12.1.5846.0 - Freedom Scientific)
Freedom Scientific Ocr (HKLM-x32\...\FSOcr) (Version: 12.1.5821.0 - Freedom Scientific)
Freedom Scientific Ocr (Version: 12.1.5846.0 - Freedom Scientific) Hidden
Freedom Scientific Ocr (x32 Version: 12.1.5821.0 - Freedom Scientific) Hidden
Freedom Scientific OmniPage (HKLM-x32\...\FSOmniPage) (Version: 11.0.002.0 - Freedom Scientific)
Freedom Scientific OmniPage (x32 Version: 11.0.002.0 - Freedom Scientific) Hidden
Freedom Scientific Sprechende Installation 13.0 (HKLM\...\{8F46DA86-D9C8-4CF6-B12F-05BD68539071}) (Version: 13.0.1081.400 - Freedom Scientific)
Freedom Scientific Sprechende Installation 15.0 (HKLM\...\{259683DC-DC35-407E-B470-1E4AAD5D6DC4}) (Version: 15.0.12085.400 - Freedom Scientific)
Freedom Scientific Synth (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Synthesizer Eloquence (x32 Version: 6.1.004 - Freedom Scientific) Hidden
Freedom Scientific UIAHooks 1.0 (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific Utilities (Version: 15.0.12085.400 - Freedom Scientific) Hidden
Freedom Scientific Video Intercept (HKLM\...\FSVI) (Version: 12.6.324.0 - Freedom Scientific)
Freedom Scientific Video Intercept (Version: 12.6.324.0 - Freedom Scientific) Hidden
Freedom Scientific WOW64 Proxy (Version: 11.0.1090.1 - Freedom Scientific) Hidden
Freedom Scientific WOW64 Proxy (Version: 14.0.6430.0 - Freedom Scientific) Hidden
Freedom Scientific XQilla 2.0 (Version: 14.0.6430.0 - Freedom Scientific) Hidden
HP LaserJet P1000 series (HKLM-x32\...\HP LaserJet P1000 series) (Version:  - )
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Ihr Firmenname)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.1.1 (x86 de)) (Version: 33.1.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 24.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.2.0 (x86 de)) (Version: 24.2.0 - Mozilla)
MrvlUsgTracking (HKLM-x32\...\{A82D052A-0806-42DF-80CD-1730A1AC0ED3}) (Version: 1.0.7 - Marvell)
MrvlUsgTracking64 (HKLM\...\{42F0FD29-7EB3-4CAA-AF10-BC2619B96D80}) (Version: 1.0.1 - Marvell Semiconductor Pvt Ltd)
NVIDIA Grafiktreiber 314.07 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.07 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA Update 1.12.12 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.12.12 - NVIDIA Corporation)
PCFriendly (HKLM-x32\...\PCFriendly) (Version:  - )
RealSpeak Solo fur Deutsch - Steffi (HKLM-x32\...\{BFBB91DB-9F0F-4A9C-9669-A97DA3512CF2}) (Version: 4.00.0000 - ScanSoft)
Samsung CLP-680 Series (HKLM-x32\...\Samsung CLP-680 Series) (Version: 1.02 (05.05.2012) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.02.45.01(30.04.2012) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sentinel System Driver Installer 7.5.0 (HKLM-x32\...\{FAEE61D3-2A5E-4F7F-926F-77AAC08CE4DD}) (Version: 7.5.0 - SafeNet, Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
TomTom HOME (HKLM-x32\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.5 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
UBitMenuDE (HKLM-x32\...\{CBCFD97D-FE82-43F4-A978-996CACF71E6B}_is1) (Version: 01.04 - UBit Schweiz AG)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{CF0BE47C-B124-ACE8-A71B-AE8D2FF5FA19}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-4274152114-28096137-2579490511-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

17-11-2014 20:28:16 Windows Update
17-11-2014 21:19:59 Windows Update
18-11-2014 21:52:35 Windows Update
25-11-2014 14:25:23 JAWS Wiederherstellungspunkt
25-11-2014 14:28:07 Windows Update
01-12-2014 06:06:49 Windows Update
09-12-2014 20:34:07 Windows Update
09-12-2014 21:01:52 Windows Update
16-12-2014 17:33:53 Windows Update
24-12-2014 15:42:30 Windows Update
24-12-2014 16:09:21 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {19C10504-BE82-4288-A862-B1B98E2560DC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-12] (AVAST Software)
Task: {1F7FF6AD-2DE0-4ADD-847C-C1CBF1755824} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {9C5B9555-8EB4-4634-9595-29B1FB77EEC9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {B68709DD-BBB4-4FA0-94AB-463F4E10C394} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {CEFD6A3B-FA2F-4F81-B9A0-E67D0330A51D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-14] (Adobe Systems Incorporated)
Task: {E4A992FB-CF3E-4BB1-ABB7-C41FB8B27EF1} - System32\Tasks\{C3DC0D98-1DB7-4C30-BBD6-BD49531A09B5} => C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE [2013-11-08] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-02-23 16:01 - 2013-02-10 02:04 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-01-10 06:13 - 2012-01-10 05:13 - 00034304 _____ () C:\Windows\System32\ssd3clm.dll
2012-02-20 22:23 - 2012-02-20 22:23 - 00456704 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-02-20 22:23 - 2012-02-20 22:23 - 00051200 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-12-27 14:31 - 2014-12-27 14:31 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122700\algo.dll
2014-12-28 16:03 - 2014-12-28 16:03 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122800\algo.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 19:58 - 2014-02-12 19:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-06-12 14:11 - 2014-06-12 14:11 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00750080 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-28 16:03 - 2014-12-28 16:03 - 00043008 _____ () c:\Users\Hartmut und Marion\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpzf_y4o.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00047616 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00863744 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 01:22 - 2014-10-22 01:22 - 00200704 _____ () C:\Users\Hartmut und Marion\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-4274152114-28096137-2579490511-500 - Administrator - Disabled)
Gast (S-1-5-21-4274152114-28096137-2579490511-501 - Limited - Disabled)
Hartmut und Marion (S-1-5-21-4274152114-28096137-2579490511-1000 - Administrator - Enabled) => C:\Users\Hartmut und Marion
HomeGroupUser$ (S-1-5-21-4274152114-28096137-2579490511-1002 - Limited - Enabled)
Marion (S-1-5-21-4274152114-28096137-2579490511-1005 - Administrator - Enabled) => C:\Users\Marion
UpdatusUser (S-1-5-21-4274152114-28096137-2579490511-1004 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/28/2014 04:04:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Name des fehlerhaften Moduls: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a1ad
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xFSOcrServer.exe0
Pfad der fehlerhaften Anwendung: FSOcrServer.exe1
Pfad des fehlerhaften Moduls: FSOcrServer.exe2
Berichtskennung: FSOcrServer.exe3

Error: (12/28/2014 04:03:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Name des fehlerhaften Moduls: FSOcrServer.exe, Version: 12.1.5846.0, Zeitstempel: 0x5432d116
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000a1ad
ID des fehlerhaften Prozesses: 0xe80
Startzeit der fehlerhaften Anwendung: 0xFSOcrServer.exe0
Pfad der fehlerhaften Anwendung: FSOcrServer.exe1
Pfad des fehlerhaften Moduls: FSOcrServer.exe2
Berichtskennung: FSOcrServer.exe3

Error: (12/28/2014 04:03:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/27/2014 03:19:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "X64" des "processorArchitecture"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (12/27/2014 02:32:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10250

Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10250

Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9204

Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9204


System errors:
=============
Error: (12/28/2014 04:11:46 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (12/28/2014 04:04:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/27/2014 02:32:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/26/2014 09:03:05 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.

Error: (12/26/2014 02:44:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/24/2014 03:38:05 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/17/2014 02:46:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/17/2014 02:11:29 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (12/17/2014 00:53:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/16/2014 08:55:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst IPBusEnum erreicht.


Microsoft Office Sessions:
=========================
Error: (12/28/2014 04:04:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FSOcrServer.exe12.1.5846.05432d116FSOcrServer.exe12.1.5846.05432d116c00000050000a1ade8001d022af6e2654f8C:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exeC:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exec77d16a6-8ea2-11e4-861e-78e3b5b8a188

Error: (12/28/2014 04:03:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FSOcrServer.exe12.1.5846.05432d116FSOcrServer.exe12.1.5846.05432d116c00000050000a1ade8001d022af6e2654f8C:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exeC:\Program Files (x86)\Freedom Scientific\Shared\FSOcr\FSOcrServer.exebb669389-8ea2-11e4-861e-78e3b5b8a188

Error: (12/28/2014 04:03:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/27/2014 03:19:13 PM) (Source: SideBySide) (EventID: 63) (User: )
Description: assemblyIdentityprocessorArchitectureX64C:\Program Files\Freedom Scientific\JAWS\15.0\WMHooks64Proxy.exeC:\Program Files\Freedom Scientific\JAWS\15.0\WMHooks64Proxy.exe1

Error: (12/27/2014 02:32:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10250

Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10250

Error: (12/26/2014 04:18:26 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9204

Error: (12/26/2014 04:18:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9204


==================== Memory info =========================== 

Processor: AMD A6-5400K APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 42%
Total physical RAM: 3991.33 MB
Available physical RAM: 2291.16 MB
Total Pagefile: 7980.84 MB
Available Pagefile: 6314.63 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.54 GB) (Free:291.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B9DE637F)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 29.12.2014, 07:23   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Die MacBooks kann man eigentlich ausschliessen. Kannst Du anhand der Zeitangabe erahnen welcher Rechner es sein könnte?

Ich sehe so jetzt nichts, ausser auf PC1, da sehe ich Adware.

Erstmal für beide PC:

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.12.2014, 14:41   #6
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Erstmal PC1
Hier wurde bei beiden Programmen nichts gefunden

TDSSKiller Log:
Code:
ATTFilter
15:21:38.0628 0xcf28  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
15:21:38.0628 0xcf28  UEFI system
15:21:49.0123 0xcf28  ============================================================
15:21:49.0123 0xcf28  Current date / time: 2014/12/29 15:21:49.0123
15:21:49.0124 0xcf28  SystemInfo:
15:21:49.0124 0xcf28  
15:21:49.0124 0xcf28  OS Version: 6.3.9600 ServicePack: 0.0
15:21:49.0124 0xcf28  Product type: Workstation
15:21:49.0124 0xcf28  ComputerName: PASCALS-PC
15:21:49.0124 0xcf28  UserName: Pascal
15:21:49.0124 0xcf28  Windows directory: C:\WINDOWS
15:21:49.0124 0xcf28  System windows directory: C:\WINDOWS
15:21:49.0124 0xcf28  Running under WOW64
15:21:49.0124 0xcf28  Processor architecture: Intel x64
15:21:49.0124 0xcf28  Number of processors: 8
15:21:49.0124 0xcf28  Page size: 0x1000
15:21:49.0124 0xcf28  Boot type: Normal boot
15:21:49.0124 0xcf28  ============================================================
15:21:49.0234 0xcf28  KLMD registered as C:\WINDOWS\system32\drivers\72796337.sys
15:21:49.0397 0xcf28  System UUID: {F063A012-60D2-2C01-6931-7ECF2B0EC4A4}
15:21:49.0681 0xcf28  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:21:49.0696 0xcf28  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:21:49.0717 0xcf28  ============================================================
15:21:49.0717 0xcf28  \Device\Harddisk0\DR0:
15:21:49.0717 0xcf28  GPT partitions:
15:21:49.0718 0xcf28  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {0C44262B-9ACC-4938-97B0-9FD95842484F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
15:21:49.0718 0xcf28  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {3032FF39-D1B6-4C2A-B57E-A23979BA82EE}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
15:21:49.0718 0xcf28  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {74E645B2-FE77-4690-ACB3-707F2ECE1BA5}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
15:21:49.0718 0xcf28  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3A08F634-0709-415B-8400-3AE93C91BA7E}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0xDDDD000
15:21:49.0718 0xcf28  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5B553E30-20EB-4018-8526-38096049C098}, Name: , StartLBA 0xDEE5800, BlocksNum 0xAF000
15:21:49.0718 0xcf28  MBR partitions:
15:21:49.0718 0xcf28  \Device\Harddisk1\DR1:
15:21:49.0738 0xcf28  MBR partitions:
15:21:49.0738 0xcf28  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:21:49.0738 0xcf28  ============================================================
15:21:49.0739 0xcf28  C: <-> \Device\Harddisk0\DR0\Partition4
15:21:49.0810 0xcf28  E: <-> \Device\Harddisk1\DR1\Partition1
15:21:49.0810 0xcf28  ============================================================
15:21:49.0810 0xcf28  Initialize success
15:21:49.0810 0xcf28  ============================================================
15:22:22.0105 0xcd64  ============================================================
15:22:22.0105 0xcd64  Scan started
15:22:22.0105 0xcd64  Mode: Manual; SigCheck; TDLFS; 
15:22:22.0105 0xcd64  ============================================================
15:22:22.0105 0xcd64  KSN ping started
15:22:24.0481 0xcd64  KSN ping finished: true
15:22:24.0946 0xcd64  ================ Scan system memory ========================
15:22:24.0946 0xcd64  System memory - ok
15:22:24.0946 0xcd64  ================ Scan services =============================
15:22:24.0971 0xcd64  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
15:22:25.0001 0xcd64  1394ohci - ok
15:22:25.0009 0xcd64  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
15:22:25.0017 0xcd64  3ware - ok
15:22:25.0030 0xcd64  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
15:22:25.0048 0xcd64  ACPI - ok
15:22:25.0052 0xcd64  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
15:22:25.0060 0xcd64  acpiex - ok
15:22:25.0063 0xcd64  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
15:22:25.0071 0xcd64  acpipagr - ok
15:22:25.0073 0xcd64  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
15:22:25.0082 0xcd64  AcpiPmi - ok
15:22:25.0085 0xcd64  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
15:22:25.0093 0xcd64  acpitime - ok
15:22:25.0107 0xcd64  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:22:25.0116 0xcd64  AdobeFlashPlayerUpdateSvc - ok
15:22:25.0131 0xcd64  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
15:22:25.0151 0xcd64  ADP80XX - ok
15:22:25.0158 0xcd64  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
15:22:25.0171 0xcd64  AeLookupSvc - ok
15:22:25.0181 0xcd64  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
15:22:25.0198 0xcd64  AFD - ok
15:22:25.0202 0xcd64  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
15:22:25.0210 0xcd64  agp440 - ok
15:22:25.0213 0xcd64  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
15:22:25.0224 0xcd64  ahcache - ok
15:22:25.0228 0xcd64  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
15:22:25.0240 0xcd64  ALG - ok
15:22:25.0245 0xcd64  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
15:22:25.0255 0xcd64  AmdK8 - ok
15:22:25.0260 0xcd64  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
15:22:25.0269 0xcd64  AmdPPM - ok
15:22:25.0273 0xcd64  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
15:22:25.0280 0xcd64  amdsata - ok
15:22:25.0287 0xcd64  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
15:22:25.0298 0xcd64  amdsbs - ok
15:22:25.0301 0xcd64  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
15:22:25.0307 0xcd64  amdxata - ok
15:22:25.0310 0xcd64  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
15:22:25.0321 0xcd64  AppID - ok
15:22:25.0324 0xcd64  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
15:22:25.0332 0xcd64  AppIDSvc - ok
15:22:25.0336 0xcd64  [ 034ED41F13D9C1845C1E081F05B640DB, E4E17BA0B22C464DE60A6BF68D4D035D1B838DE4F0361029DED1AE00503E135C ] Appinfo         C:\WINDOWS\System32\appinfo.dll
15:22:25.0347 0xcd64  Appinfo - ok
15:22:25.0461 0xcd64  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:22:25.0482 0xcd64  Apple Mobile Device - ok
15:22:25.0505 0xcd64  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
15:22:25.0529 0xcd64  AppReadiness - ok
15:22:25.0549 0xcd64  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
15:22:25.0577 0xcd64  AppXSvc - ok
15:22:25.0582 0xcd64  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
15:22:25.0591 0xcd64  arcsas - ok
15:22:25.0594 0xcd64  [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
15:22:25.0603 0xcd64  aswHwid - ok
15:22:25.0607 0xcd64  [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
15:22:25.0613 0xcd64  aswMonFlt - ok
15:22:25.0616 0xcd64  [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
15:22:25.0623 0xcd64  aswRdr - ok
15:22:25.0626 0xcd64  [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
15:22:25.0631 0xcd64  aswRvrt - ok
15:22:25.0648 0xcd64  [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
15:22:25.0669 0xcd64  aswSnx - ok
15:22:25.0679 0xcd64  [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
15:22:25.0691 0xcd64  aswSP - ok
15:22:25.0695 0xcd64  [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
15:22:25.0701 0xcd64  aswStm - ok
15:22:25.0707 0xcd64  [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
15:22:25.0716 0xcd64  aswVmm - ok
15:22:25.0719 0xcd64  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
15:22:25.0725 0xcd64  atapi - ok
15:22:25.0731 0xcd64  [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
15:22:25.0743 0xcd64  AudioEndpointBuilder - ok
15:22:25.0759 0xcd64  [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
15:22:25.0781 0xcd64  Audiosrv - ok
15:22:25.0904 0xcd64  [ 73F5C13B431915BAE35254B4E95DFB71, 393A045859382C44133C004598B1512048046BCC129FED2247A77FDBFCDB6DFF ] avast! Antivirus E:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:22:25.0910 0xcd64  avast! Antivirus - ok
15:22:25.0914 0xcd64  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
15:22:25.0924 0xcd64  AxInstSV - ok
15:22:25.0935 0xcd64  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
15:22:25.0951 0xcd64  b06bdrv - ok
15:22:25.0955 0xcd64  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
15:22:25.0964 0xcd64  BasicDisplay - ok
15:22:25.0967 0xcd64  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
15:22:25.0976 0xcd64  BasicRender - ok
15:22:25.0979 0xcd64  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
15:22:25.0985 0xcd64  bcmfn2 - ok
15:22:25.0992 0xcd64  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
15:22:26.0005 0xcd64  BDESVC - ok
15:22:26.0008 0xcd64  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
15:22:26.0017 0xcd64  Beep - ok
15:22:26.0033 0xcd64  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\WINDOWS\System32\bfe.dll
15:22:26.0055 0xcd64  BFE - ok
15:22:26.0073 0xcd64  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
15:22:26.0101 0xcd64  BITS - ok
15:22:26.0135 0xcd64  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service E:\Program Files\Bonjour\mDNSResponder.exe
15:22:26.0156 0xcd64  Bonjour Service - ok
15:22:26.0160 0xcd64  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
15:22:26.0170 0xcd64  bowser - ok
15:22:26.0176 0xcd64  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
15:22:26.0189 0xcd64  BrokerInfrastructure - ok
15:22:26.0194 0xcd64  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\WINDOWS\System32\browser.dll
15:22:26.0204 0xcd64  Browser - ok
15:22:26.0207 0xcd64  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
15:22:26.0216 0xcd64  BthAvrcpTg - ok
15:22:26.0219 0xcd64  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
15:22:26.0228 0xcd64  BthHFEnum - ok
15:22:26.0231 0xcd64  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
15:22:26.0239 0xcd64  bthhfhid - ok
15:22:26.0243 0xcd64  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
15:22:26.0252 0xcd64  BTHMODEM - ok
15:22:26.0257 0xcd64  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
15:22:26.0267 0xcd64  bthserv - ok
15:22:26.0270 0xcd64  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
15:22:26.0280 0xcd64  cdfs - ok
15:22:26.0287 0xcd64  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
15:22:26.0299 0xcd64  cdrom - ok
15:22:26.0303 0xcd64  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
15:22:26.0317 0xcd64  CertPropSvc - ok
15:22:26.0321 0xcd64  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
15:22:26.0330 0xcd64  circlass - ok
15:22:26.0339 0xcd64  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
15:22:26.0351 0xcd64  CLFS - ok
15:22:26.0358 0xcd64  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
15:22:26.0367 0xcd64  CmBatt - ok
15:22:26.0414 0xcd64  [ 2A01CA9628F36208A7D188F34B295192, 336532A03600759C8D243A0E8AAE334EB741EFE89165C1BE08339AE1EC5838B1 ] cmudaxp         C:\WINDOWS\system32\drivers\cmudaxp.sys
15:22:26.0467 0xcd64  cmudaxp - ok
15:22:26.0480 0xcd64  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
15:22:26.0498 0xcd64  CNG - ok
15:22:26.0502 0xcd64  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
15:22:26.0510 0xcd64  CompositeBus - ok
15:22:26.0513 0xcd64  COMSysApp - ok
15:22:26.0515 0xcd64  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
15:22:26.0524 0xcd64  condrv - ok
15:22:26.0529 0xcd64  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
15:22:26.0541 0xcd64  CryptSvc - ok
15:22:26.0544 0xcd64  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
15:22:26.0551 0xcd64  dam - ok
15:22:26.0741 0xcd64  [ 914A7156B0C0F10BE645A02E13F576B2, C8686CE4DD9C457D56D5535307FD210AE057BFF94AC59665681DA6CF46DBE2E8 ] DAUpdaterSvc    E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
15:22:26.0791 0xcd64  DAUpdaterSvc - ok
15:22:26.0802 0xcd64  [ 106838084C284C06D01C6C5370F7C5D3, 977096D7C4218E123306FB191C69F6642505DA17D0AE25D6BFFECD029B055BC1 ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
15:22:26.0818 0xcd64  dc3d - ok
15:22:26.0839 0xcd64  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
15:22:26.0863 0xcd64  DcomLaunch - ok
15:22:26.0873 0xcd64  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
15:22:26.0889 0xcd64  defragsvc - ok
15:22:26.0898 0xcd64  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
15:22:26.0914 0xcd64  DeviceAssociationService - ok
15:22:26.0919 0xcd64  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
15:22:26.0931 0xcd64  DeviceInstall - ok
15:22:26.0934 0xcd64  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
15:22:26.0945 0xcd64  Dfsc - ok
15:22:26.0952 0xcd64  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
15:22:26.0967 0xcd64  Dhcp - ok
15:22:26.0973 0xcd64  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
15:22:26.0981 0xcd64  disk - ok
15:22:26.0984 0xcd64  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
15:22:26.0992 0xcd64  dmvsc - ok
15:22:26.0998 0xcd64  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
15:22:27.0010 0xcd64  Dnscache - ok
15:22:27.0017 0xcd64  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
15:22:27.0030 0xcd64  dot3svc - ok
15:22:27.0035 0xcd64  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
15:22:27.0051 0xcd64  DPS - ok
15:22:27.0055 0xcd64  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
15:22:27.0060 0xcd64  drmkaud - ok
15:22:27.0068 0xcd64  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
15:22:27.0085 0xcd64  DsmSvc - ok
15:22:27.0125 0xcd64  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
15:22:27.0165 0xcd64  DXGKrnl - ok
15:22:27.0182 0xcd64  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
15:22:27.0197 0xcd64  e1iexpress - ok
15:22:27.0201 0xcd64  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
15:22:27.0212 0xcd64  Eaphost - ok
15:22:27.0267 0xcd64  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
15:22:27.0337 0xcd64  ebdrv - ok
15:22:27.0342 0xcd64  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
15:22:27.0350 0xcd64  EFS - ok
15:22:27.0352 0xcd64  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
15:22:27.0360 0xcd64  EhStorClass - ok
15:22:27.0364 0xcd64  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
15:22:27.0372 0xcd64  EhStorTcgDrv - ok
15:22:27.0375 0xcd64  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
15:22:27.0381 0xcd64  ErrDev - ok
15:22:27.0392 0xcd64  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
15:22:27.0408 0xcd64  EventSystem - ok
15:22:27.0414 0xcd64  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
15:22:27.0427 0xcd64  exfat - ok
15:22:27.0433 0xcd64  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
15:22:27.0442 0xcd64  fastfat - ok
15:22:27.0454 0xcd64  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
15:22:27.0474 0xcd64  Fax - ok
15:22:27.0478 0xcd64  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
15:22:27.0486 0xcd64  fdc - ok
15:22:27.0488 0xcd64  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
15:22:27.0500 0xcd64  fdPHost - ok
15:22:27.0503 0xcd64  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
15:22:27.0515 0xcd64  FDResPub - ok
15:22:27.0520 0xcd64  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
15:22:27.0532 0xcd64  fhsvc - ok
15:22:27.0535 0xcd64  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
15:22:27.0543 0xcd64  FileInfo - ok
15:22:27.0545 0xcd64  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
15:22:27.0557 0xcd64  Filetrace - ok
15:22:27.0560 0xcd64  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
15:22:27.0567 0xcd64  flpydisk - ok
15:22:27.0576 0xcd64  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
15:22:27.0588 0xcd64  FltMgr - ok
15:22:27.0611 0xcd64  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
15:22:27.0640 0xcd64  FontCache - ok
15:22:27.0645 0xcd64  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:22:27.0650 0xcd64  FontCache3.0.0.0 - ok
15:22:27.0653 0xcd64  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
15:22:27.0659 0xcd64  FsDepends - ok
15:22:27.0662 0xcd64  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
15:22:27.0668 0xcd64  Fs_Rec - ok
15:22:27.0680 0xcd64  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
15:22:27.0696 0xcd64  fvevol - ok
15:22:27.0699 0xcd64  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
15:22:27.0706 0xcd64  FxPPM - ok
15:22:27.0710 0xcd64  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
15:22:27.0717 0xcd64  gagp30kx - ok
15:22:27.0720 0xcd64  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:22:27.0725 0xcd64  GEARAspiWDM - ok
15:22:27.0727 0xcd64  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
15:22:27.0734 0xcd64  gencounter - ok
15:22:27.0835 0xcd64  [ 0C52567F023D0F05F4EFC26F607D415B, 168D2AAB2F9CF8DE4A894DE3B2A5C67F1DAD758DBEC95FCFF4D752645BB37C38 ] GfExperienceService E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:22:27.0869 0xcd64  GfExperienceService - ok
15:22:27.0876 0xcd64  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
15:22:27.0886 0xcd64  GPIOClx0101 - ok
15:22:27.0906 0xcd64  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
15:22:27.0935 0xcd64  gpsvc - ok
15:22:27.0962 0xcd64  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:27.0968 0xcd64  gupdate - ok
15:22:27.0972 0xcd64  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:22:27.0977 0xcd64  gupdatem - ok
15:22:27.0980 0xcd64  [ E2854E61B36D83C03A39E1EBD57D85F8, 0B1D543053CF44A140C9EE35A3E03704FB469C972CB6E62CDA4EF39D34301BD3 ] Hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
15:22:27.0984 0xcd64  Hamachi - detected UnsignedFile.Multi.Generic ( 1 )
15:22:30.0395 0xcd64  Detect skipped due to KSN trusted
15:22:30.0395 0xcd64  Hamachi - ok
15:22:30.0433 0xcd64  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
15:22:30.0465 0xcd64  HdAudAddService - ok
15:22:30.0472 0xcd64  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
15:22:30.0483 0xcd64  HDAudBus - ok
15:22:30.0486 0xcd64  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
15:22:30.0496 0xcd64  HidBatt - ok
15:22:30.0500 0xcd64  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
15:22:30.0510 0xcd64  HidBth - ok
15:22:30.0513 0xcd64  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
15:22:30.0521 0xcd64  hidi2c - ok
15:22:30.0524 0xcd64  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
15:22:30.0532 0xcd64  HidIr - ok
15:22:30.0535 0xcd64  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
15:22:30.0545 0xcd64  hidserv - ok
15:22:30.0548 0xcd64  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
15:22:30.0556 0xcd64  HidUsb - ok
15:22:30.0560 0xcd64  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
15:22:30.0571 0xcd64  hkmsvc - ok
15:22:30.0577 0xcd64  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
15:22:30.0590 0xcd64  HomeGroupListener - ok
15:22:30.0599 0xcd64  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
15:22:30.0615 0xcd64  HomeGroupProvider - ok
15:22:30.0619 0xcd64  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
15:22:30.0626 0xcd64  HpSAMD - ok
15:22:30.0643 0xcd64  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
15:22:30.0668 0xcd64  HTTP - ok
15:22:30.0671 0xcd64  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
15:22:30.0677 0xcd64  hwpolicy - ok
15:22:30.0679 0xcd64  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
15:22:30.0687 0xcd64  hyperkbd - ok
15:22:30.0689 0xcd64  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
15:22:30.0697 0xcd64  HyperVideo - ok
15:22:30.0701 0xcd64  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
15:22:30.0710 0xcd64  i8042prt - ok
15:22:30.0713 0xcd64  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
15:22:30.0718 0xcd64  iaLPSSi_GPIO - ok
15:22:30.0721 0xcd64  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
15:22:30.0728 0xcd64  iaLPSSi_I2C - ok
15:22:30.0740 0xcd64  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
15:22:30.0755 0xcd64  iaStorAV - ok
15:22:30.0765 0xcd64  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
15:22:30.0779 0xcd64  iaStorV - ok
15:22:30.0781 0xcd64  IEEtwCollectorService - ok
15:22:30.0799 0xcd64  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
15:22:30.0825 0xcd64  IKEEXT - ok
15:22:30.0831 0xcd64  [ 26FBC0AEDE7C6A67781202E0E2ECB6A6, BEF9E7CB2B2DD7A8091483EC53B812CA3F079CEC949DE545ABED6BE617A9ED55 ] Intel(R) PROSet Monitoring Service C:\WINDOWS\system32\IProsetMonitor.exe
15:22:30.0839 0xcd64  Intel(R) PROSet Monitoring Service - ok
15:22:30.0842 0xcd64  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
15:22:30.0848 0xcd64  intelide - ok
15:22:30.0850 0xcd64  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
15:22:30.0857 0xcd64  intelpep - ok
15:22:30.0861 0xcd64  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
15:22:30.0870 0xcd64  intelppm - ok
15:22:30.0873 0xcd64  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
15:22:30.0884 0xcd64  IpFilterDriver - ok
15:22:30.0899 0xcd64  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
15:22:30.0923 0xcd64  iphlpsvc - ok
15:22:30.0926 0xcd64  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
15:22:30.0935 0xcd64  IPMIDRV - ok
15:22:30.0940 0xcd64  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
15:22:30.0949 0xcd64  IPNAT - ok
15:22:30.0985 0xcd64  [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service    E:\Program Files\iPod\bin\iPodService.exe
15:22:31.0000 0xcd64  iPod Service - ok
15:22:31.0003 0xcd64  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
15:22:31.0012 0xcd64  IRENUM - ok
15:22:31.0015 0xcd64  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
15:22:31.0021 0xcd64  isapnp - ok
15:22:31.0031 0xcd64  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
15:22:31.0044 0xcd64  iScsiPrt - ok
15:22:31.0047 0xcd64  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
15:22:31.0054 0xcd64  kbdclass - ok
15:22:31.0057 0xcd64  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
15:22:31.0066 0xcd64  kbdhid - ok
15:22:31.0068 0xcd64  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
15:22:31.0077 0xcd64  kdnic - ok
15:22:31.0080 0xcd64  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
15:22:31.0088 0xcd64  KeyIso - ok
15:22:31.0100 0xcd64  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
15:22:31.0114 0xcd64  KSecDD - ok
15:22:31.0120 0xcd64  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
15:22:31.0129 0xcd64  KSecPkg - ok
15:22:31.0132 0xcd64  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
15:22:31.0141 0xcd64  ksthunk - ok
15:22:31.0148 0xcd64  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
15:22:31.0163 0xcd64  KtmRm - ok
15:22:31.0171 0xcd64  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
15:22:31.0187 0xcd64  LanmanServer - ok
15:22:31.0193 0xcd64  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
15:22:31.0208 0xcd64  LanmanWorkstation - ok
15:22:31.0217 0xcd64  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
15:22:31.0234 0xcd64  lfsvc - ok
15:22:31.0237 0xcd64  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
15:22:31.0248 0xcd64  lltdio - ok
15:22:31.0254 0xcd64  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
15:22:31.0269 0xcd64  lltdsvc - ok
15:22:31.0271 0xcd64  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
15:22:31.0281 0xcd64  lmhosts - ok
15:22:31.0285 0xcd64  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
15:22:31.0294 0xcd64  LSI_SAS - ok
15:22:31.0297 0xcd64  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
15:22:31.0305 0xcd64  LSI_SAS2 - ok
15:22:31.0308 0xcd64  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
15:22:31.0316 0xcd64  LSI_SAS3 - ok
15:22:31.0319 0xcd64  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
15:22:31.0327 0xcd64  LSI_SSS - ok
15:22:31.0339 0xcd64  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
15:22:31.0359 0xcd64  LSM - ok
15:22:31.0364 0xcd64  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
15:22:31.0374 0xcd64  luafv - ok
15:22:31.0377 0xcd64  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
15:22:31.0384 0xcd64  megasas - ok
15:22:31.0395 0xcd64  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
15:22:31.0411 0xcd64  megasr - ok
15:22:31.0416 0xcd64  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
15:22:31.0422 0xcd64  MEIx64 - ok
15:22:31.0425 0xcd64  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
15:22:31.0435 0xcd64  MMCSS - ok
15:22:31.0437 0xcd64  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
15:22:31.0447 0xcd64  Modem - ok
15:22:31.0450 0xcd64  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
15:22:31.0460 0xcd64  monitor - ok
15:22:31.0464 0xcd64  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
15:22:31.0471 0xcd64  mouclass - ok
15:22:31.0474 0xcd64  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
15:22:31.0482 0xcd64  mouhid - ok
15:22:31.0486 0xcd64  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
15:22:31.0493 0xcd64  mountmgr - ok
15:22:31.0531 0xcd64  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:22:31.0553 0xcd64  MozillaMaintenance - ok
15:22:31.0556 0xcd64  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
15:22:31.0566 0xcd64  mpsdrv - ok
15:22:31.0582 0xcd64  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
15:22:31.0605 0xcd64  MpsSvc - ok
15:22:31.0611 0xcd64  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
15:22:31.0621 0xcd64  MRxDAV - ok
15:22:31.0629 0xcd64  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
15:22:31.0644 0xcd64  mrxsmb - ok
15:22:31.0651 0xcd64  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
15:22:31.0664 0xcd64  mrxsmb10 - ok
15:22:31.0670 0xcd64  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
15:22:31.0680 0xcd64  mrxsmb20 - ok
15:22:31.0684 0xcd64  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
15:22:31.0695 0xcd64  MsBridge - ok
15:22:31.0699 0xcd64  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
15:22:31.0710 0xcd64  MSDTC - ok
15:22:31.0714 0xcd64  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
15:22:31.0723 0xcd64  Msfs - ok
15:22:31.0726 0xcd64  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
15:22:31.0734 0xcd64  msgpiowin32 - ok
15:22:31.0736 0xcd64  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
15:22:31.0744 0xcd64  mshidkmdf - ok
15:22:31.0746 0xcd64  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
15:22:31.0754 0xcd64  mshidumdf - ok
15:22:31.0756 0xcd64  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
15:22:31.0762 0xcd64  msisadrv - ok
15:22:31.0767 0xcd64  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
15:22:31.0778 0xcd64  MSiSCSI - ok
15:22:31.0780 0xcd64  msiserver - ok
15:22:31.0782 0xcd64  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
15:22:31.0790 0xcd64  MSKSSRV - ok
15:22:31.0794 0xcd64  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
15:22:31.0803 0xcd64  MsLldp - ok
15:22:31.0805 0xcd64  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
15:22:31.0813 0xcd64  MSPCLOCK - ok
15:22:31.0815 0xcd64  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
15:22:31.0823 0xcd64  MSPQM - ok
15:22:31.0831 0xcd64  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
15:22:31.0844 0xcd64  MsRPC - ok
15:22:31.0848 0xcd64  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
15:22:31.0854 0xcd64  mssmbios - ok
15:22:31.0856 0xcd64  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
15:22:31.0863 0xcd64  MSTEE - ok
15:22:31.0866 0xcd64  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
15:22:31.0874 0xcd64  MTConfig - ok
15:22:31.0878 0xcd64  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
15:22:31.0885 0xcd64  Mup - ok
15:22:31.0888 0xcd64  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
15:22:31.0895 0xcd64  mvumis - ok
15:22:31.0905 0xcd64  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
15:22:31.0923 0xcd64  napagent - ok
15:22:32.0010 0xcd64  NasPmService - ok
15:22:32.0042 0xcd64  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
15:22:32.0078 0xcd64  NativeWifiP - ok
15:22:32.0086 0xcd64  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
15:22:32.0101 0xcd64  NcaSvc - ok
15:22:32.0106 0xcd64  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
15:22:32.0118 0xcd64  NcbService - ok
15:22:32.0122 0xcd64  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
15:22:32.0142 0xcd64  NcdAutoSetup - ok
15:22:32.0187 0xcd64  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
15:22:32.0215 0xcd64  NDIS - ok
15:22:32.0219 0xcd64  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
15:22:32.0229 0xcd64  NdisCap - ok
15:22:32.0233 0xcd64  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
15:22:32.0244 0xcd64  NdisImPlatform - ok
15:22:32.0247 0xcd64  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
15:22:32.0256 0xcd64  NdisTapi - ok
15:22:32.0259 0xcd64  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
15:22:32.0268 0xcd64  Ndisuio - ok
15:22:32.0270 0xcd64  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
15:22:32.0279 0xcd64  NdisVirtualBus - ok
15:22:32.0284 0xcd64  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:22:32.0297 0xcd64  NdisWan - ok
15:22:32.0302 0xcd64  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
15:22:32.0313 0xcd64  NdisWanLegacy - ok
15:22:32.0316 0xcd64  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
15:22:32.0326 0xcd64  NDProxy - ok
15:22:32.0329 0xcd64  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
15:22:32.0341 0xcd64  Ndu - ok
15:22:32.0344 0xcd64  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
15:22:32.0354 0xcd64  NetBIOS - ok
15:22:32.0361 0xcd64  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
15:22:32.0374 0xcd64  NetBT - ok
15:22:32.0377 0xcd64  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
15:22:32.0384 0xcd64  Netlogon - ok
15:22:32.0392 0xcd64  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
15:22:32.0408 0xcd64  Netman - ok
15:22:32.0425 0xcd64  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
15:22:32.0445 0xcd64  netprofm - ok
15:22:32.0461 0xcd64  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:22:32.0471 0xcd64  NetTcpPortSharing - ok
15:22:32.0475 0xcd64  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
15:22:32.0484 0xcd64  netvsc - ok
15:22:32.0495 0xcd64  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
15:22:32.0512 0xcd64  NlaSvc - ok
15:22:32.0515 0xcd64  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
15:22:32.0525 0xcd64  Npfs - ok
15:22:32.0528 0xcd64  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
15:22:32.0536 0xcd64  npsvctrig - ok
15:22:32.0538 0xcd64  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
15:22:32.0548 0xcd64  nsi - ok
15:22:32.0550 0xcd64  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
15:22:32.0559 0xcd64  nsiproxy - ok
15:22:32.0589 0xcd64  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
15:22:32.0631 0xcd64  Ntfs - ok
15:22:32.0636 0xcd64  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
15:22:32.0645 0xcd64  Null - ok
15:22:32.0650 0xcd64  [ 7E4355930B28C2798D9F09AB9F81151F, 941C730F3B75BDF99639E76350031EDD15F18D8D860F3B1282C28B62096E7717 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
15:22:32.0657 0xcd64  NVHDA - ok
15:22:32.0805 0xcd64  [ ED4D88A04D22E6B00DB6BC8FACDBAFED, 38DDB9B353D3A24DD8390C6FB58FD513B46F9F715BC7E68D0958E78EACC3D3FA ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
15:22:32.0974 0xcd64  nvlddmkm - ok
15:22:33.0066 0xcd64  [ DDF6920EBE96B0304279834F2EE2193E, F631974EE3659EC01863C2502FD26A45A237A59B9B005E5B1F9F78357CCBB974 ] NvNetworkService E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:22:33.0100 0xcd64  NvNetworkService - ok
15:22:33.0106 0xcd64  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
15:22:33.0115 0xcd64  nvraid - ok
15:22:33.0120 0xcd64  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
15:22:33.0129 0xcd64  nvstor - ok
15:22:33.0177 0xcd64  [ 0C4A0D577A6EF1B9D353851668779944, 70E866AD50809CC80F167796C516190918A542F7767A8841948E656F36877AFE ] NvStreamKms     E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:22:33.0182 0xcd64  NvStreamKms - ok
15:22:33.0642 0xcd64  [ BC00A5B3A9F759F7B1DD0A5868C4492F, 23058E56016B836339AACDB0D42E074FB4EF560C27831F6228A455D70585D1EE ] NvStreamSvc     E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
15:22:33.0912 0xcd64  NvStreamSvc - ok
15:22:33.0955 0xcd64  [ B7CD89EFA562A991F2864EFD3147473A, D38BAE7883BC073562C3C77DF59663B820CFE8305A3319C6E5CF8E48752E18C1 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
15:22:33.0973 0xcd64  nvsvc - ok
15:22:33.0977 0xcd64  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
15:22:33.0982 0xcd64  nvvad_WaveExtensible - ok
15:22:33.0986 0xcd64  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
15:22:33.0994 0xcd64  nv_agp - ok
15:22:34.0103 0xcd64  [ 8703DA402DE75EE272B9679F34469D2B, B437A0D5E3E79337AA3E8DDC3630D3DC2E5E96F2432664AF30911BCCD4270A8C ] Origin Client Service E:\Program Files (x86)\Origin\OriginClientService.exe
15:22:34.0141 0xcd64  Origin Client Service - ok
15:22:34.0173 0xcd64  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:22:34.0181 0xcd64  ose - ok
15:22:34.0329 0xcd64  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:22:34.0458 0xcd64  osppsvc - ok
15:22:34.0470 0xcd64  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
15:22:34.0487 0xcd64  p2pimsvc - ok
15:22:34.0503 0xcd64  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
15:22:34.0527 0xcd64  p2psvc - ok
15:22:34.0532 0xcd64  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
15:22:34.0553 0xcd64  Parport - ok
15:22:34.0561 0xcd64  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
15:22:34.0572 0xcd64  partmgr - ok
15:22:34.0582 0xcd64  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
15:22:34.0598 0xcd64  PcaSvc - ok
15:22:34.0606 0xcd64  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
15:22:34.0618 0xcd64  pci - ok
15:22:34.0621 0xcd64  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
15:22:34.0627 0xcd64  pciide - ok
15:22:34.0632 0xcd64  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
15:22:34.0640 0xcd64  pcmcia - ok
15:22:34.0642 0xcd64  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
15:22:34.0649 0xcd64  pcw - ok
15:22:34.0652 0xcd64  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
15:22:34.0660 0xcd64  pdc - ok
15:22:34.0671 0xcd64  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
15:22:34.0690 0xcd64  PEAUTH - ok
15:22:34.0702 0xcd64  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
15:22:34.0712 0xcd64  PerfHost - ok
15:22:34.0736 0xcd64  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
15:22:34.0772 0xcd64  pla - ok
15:22:34.0777 0xcd64  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
15:22:34.0787 0xcd64  PlugPlay - ok
15:22:34.0791 0xcd64  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\WINDOWS\system32\PnkBstrA.exe
15:22:34.0798 0xcd64  PnkBstrA - ok
15:22:34.0800 0xcd64  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
15:22:34.0810 0xcd64  PNRPAutoReg - ok
15:22:34.0821 0xcd64  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
15:22:34.0835 0xcd64  PNRPsvc - ok
15:22:34.0838 0xcd64  [ 8E0ACA1C5D6516E5E2E7A7AA5D44D704, 9CCE2FCBEDD21E1EA4A0476B4886DC6C6493CCBAB27AF23E83B0B0B646D8C520 ] Point64         C:\WINDOWS\System32\drivers\point64.sys
15:22:34.0843 0xcd64  Point64 - ok
15:22:34.0851 0xcd64  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
15:22:34.0866 0xcd64  PolicyAgent - ok
15:22:34.0870 0xcd64  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
15:22:34.0882 0xcd64  Power - ok
15:22:34.0946 0xcd64  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:22:34.0997 0xcd64  PrintNotify - ok
15:22:35.0004 0xcd64  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
15:22:35.0013 0xcd64  Processor - ok
15:22:35.0018 0xcd64  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
15:22:35.0031 0xcd64  ProfSvc - ok
15:22:35.0036 0xcd64  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
15:22:35.0047 0xcd64  Psched - ok
15:22:35.0054 0xcd64  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
15:22:35.0069 0xcd64  QWAVE - ok
15:22:35.0071 0xcd64  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
15:22:35.0081 0xcd64  QWAVEdrv - ok
15:22:35.0085 0xcd64  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
15:22:35.0094 0xcd64  RasAcd - ok
15:22:35.0097 0xcd64  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
15:22:35.0110 0xcd64  RasAuto - ok
15:22:35.0120 0xcd64  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
15:22:35.0137 0xcd64  RasMan - ok
15:22:35.0141 0xcd64  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
15:22:35.0151 0xcd64  RasPppoe - ok
15:22:35.0221 0xcd64  [ 3B4642DE518A76310C62EEB9A64F771A, 198CF37D779FF9D3D529CF8C222A0A35D04AE3EF69D7861FB3F14D5CC3B3406C ] Razer Game Scanner Service E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
15:22:35.0245 0xcd64  Razer Game Scanner Service - ok
15:22:35.0258 0xcd64  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
15:22:35.0277 0xcd64  rdbss - ok
15:22:35.0281 0xcd64  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
15:22:35.0289 0xcd64  rdpbus - ok
15:22:35.0295 0xcd64  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
15:22:35.0306 0xcd64  RDPDR - ok
15:22:35.0310 0xcd64  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
15:22:35.0316 0xcd64  RdpVideoMiniport - ok
15:22:35.0322 0xcd64  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
15:22:35.0332 0xcd64  rdyboost - ok
15:22:35.0351 0xcd64  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
15:22:35.0375 0xcd64  ReFS - ok
15:22:35.0381 0xcd64  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
15:22:35.0394 0xcd64  RemoteAccess - ok
15:22:35.0399 0xcd64  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
15:22:35.0413 0xcd64  RemoteRegistry - ok
15:22:35.0417 0xcd64  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
15:22:35.0429 0xcd64  RpcEptMapper - ok
15:22:35.0431 0xcd64  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
15:22:35.0439 0xcd64  RpcLocator - ok
15:22:35.0452 0xcd64  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
15:22:35.0472 0xcd64  RpcSs - ok
15:22:35.0476 0xcd64  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
15:22:35.0487 0xcd64  rspndr - ok
15:22:35.0490 0xcd64  [ 41F8F530DEDCF7DB8C567E527658A088, C859269018CC51D8557C33B45FD0ED9B1F80D505DEBC581249F6FB4648E22DEB ] rzendpt         C:\WINDOWS\System32\drivers\rzendpt.sys
15:22:35.0495 0xcd64  rzendpt - ok
15:22:35.0497 0xcd64  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] rzpmgrk         C:\WINDOWS\system32\drivers\rzpmgrk.sys
15:22:35.0502 0xcd64  rzpmgrk - ok
15:22:35.0506 0xcd64  [ FEF60A37301E1F5A3020FA3487FB2CD7, 0C925468C3376458D0E1EC65E097BD1A81A03901035C0195E8F6EF904EF3F901 ] rzpnk           C:\WINDOWS\system32\drivers\rzpnk.sys
15:22:35.0513 0xcd64  rzpnk - ok
15:22:35.0517 0xcd64  [ C2A49525F6CEEED97A1D9FC950AAF863, DAA57C1C446861C733D3BE668EB247E40CE3871EF8FA0BB91CEB074B7357E0D8 ] rzudd           C:\WINDOWS\System32\drivers\rzudd.sys
15:22:35.0524 0xcd64  rzudd - ok
15:22:35.0527 0xcd64  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
15:22:35.0535 0xcd64  s3cap - ok
15:22:35.0537 0xcd64  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
15:22:35.0545 0xcd64  SamSs - ok
15:22:35.0549 0xcd64  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
15:22:35.0557 0xcd64  sbp2port - ok
15:22:35.0562 0xcd64  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
15:22:35.0576 0xcd64  SCardSvr - ok
15:22:35.0581 0xcd64  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
15:22:35.0593 0xcd64  ScDeviceEnum - ok
15:22:35.0596 0xcd64  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
15:22:35.0605 0xcd64  scfilter - ok
15:22:35.0626 0xcd64  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
15:22:35.0654 0xcd64  Schedule - ok
15:22:35.0660 0xcd64  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
15:22:35.0671 0xcd64  SCPolicySvc - ok
15:22:35.0678 0xcd64  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
15:22:35.0689 0xcd64  sdbus - ok
15:22:35.0693 0xcd64  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
15:22:35.0700 0xcd64  sdstor - ok
15:22:35.0702 0xcd64  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
15:22:35.0710 0xcd64  secdrv - ok
15:22:35.0713 0xcd64  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
15:22:35.0724 0xcd64  seclogon - ok
15:22:35.0727 0xcd64  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
15:22:35.0741 0xcd64  SENS - ok
15:22:35.0746 0xcd64  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
15:22:35.0759 0xcd64  SensrSvc - ok
15:22:35.0762 0xcd64  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
15:22:35.0770 0xcd64  SerCx - ok
15:22:35.0775 0xcd64  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
15:22:35.0783 0xcd64  SerCx2 - ok
15:22:35.0786 0xcd64  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
15:22:35.0793 0xcd64  Serenum - ok
15:22:35.0797 0xcd64  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
15:22:35.0806 0xcd64  Serial - ok
15:22:35.0809 0xcd64  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
15:22:35.0817 0xcd64  sermouse - ok
15:22:35.0826 0xcd64  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
15:22:35.0841 0xcd64  SessionEnv - ok
15:22:35.0844 0xcd64  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
15:22:35.0852 0xcd64  sfloppy - ok
15:22:35.0860 0xcd64  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
15:22:35.0875 0xcd64  SharedAccess - ok
15:22:35.0887 0xcd64  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
15:22:35.0909 0xcd64  ShellHWDetection - ok
15:22:35.0914 0xcd64  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
15:22:35.0921 0xcd64  SiSRaid2 - ok
15:22:35.0925 0xcd64  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
15:22:35.0932 0xcd64  SiSRaid4 - ok
15:22:35.0998 0xcd64  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     E:\Program Files (x86)\Skype\Updater\Updater.exe
15:22:36.0027 0xcd64  SkypeUpdate - ok
15:22:36.0031 0xcd64  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
15:22:36.0048 0xcd64  smphost - ok
15:22:36.0053 0xcd64  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
15:22:36.0065 0xcd64  SNMPTRAP - ok
15:22:36.0077 0xcd64  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
15:22:36.0094 0xcd64  spaceport - ok
15:22:36.0100 0xcd64  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
15:22:36.0117 0xcd64  SpbCx - ok
15:22:36.0135 0xcd64  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
15:22:36.0159 0xcd64  Spooler - ok
15:22:36.0246 0xcd64  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
15:22:36.0370 0xcd64  sppsvc - ok
15:22:36.0383 0xcd64  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
15:22:36.0398 0xcd64  srv - ok
15:22:36.0409 0xcd64  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
15:22:36.0427 0xcd64  srv2 - ok
15:22:36.0433 0xcd64  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
15:22:36.0445 0xcd64  srvnet - ok
15:22:36.0451 0xcd64  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
15:22:36.0466 0xcd64  SSDPSRV - ok
15:22:36.0471 0xcd64  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
15:22:36.0484 0xcd64  SstpSvc - ok
15:22:36.0534 0xcd64  [ CD30FC0824560F9FEA44661F2AE7B18D, C4CC7FEA175AB699F790DE5C63C89F177CD0ECA6463A0B723C2698EB6B85D628 ] Steam Client Service E:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:22:36.0549 0xcd64  Steam Client Service - ok
15:22:36.0589 0xcd64  [ E7AF8F82C69A5E9B2CC46633BCBBAAEE, D7FC81DB72A1A96219335AFF861ADD82BEC115CBCB70C6765058E1D76702403C ] Stereo Service  E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:22:36.0621 0xcd64  Stereo Service - ok
15:22:36.0625 0xcd64  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
15:22:36.0633 0xcd64  stexstor - ok
15:22:36.0648 0xcd64  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
15:22:36.0675 0xcd64  stisvc - ok
15:22:36.0682 0xcd64  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
15:22:36.0690 0xcd64  storahci - ok
15:22:36.0692 0xcd64  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
15:22:36.0701 0xcd64  storflt - ok
15:22:36.0705 0xcd64  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
15:22:36.0716 0xcd64  stornvme - ok
15:22:36.0722 0xcd64  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
15:22:36.0739 0xcd64  StorSvc - ok
15:22:36.0743 0xcd64  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
15:22:36.0750 0xcd64  storvsc - ok
15:22:36.0752 0xcd64  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
15:22:36.0764 0xcd64  svsvc - ok
15:22:36.0767 0xcd64  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
15:22:36.0773 0xcd64  swenum - ok
15:22:36.0785 0xcd64  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
15:22:36.0806 0xcd64  swprv - ok
15:22:36.0826 0xcd64  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
15:22:36.0855 0xcd64  SysMain - ok
15:22:36.0862 0xcd64  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
15:22:36.0877 0xcd64  SystemEventsBroker - ok
15:22:36.0882 0xcd64  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
15:22:36.0897 0xcd64  TabletInputService - ok
15:22:36.0911 0xcd64  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
15:22:36.0934 0xcd64  TapiSrv - ok
15:22:37.0020 0xcd64  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
15:22:37.0079 0xcd64  Tcpip - ok
15:22:37.0118 0xcd64  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
15:22:37.0162 0xcd64  TCPIP6 - ok
15:22:37.0207 0xcd64  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
15:22:37.0224 0xcd64  tcpipreg - ok
15:22:37.0236 0xcd64  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
15:22:37.0258 0xcd64  tdx - ok
15:22:37.0263 0xcd64  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
15:22:37.0274 0xcd64  terminpt - ok
15:22:37.0294 0xcd64  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
15:22:37.0322 0xcd64  TermService - ok
15:22:37.0330 0xcd64  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
15:22:37.0350 0xcd64  Themes - ok
15:22:37.0355 0xcd64  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
15:22:37.0365 0xcd64  THREADORDER - ok
15:22:37.0373 0xcd64  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
15:22:37.0395 0xcd64  TimeBroker - ok
15:22:37.0401 0xcd64  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
15:22:37.0414 0xcd64  TPM - ok
15:22:37.0422 0xcd64  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
15:22:37.0437 0xcd64  TrkWks - ok
15:22:37.0441 0xcd64  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
15:22:37.0451 0xcd64  TrustedInstaller - ok
15:22:37.0454 0xcd64  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
15:22:37.0464 0xcd64  TsUsbFlt - ok
15:22:37.0467 0xcd64  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
15:22:37.0476 0xcd64  TsUsbGD - ok
15:22:37.0480 0xcd64  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
15:22:37.0492 0xcd64  tunnel - ok
15:22:37.0495 0xcd64  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
15:22:37.0502 0xcd64  uagp35 - ok
15:22:37.0506 0xcd64  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
15:22:37.0514 0xcd64  UASPStor - ok
15:22:37.0519 0xcd64  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
15:22:37.0530 0xcd64  UCX01000 - ok
15:22:37.0538 0xcd64  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
15:22:37.0555 0xcd64  udfs - ok
15:22:37.0558 0xcd64  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
15:22:37.0564 0xcd64  UEFI - ok
15:22:37.0569 0xcd64  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
15:22:37.0581 0xcd64  UI0Detect - ok
15:22:37.0584 0xcd64  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
15:22:37.0591 0xcd64  uliagpkx - ok
15:22:37.0595 0xcd64  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
15:22:37.0603 0xcd64  umbus - ok
15:22:37.0605 0xcd64  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
15:22:37.0613 0xcd64  UmPass - ok
15:22:37.0621 0xcd64  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
15:22:37.0636 0xcd64  UmRdpService - ok
15:22:37.0645 0xcd64  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
15:22:37.0663 0xcd64  upnphost - ok
15:22:37.0666 0xcd64  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
15:22:37.0675 0xcd64  USBAAPL64 - ok
15:22:37.0680 0xcd64  [ DF355EB0199198728027962DCFCDE5FB, 9E158BD07389B4CFF99674716647FA3AABEECBD1A98EDF20E544E099A99A8768 ] usbaudio        C:\WINDOWS\system32\drivers\usbaudio.sys
15:22:37.0690 0xcd64  usbaudio - ok
15:22:37.0696 0xcd64  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
15:22:37.0704 0xcd64  usbccgp - ok
15:22:37.0708 0xcd64  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
15:22:37.0718 0xcd64  usbcir - ok
15:22:37.0722 0xcd64  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
15:22:37.0729 0xcd64  usbehci - ok
15:22:37.0744 0xcd64  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
15:22:37.0760 0xcd64  usbhub - ok
15:22:37.0774 0xcd64  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
15:22:37.0792 0xcd64  USBHUB3 - ok
15:22:37.0795 0xcd64  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
15:22:37.0804 0xcd64  usbohci - ok
15:22:37.0807 0xcd64  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
15:22:37.0817 0xcd64  usbprint - ok
15:22:37.0820 0xcd64  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
15:22:37.0829 0xcd64  usbscan - ok
15:22:37.0834 0xcd64  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
15:22:37.0842 0xcd64  USBSTOR - ok
15:22:37.0845 0xcd64  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
15:22:37.0854 0xcd64  usbuhci - ok
15:22:37.0862 0xcd64  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
15:22:37.0876 0xcd64  USBXHCI - ok
15:22:37.0878 0xcd64  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
15:22:37.0886 0xcd64  VaultSvc - ok
15:22:37.0888 0xcd64  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
15:22:37.0895 0xcd64  vdrvroot - ok
15:22:37.0916 0xcd64  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
15:22:37.0951 0xcd64  vds - ok
15:22:37.0960 0xcd64  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
15:22:37.0971 0xcd64  VerifierExt - ok
15:22:38.0002 0xcd64  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
15:22:38.0036 0xcd64  vhdmp - ok
15:22:38.0038 0xcd64  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
15:22:38.0045 0xcd64  viaide - ok
15:22:38.0054 0xcd64  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
15:22:38.0063 0xcd64  vmbus - ok
15:22:38.0069 0xcd64  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
15:22:38.0081 0xcd64  VMBusHID - ok
15:22:38.0091 0xcd64  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
15:22:38.0108 0xcd64  vmicguestinterface - ok
15:22:38.0118 0xcd64  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
15:22:38.0133 0xcd64  vmicheartbeat - ok
15:22:38.0142 0xcd64  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
15:22:38.0156 0xcd64  vmickvpexchange - ok
15:22:38.0166 0xcd64  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
15:22:38.0180 0xcd64  vmicrdv - ok
15:22:38.0190 0xcd64  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
15:22:38.0204 0xcd64  vmicshutdown - ok
15:22:38.0214 0xcd64  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
15:22:38.0228 0xcd64  vmictimesync - ok
15:22:38.0239 0xcd64  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
15:22:38.0253 0xcd64  vmicvss - ok
15:22:38.0260 0xcd64  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
15:22:38.0271 0xcd64  volmgr - ok
15:22:38.0281 0xcd64  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
15:22:38.0297 0xcd64  volmgrx - ok
15:22:38.0316 0xcd64  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
15:22:38.0336 0xcd64  volsnap - ok
15:22:38.0339 0xcd64  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
15:22:38.0346 0xcd64  vpci - ok
15:22:38.0350 0xcd64  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
15:22:38.0359 0xcd64  vsmraid - ok
15:22:38.0382 0xcd64  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
15:22:38.0414 0xcd64  VSS - ok
15:22:38.0422 0xcd64  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
15:22:38.0433 0xcd64  VSTXRAID - ok
15:22:38.0437 0xcd64  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
15:22:38.0446 0xcd64  vwifibus - ok
15:22:38.0455 0xcd64  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
15:22:38.0474 0xcd64  W32Time - ok
15:22:38.0476 0xcd64  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
15:22:38.0485 0xcd64  WacomPen - ok
15:22:38.0507 0xcd64  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
15:22:38.0541 0xcd64  wbengine - ok
15:22:38.0553 0xcd64  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
15:22:38.0570 0xcd64  WbioSrvc - ok
15:22:38.0581 0xcd64  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
15:22:38.0600 0xcd64  Wcmsvc - ok
15:22:38.0615 0xcd64  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
15:22:38.0634 0xcd64  wcncsvc - ok
15:22:38.0641 0xcd64  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
15:22:38.0661 0xcd64  WcsPlugInService - ok
15:22:38.0664 0xcd64  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
15:22:38.0671 0xcd64  WdBoot - ok
15:22:38.0684 0xcd64  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
15:22:38.0704 0xcd64  Wdf01000 - ok
15:22:38.0711 0xcd64  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
15:22:38.0721 0xcd64  WdFilter - ok
15:22:38.0725 0xcd64  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
15:22:38.0739 0xcd64  WdiServiceHost - ok
15:22:38.0742 0xcd64  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
15:22:38.0756 0xcd64  WdiSystemHost - ok
15:22:38.0760 0xcd64  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
15:22:38.0768 0xcd64  WdNisDrv - ok
15:22:38.0788 0xcd64  WdNisSvc - ok
15:22:38.0794 0xcd64  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\WINDOWS\System32\webclnt.dll
15:22:38.0807 0xcd64  WebClient - ok
15:22:38.0815 0xcd64  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
15:22:38.0830 0xcd64  Wecsvc - ok
15:22:38.0832 0xcd64  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
15:22:38.0845 0xcd64  WEPHOSTSVC - ok
15:22:38.0848 0xcd64  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
15:22:38.0862 0xcd64  wercplsupport - ok
15:22:38.0866 0xcd64  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
15:22:38.0879 0xcd64  WerSvc - ok
15:22:38.0883 0xcd64  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
15:22:38.0892 0xcd64  WFPLWFS - ok
15:22:38.0895 0xcd64  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
15:22:38.0906 0xcd64  WiaRpc - ok
15:22:38.0909 0xcd64  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
15:22:38.0916 0xcd64  WIMMount - ok
15:22:38.0917 0xcd64  WinDefend - ok
15:22:38.0934 0xcd64  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
15:22:38.0961 0xcd64  WinHttpAutoProxySvc - ok
15:22:38.0971 0xcd64  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
15:22:38.0985 0xcd64  Winmgmt - ok
15:22:39.0043 0xcd64  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
15:22:39.0095 0xcd64  WinRM - ok
15:22:39.0103 0xcd64  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
15:22:39.0113 0xcd64  WinUsb - ok
15:22:39.0136 0xcd64  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
15:22:39.0170 0xcd64  WlanSvc - ok
15:22:39.0198 0xcd64  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
15:22:39.0233 0xcd64  wlidsvc - ok
15:22:39.0237 0xcd64  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
15:22:39.0245 0xcd64  WmiAcpi - ok
15:22:39.0251 0xcd64  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
15:22:39.0262 0xcd64  wmiApSrv - ok
15:22:39.0280 0xcd64  WMPNetworkSvc - ok
15:22:39.0285 0xcd64  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
15:22:39.0294 0xcd64  Wof - ok
15:22:39.0321 0xcd64  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
15:22:39.0357 0xcd64  workfolderssvc - ok
15:22:39.0362 0xcd64  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
15:22:39.0369 0xcd64  wpcfltr - ok
15:22:39.0371 0xcd64  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
15:22:39.0382 0xcd64  WPCSvc - ok
15:22:39.0386 0xcd64  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
15:22:39.0398 0xcd64  WPDBusEnum - ok
15:22:39.0401 0xcd64  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
15:22:39.0407 0xcd64  WpdUpFltr - ok
15:22:39.0410 0xcd64  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
15:22:39.0420 0xcd64  ws2ifsl - ok
15:22:39.0424 0xcd64  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
15:22:39.0436 0xcd64  wscsvc - ok
15:22:39.0440 0xcd64  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
15:22:39.0449 0xcd64  WSDPrintDevice - ok
15:22:39.0451 0xcd64  WSearch - ok
15:22:39.0504 0xcd64  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
15:22:39.0578 0xcd64  WSService - ok
15:22:39.0634 0xcd64  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
15:22:39.0698 0xcd64  wuauserv - ok
15:22:39.0704 0xcd64  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
15:22:39.0713 0xcd64  WudfPf - ok
15:22:39.0719 0xcd64  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
15:22:39.0729 0xcd64  WUDFRd - ok
15:22:39.0734 0xcd64  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\WINDOWS\System32\drivers\WUDFRd.sys
15:22:39.0744 0xcd64  WUDFSensorLP - ok
15:22:39.0748 0xcd64  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
15:22:39.0759 0xcd64  wudfsvc - ok
15:22:39.0765 0xcd64  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:22:39.0774 0xcd64  WUDFWpdFs - ok
15:22:39.0780 0xcd64  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
15:22:39.0789 0xcd64  WUDFWpdMtp - ok
15:22:39.0801 0xcd64  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
15:22:39.0819 0xcd64  WwanSvc - ok
15:22:39.0824 0xcd64  [ A0F661902AFCAAD77CC2ED3894927A10, 0DCD860F7F4029EBFE1F409BA23CC8BAA55BC22084C81940FF170B665E4804BD ] xusb22          C:\WINDOWS\System32\drivers\xusb22.sys
15:22:39.0833 0xcd64  xusb22 - ok
15:22:39.0836 0xcd64  ================ Scan global ===============================
15:22:39.0839 0xcd64  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
15:22:39.0845 0xcd64  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
15:22:39.0853 0xcd64  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
15:22:39.0864 0xcd64  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
15:22:39.0871 0xcd64  [ Global ] - ok
15:22:39.0871 0xcd64  ================ Scan MBR ==================================
15:22:39.0873 0xcd64  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:22:39.0892 0xcd64  \Device\Harddisk0\DR0 - ok
15:22:39.0896 0xcd64  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:22:40.0631 0xcd64  \Device\Harddisk1\DR1 - ok
15:22:40.0632 0xcd64  ================ Scan VBR ==================================
15:22:40.0638 0xcd64  [ 5CB258282C4D158C4AF7DBDA74B91A26 ] \Device\Harddisk0\DR0\Partition1
15:22:40.0641 0xcd64  \Device\Harddisk0\DR0\Partition1 - ok
15:22:40.0646 0xcd64  [ D2F1733D19D05B3012071E0AAA646830 ] \Device\Harddisk0\DR0\Partition2
15:22:40.0648 0xcd64  \Device\Harddisk0\DR0\Partition2 - ok
15:22:40.0653 0xcd64  [ 2E31DA26F9F03F629C87C0206E56D788 ] \Device\Harddisk0\DR0\Partition3
15:22:40.0653 0xcd64  \Device\Harddisk0\DR0\Partition3 - ok
15:22:40.0660 0xcd64  [ FE5EA5FE462062B55417258D596842A3 ] \Device\Harddisk0\DR0\Partition4
15:22:40.0663 0xcd64  \Device\Harddisk0\DR0\Partition4 - ok
15:22:40.0668 0xcd64  [ 296EC25168FD3836D2BEAA9CE30C4CBB ] \Device\Harddisk0\DR0\Partition5
15:22:40.0671 0xcd64  \Device\Harddisk0\DR0\Partition5 - ok
15:22:40.0673 0xcd64  [ F45690B8455024D47BC4150CEFC7FFDF ] \Device\Harddisk1\DR1\Partition1
15:22:40.0711 0xcd64  \Device\Harddisk1\DR1\Partition1 - ok
15:22:40.0711 0xcd64  ================ Scan generic autorun ======================
15:22:40.0716 0xcd64  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\WINDOWS\system32\rundll32.exe
15:22:40.0739 0xcd64  ShadowPlay - ok
15:22:40.0826 0xcd64  [ 7304E21B92E538E2CC793EDF478AC034, 39992D4541E100E5D8199B2FB5B7C7DD7213F8BC84AEA1924C6EC46E8711BF28 ] E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:22:40.0863 0xcd64  NvBackend - ok
15:22:40.0906 0xcd64  [ C4642DD25768D4F8088DF9D2FC4EC380, CDC1F6A66E638F63C40DBD061AFC71AE2A5FD6CC4C2FDCE3BD9E71892213AC34 ] E:\Program Files\Classic Shell\ClassicStartMenu.exe
15:22:40.0914 0xcd64  Classic Start Menu - ok
15:22:40.0925 0xcd64  [ BE1DAE43DFBCA94FB6B4157C1B16923E, 889A5B65315613B8D29EF66EFEC7198C5EF13A698FC0B237948A5443BD27C9DA ] C:\WINDOWS\syswow64\RunDll32.exe
15:22:40.0938 0xcd64  Cmaudio8788 - ok
15:22:40.0943 0xcd64  [ 0740D338A42F7778760F2B0CB6DA5830, C6D275B4993502A155F85D8DE26B119866DEE106C98CF29CDAACBAF11484C94A ] C:\WINDOWS\syswow64\HsMgr.exe
15:22:40.0949 0xcd64  Cmaudio8788GX - detected UnsignedFile.Multi.Generic ( 1 )
15:22:43.0362 0xcd64  Detect skipped due to KSN trusted
15:22:43.0362 0xcd64  Cmaudio8788GX - ok
15:22:43.0382 0xcd64  [ BEF1B23AD0BBF805F02FAA01EAE0AF4E, 65CCFEC1F61E475A1F6759ECCA8DE1844A26AB7F827BC1F63339A0DFF554B039 ] C:\WINDOWS\system\HsMgr64.exe
15:22:43.0404 0xcd64  Cmaudio8788GX64 - detected UnsignedFile.Multi.Generic ( 1 )
15:22:45.0814 0xcd64  Detect skipped due to KSN trusted
15:22:45.0814 0xcd64  Cmaudio8788GX64 - ok
15:22:45.0852 0xcd64  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:22:45.0871 0xcd64  APSDaemon - ok
15:22:45.0959 0xcd64  [ 574600665D5BC5DFF376D4A5172E1A42, E1735D3AC188430F1A109718FFF2CC4789BD2F158D28C9E4321C7D38ED9D271C ] E:\Program Files (x86)\Steam\steam.exe
15:22:45.0991 0xcd64  Steam - ok
15:22:46.0077 0xcd64  [ 0FB5EB5C3639C88A02DADA0BBC079A58, 0C55C5ADEC91999F3C748F369F106BDA7D95237150AB84DD07795AAB10E82BE0 ] E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
15:22:46.0117 0xcd64  Battle.net - ok
15:22:46.0201 0xcd64  [ 0F29059DD47E5E385E957473B2710D15, 119C0FB54DA026B5A9A60143B86155C6851147AA619373589204F80F2E6AB1AE ] E:\Program Files (x86)\Origin\Origin.exe
15:22:46.0268 0xcd64  EADM - ok
15:22:46.0287 0xcd64  Skype - ok
15:22:46.0355 0xcd64  [ 5F3587E344F2990B59C941FB405CAA0F, FECEC63F515EF66FAD84FF589E95B931574CA1F6BDFC9D6E016B0604AFF18498 ] E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
15:22:46.0370 0xcd64  GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED - ok
15:22:46.0371 0xcd64  Waiting for KSN requests completion. In queue: 5
15:22:47.0371 0xcd64  Waiting for KSN requests completion. In queue: 5
15:22:48.0372 0xcd64  Waiting for KSN requests completion. In queue: 5
15:22:49.0400 0xcd64  AV detected via SS2: Windows Defender, E:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
15:22:49.0418 0xcd64  AV detected via SS2: avast! Antivirus, E:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
15:22:49.0420 0xcd64  Win FW state via NFP2: enabled
15:22:51.0798 0xcd64  ============================================================
15:22:51.0798 0xcd64  Scan finished
15:22:51.0798 0xcd64  ============================================================
15:22:51.0815 0x7038  Detected object count: 0
15:22:51.0815 0x7038  Actual detected object count: 0
15:24:32.0710 0xcf0c  Deinitialize success
         
mbar Log:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.29.04

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
Pascal :: PASCALS-PC [administrator]

29.12.2014 15:27:44
mbar-log-2014-12-29 (15-27-44).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 363623
Time elapsed: 5 minute(s), 14 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
PC2 folgt und schonmal danke für die Hilfe

Alt 29.12.2014, 15:08   #7
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



PC2

TDSSKiller Log:
Code:
ATTFilter
15:34:35.0493 0x17fc  TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
15:34:35.0493 0x17fc  UEFI system
15:34:37.0942 0x17fc  ============================================================
15:34:37.0942 0x17fc  Current date / time: 2014/12/29 15:34:37.0942
15:34:37.0942 0x17fc  SystemInfo:
15:34:37.0942 0x17fc  
15:34:37.0942 0x17fc  OS Version: 6.1.7601 ServicePack: 1.0
15:34:37.0942 0x17fc  Product type: Workstation
15:34:37.0942 0x17fc  ComputerName: WOHNZIMMER-PC
15:34:37.0942 0x17fc  UserName: Hartmut und Marion
15:34:37.0942 0x17fc  Windows directory: C:\Windows
15:34:37.0942 0x17fc  System windows directory: C:\Windows
15:34:37.0942 0x17fc  Running under WOW64
15:34:37.0942 0x17fc  Processor architecture: Intel x64
15:34:37.0942 0x17fc  Number of processors: 2
15:34:37.0942 0x17fc  Page size: 0x1000
15:34:37.0942 0x17fc  Boot type: Normal boot
15:34:37.0942 0x17fc  ============================================================
15:34:38.0722 0x17fc  KLMD registered as C:\Windows\system32\drivers\30845947.sys
15:34:39.0081 0x17fc  System UUID: {B47B5AC1-DAE0-46EA-80C2-7C6C11DAD60C}
15:34:39.0595 0x17fc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:34:39.0627 0x17fc  ============================================================
15:34:39.0627 0x17fc  \Device\Harddisk0\DR0:
15:34:39.0627 0x17fc  GPT partitions:
15:34:39.0627 0x17fc  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {F67DF2AC-3CA0-4733-8EA2-07CAF1027844}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x32000
15:34:39.0627 0x17fc  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E344ED2B-C75E-49D4-B7D8-46CA454319D2}, Name: Microsoft reserved partition, StartLBA 0x32800, BlocksNum 0x40000
15:34:39.0627 0x17fc  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D1C27778-F2DB-4D11-B34A-B1FBE46C113A}, Name: Basic data partition, StartLBA 0x72800, BlocksNum 0x3A313000
15:34:39.0627 0x17fc  MBR partitions:
15:34:39.0627 0x17fc  ============================================================
15:34:39.0658 0x17fc  C: <-> \Device\Harddisk0\DR0\Partition3
15:34:39.0658 0x17fc  ============================================================
15:34:39.0658 0x17fc  Initialize success
15:34:39.0658 0x17fc  ============================================================
15:35:52.0370 0x141c  ============================================================
15:35:52.0370 0x141c  Scan started
15:35:52.0370 0x141c  Mode: Manual; SigCheck; TDLFS; 
15:35:52.0370 0x141c  ============================================================
15:35:52.0370 0x141c  KSN ping started
15:36:05.0801 0x141c  KSN ping finished: true
15:36:06.0784 0x141c  ================ Scan system memory ========================
15:36:06.0784 0x141c  System memory - ok
15:36:06.0784 0x141c  ================ Scan services =============================
15:36:06.0924 0x141c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:36:07.0049 0x141c  1394ohci - ok
15:36:07.0221 0x141c  [ 7546427637E4BDFFF6F0E53C39DD844B, F41207E8BB86320A0CB397A0FAAB937140019FD34D972B10E84DC25ABC9B3628 ] ABBYY.Licensing.FineReader.Professional.11.0 C:\Program Files (x86)\ABBYY FineReader 11\NetworkLicenseServer.exe
15:36:07.0252 0x141c  ABBYY.Licensing.FineReader.Professional.11.0 - ok
15:36:07.0283 0x141c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:36:07.0299 0x141c  ACPI - ok
15:36:07.0330 0x141c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:36:07.0392 0x141c  AcpiPmi - ok
15:36:07.0486 0x141c  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:36:07.0517 0x141c  AdobeARMservice - ok
15:36:07.0642 0x141c  [ 749F94C424524285DCDA84D695ABC12F, E5AD194AF5B8B4FDB3976D3E3F9EF942DECFEC4EBAA9881A8EF7707BB781E4AD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:36:07.0658 0x141c  AdobeFlashPlayerUpdateSvc - ok
15:36:07.0704 0x141c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:36:07.0736 0x141c  adp94xx - ok
15:36:07.0814 0x141c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:36:07.0860 0x141c  adpahci - ok
15:36:07.0876 0x141c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:36:07.0892 0x141c  adpu320 - ok
15:36:07.0923 0x141c  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:36:07.0970 0x141c  AeLookupSvc - ok
15:36:08.0032 0x141c  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
15:36:08.0079 0x141c  AFD - ok
15:36:08.0094 0x141c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:36:08.0110 0x141c  agp440 - ok
15:36:08.0126 0x141c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:36:08.0157 0x141c  ALG - ok
15:36:08.0204 0x141c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:36:08.0235 0x141c  aliide - ok
15:36:08.0266 0x141c  [ 2EF1BA6D5DC79FCE5E9216C8C2D3F193, E59E79AF44878AAC09DF5DE8CEDB9088800711553C7C7E358328274C116B46F9 ] amdhub30        C:\Windows\system32\DRIVERS\amdhub30.sys
15:36:08.0297 0x141c  amdhub30 - ok
15:36:08.0313 0x141c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:36:08.0328 0x141c  amdide - ok
15:36:08.0360 0x141c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:36:08.0391 0x141c  AmdK8 - ok
15:36:08.0438 0x141c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:36:08.0453 0x141c  AmdPPM - ok
15:36:08.0500 0x141c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:36:08.0516 0x141c  amdsata - ok
15:36:08.0547 0x141c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:36:08.0562 0x141c  amdsbs - ok
15:36:08.0594 0x141c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:36:08.0609 0x141c  amdxata - ok
15:36:08.0640 0x141c  [ 541A6C49C792ED71FB3EFF8C815CFE60, BC8D740C980CA60C06364CB75BDA323A1604C4CFAF753FD8C44D2FF312C6C7E1 ] amdxhc          C:\Windows\system32\DRIVERS\amdxhc.sys
15:36:08.0640 0x141c  amdxhc - ok
15:36:08.0672 0x141c  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:36:08.0750 0x141c  AppID - ok
15:36:08.0781 0x141c  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:36:08.0828 0x141c  AppIDSvc - ok
15:36:08.0859 0x141c  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:36:08.0906 0x141c  Appinfo - ok
15:36:08.0999 0x141c  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:36:09.0015 0x141c  Apple Mobile Device - ok
15:36:09.0046 0x141c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
15:36:09.0077 0x141c  arc - ok
15:36:09.0093 0x141c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:36:09.0108 0x141c  arcsas - ok
15:36:09.0280 0x141c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:36:09.0311 0x141c  aspnet_state - ok
15:36:09.0342 0x141c  [ 340B0467E98A8C92697D73034DB4BCB7, 342572B566747A05DA5391CFC027A6703AECCE29C3D288428884D8641A35D0F5 ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
15:36:09.0358 0x141c  aswHwid - ok
15:36:09.0374 0x141c  [ ED5B09937D559FFA53FC988D20031E98, EC9E50C9BC2184AE93944EA3115A25BADF5FFB91D11776498EBC9A0D60029A84 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
15:36:09.0389 0x141c  aswMonFlt - ok
15:36:09.0420 0x141c  [ 33C77DCB0AEC76E26BD6352A1A5281BB, CEA7BB3407C1F900DE5CB09F42AF7734811F86B7DE0085FADC7AAE8178D59665 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
15:36:09.0436 0x141c  aswRdr - ok
15:36:09.0452 0x141c  [ BF5B9E9E97CED45208E498D9FA73688F, BCB2CC516EAD040573D80599C2306ECB26FCCB16A97B940327CD3A3CE9077877 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
15:36:09.0467 0x141c  aswRvrt - ok
15:36:09.0514 0x141c  [ F88CE00A7736C349ED1414D7ECDC9BED, 8C0783CE32968874065C2F46088B34F9C872F26C98AB8E8BA895D84CCB25E534 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
15:36:09.0545 0x141c  aswSnx - ok
15:36:09.0576 0x141c  [ 3AE912B08E2A1ABB2B63F3C56BED95C2, BE99BA3A74427444FEE5D47D70BDBA631DBBF50D80B0483C0675F87119926765 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
15:36:09.0592 0x141c  aswSP - ok
15:36:09.0608 0x141c  [ A7115ED31675BB823CFA9FE571C25676, DEEBB3920934DCDDD488DCFCB1E6F4C7EFDD3C79F31E41D59E292C3CF9400E95 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
15:36:09.0623 0x141c  aswStm - ok
15:36:09.0654 0x141c  [ 47CBD3F64E412FFAFD93404580A3C7B9, F9B02E232416BAFC21BCBCDC0A3D9E5E855BFAF11F29ED2C4C469692E6688278 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
15:36:09.0654 0x141c  aswVmm - ok
15:36:09.0670 0x141c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:36:09.0732 0x141c  AsyncMac - ok
15:36:09.0748 0x141c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:36:09.0764 0x141c  atapi - ok
15:36:09.0795 0x141c  [ CBE61B4494165F458BD87E37181EE934, E95654DCC0F977A3604B6BE435BEE109AC8F9F7494FD3A132F5FB477BBF7B105 ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
15:36:09.0826 0x141c  AthBTPort - ok
15:36:09.0873 0x141c  [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU          C:\Windows\system32\Drivers\AthDfu.sys
15:36:09.0935 0x141c  ATHDFU - ok
15:36:09.0998 0x141c  [ 1A3F71AADE163866001C91BF9FB6F299, 929C4633C19E9C066C322F27431AEBBE7EB676CC14A02624BF51A803426BC1EA ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
15:36:10.0029 0x141c  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
15:36:12.0431 0x141c  Detect skipped due to KSN trusted
15:36:12.0431 0x141c  AtherosSvc - ok
15:36:12.0540 0x141c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:36:12.0587 0x141c  AudioEndpointBuilder - ok
15:36:12.0603 0x141c  [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:36:12.0618 0x141c  AudioSrv - ok
15:36:12.0696 0x141c  [ 37D17AE2936867F88EB3C4CBCBC6B8A1, E1F4D288CE1E5482A5594C8F9EEDE1E8134466F5E0C7DA32D88985497CD8588B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
15:36:12.0696 0x141c  avast! Antivirus - ok
15:36:12.0743 0x141c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:36:12.0790 0x141c  AxInstSV - ok
15:36:12.0837 0x141c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:36:12.0899 0x141c  b06bdrv - ok
15:36:12.0946 0x141c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:36:13.0024 0x141c  b57nd60a - ok
15:36:13.0055 0x141c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:36:13.0071 0x141c  BDESVC - ok
15:36:13.0086 0x141c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:36:13.0149 0x141c  Beep - ok
15:36:13.0211 0x141c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:36:13.0289 0x141c  BFE - ok
15:36:13.0336 0x141c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:36:13.0383 0x141c  BITS - ok
15:36:13.0398 0x141c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:36:13.0430 0x141c  blbdrive - ok
15:36:13.0508 0x141c  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:36:13.0523 0x141c  Bonjour Service - ok
15:36:13.0570 0x141c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:36:13.0632 0x141c  bowser - ok
15:36:13.0664 0x141c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:36:13.0695 0x141c  BrFiltLo - ok
15:36:13.0710 0x141c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:36:13.0742 0x141c  BrFiltUp - ok
15:36:13.0773 0x141c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:36:13.0835 0x141c  Browser - ok
15:36:13.0866 0x141c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:36:13.0882 0x141c  Brserid - ok
15:36:13.0898 0x141c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:36:13.0913 0x141c  BrSerWdm - ok
15:36:13.0929 0x141c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:36:13.0960 0x141c  BrUsbMdm - ok
15:36:13.0991 0x141c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:36:14.0038 0x141c  BrUsbSer - ok
15:36:14.0100 0x141c  [ FE70889A85C57A9268101B2DB0474509, 9E957390A52BE4E5642724FEC06A201682F93DD1C6F2C00A5F57351460CF5AE0 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
15:36:14.0163 0x141c  BTATH_A2DP - ok
15:36:14.0225 0x141c  [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
15:36:14.0241 0x141c  BTATH_BUS - ok
15:36:14.0288 0x141c  [ C864FF85EE16D61C2BDD5EF76824625F, 6D2FE57688D9E8B4277BF6DA9C219DEB367274364FBE17EFC353CEDB2D7EA35D ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
15:36:14.0319 0x141c  BTATH_HCRP - ok
15:36:14.0350 0x141c  [ 0DEA505EFB5D771826D177EF8B8A208F, FD8027DA791F04077490749AC5A08F73CCBA1731462579AA9008CD8DD82FBBBC ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
15:36:14.0381 0x141c  BTATH_LWFLT - ok
15:36:14.0428 0x141c  [ 724C8088C96EFE7A3E63FEC21D4681C0, 4F9B258BE0FEA634A0D93B3892F2F039A7CAD184C9A81DFC2B67B0D4B39C5035 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
15:36:14.0490 0x141c  BTATH_RCP - ok
15:36:14.0537 0x141c  [ DCE0798FD5BB4E452227EC58700956F5, 7A32824F7AFF47C907CE0F84994CEF15A38A60722533058C8AC014691DFE72F4 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
15:36:14.0584 0x141c  BtFilter - ok
15:36:14.0631 0x141c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
15:36:14.0662 0x141c  BthEnum - ok
15:36:14.0678 0x141c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:36:14.0709 0x141c  BTHMODEM - ok
15:36:14.0724 0x141c  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:36:14.0771 0x141c  BthPan - ok
15:36:14.0802 0x141c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
15:36:14.0849 0x141c  BTHPORT - ok
15:36:14.0865 0x141c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:36:14.0912 0x141c  bthserv - ok
15:36:14.0927 0x141c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
15:36:14.0943 0x141c  BTHUSB - ok
15:36:14.0958 0x141c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:36:14.0990 0x141c  cdfs - ok
15:36:15.0036 0x141c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:36:15.0083 0x141c  cdrom - ok
15:36:15.0114 0x141c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:36:15.0161 0x141c  CertPropSvc - ok
15:36:15.0177 0x141c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:36:15.0224 0x141c  circlass - ok
15:36:15.0255 0x141c  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:36:15.0270 0x141c  CLFS - ok
15:36:15.0333 0x141c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:36:15.0348 0x141c  clr_optimization_v2.0.50727_32 - ok
15:36:15.0364 0x141c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:36:15.0380 0x141c  clr_optimization_v2.0.50727_64 - ok
15:36:15.0458 0x141c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:36:15.0489 0x141c  clr_optimization_v4.0.30319_32 - ok
15:36:15.0504 0x141c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:36:15.0504 0x141c  clr_optimization_v4.0.30319_64 - ok
15:36:15.0536 0x141c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
15:36:15.0598 0x141c  CmBatt - ok
15:36:15.0645 0x141c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:36:15.0660 0x141c  cmdide - ok
15:36:15.0723 0x141c  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:36:15.0770 0x141c  CNG - ok
15:36:15.0770 0x141c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:36:15.0785 0x141c  Compbatt - ok
15:36:15.0801 0x141c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:36:15.0832 0x141c  CompositeBus - ok
15:36:15.0848 0x141c  COMSysApp - ok
15:36:15.0863 0x141c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:36:15.0879 0x141c  crcdisk - ok
15:36:15.0926 0x141c  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:36:15.0988 0x141c  CryptSvc - ok
15:36:16.0050 0x141c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:36:16.0097 0x141c  DcomLaunch - ok
15:36:16.0128 0x141c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:36:16.0160 0x141c  defragsvc - ok
15:36:16.0175 0x141c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:36:16.0222 0x141c  DfsC - ok
15:36:16.0269 0x141c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:36:16.0316 0x141c  Dhcp - ok
15:36:16.0347 0x141c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:36:16.0378 0x141c  discache - ok
15:36:16.0409 0x141c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
15:36:16.0409 0x141c  Disk - ok
15:36:16.0472 0x141c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:36:16.0518 0x141c  Dnscache - ok
15:36:16.0565 0x141c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:36:16.0612 0x141c  dot3svc - ok
15:36:16.0643 0x141c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:36:16.0674 0x141c  DPS - ok
15:36:16.0721 0x141c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:36:16.0752 0x141c  drmkaud - ok
15:36:16.0846 0x141c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:36:16.0862 0x141c  DXGKrnl - ok
15:36:16.0893 0x141c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:36:16.0924 0x141c  EapHost - ok
15:36:17.0064 0x141c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:36:17.0220 0x141c  ebdrv - ok
15:36:17.0267 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:36:17.0298 0x141c  EFS - ok
15:36:17.0361 0x141c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:36:17.0408 0x141c  ehRecvr - ok
15:36:17.0439 0x141c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:36:17.0454 0x141c  ehSched - ok
15:36:17.0486 0x141c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:36:17.0517 0x141c  elxstor - ok
15:36:17.0532 0x141c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:36:17.0579 0x141c  ErrDev - ok
15:36:17.0642 0x141c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:36:17.0688 0x141c  EventSystem - ok
15:36:17.0720 0x141c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:36:17.0766 0x141c  exfat - ok
15:36:17.0782 0x141c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:36:17.0829 0x141c  fastfat - ok
15:36:17.0891 0x141c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:36:17.0938 0x141c  Fax - ok
15:36:17.0954 0x141c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
15:36:17.0969 0x141c  fdc - ok
15:36:17.0985 0x141c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:36:18.0016 0x141c  fdPHost - ok
15:36:18.0032 0x141c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:36:18.0078 0x141c  FDResPub - ok
15:36:18.0110 0x141c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:36:18.0110 0x141c  FileInfo - ok
15:36:18.0125 0x141c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:36:18.0172 0x141c  Filetrace - ok
15:36:18.0188 0x141c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:36:18.0203 0x141c  flpydisk - ok
15:36:18.0234 0x141c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:36:18.0250 0x141c  FltMgr - ok
15:36:18.0344 0x141c  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:36:18.0406 0x141c  FontCache - ok
15:36:18.0437 0x141c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:36:18.0453 0x141c  FontCache3.0.0.0 - ok
15:36:18.0484 0x141c  [ 9FB835781EFB1FE0BDC73B04196F0CF1, 519055C12D0F436C2FCD4C3CBE57FE8D07B4B6B56AD280A940B2E1B85AC521EB ] Freedom Scientific Kernel Manager C:\Windows\system32\fsKMgr.dll
15:36:18.0484 0x141c  Freedom Scientific Kernel Manager - ok
15:36:18.0515 0x141c  [ 40F9E30913516CE5000F46729C56691C, DE8CFC811E1C03CAEE56FAF48BF609785C8B9D13F66606821349D0003A3C57BF ] FSBRLDSP        C:\Windows\system32\DRIVERS\FSBRLDSP.sys
15:36:18.0546 0x141c  FSBRLDSP - ok
15:36:18.0578 0x141c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:36:18.0578 0x141c  FsDepends - ok
15:36:18.0593 0x141c  [ 7A1CA6D5AEF8256D905C02907F483720, 8CF087D3BD67818F48C28FBE6E399BC449589B5B140863DE2857BEA6BFC5F0C1 ] fsvidmir_service C:\Windows\system32\DRIVERS\fsvidmir.sys
15:36:18.0609 0x141c  fsvidmir_service - ok
15:36:18.0640 0x141c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:36:18.0656 0x141c  Fs_Rec - ok
15:36:18.0702 0x141c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:36:18.0749 0x141c  fvevol - ok
15:36:18.0765 0x141c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:36:18.0780 0x141c  gagp30kx - ok
15:36:18.0827 0x141c  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:36:18.0843 0x141c  GEARAspiWDM - ok
15:36:18.0890 0x141c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:36:18.0952 0x141c  gpsvc - ok
15:36:18.0983 0x141c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:36:18.0999 0x141c  hcw85cir - ok
15:36:19.0046 0x141c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:36:19.0108 0x141c  HdAudAddService - ok
15:36:19.0139 0x141c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:36:19.0186 0x141c  HDAudBus - ok
15:36:19.0202 0x141c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:36:19.0233 0x141c  HidBatt - ok
15:36:19.0264 0x141c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:36:19.0311 0x141c  HidBth - ok
15:36:19.0342 0x141c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:36:19.0358 0x141c  HidIr - ok
15:36:19.0389 0x141c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:36:19.0436 0x141c  hidserv - ok
15:36:19.0498 0x141c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
15:36:19.0529 0x141c  HidUsb - ok
15:36:19.0545 0x141c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:36:19.0592 0x141c  hkmsvc - ok
15:36:19.0623 0x141c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:36:19.0670 0x141c  HomeGroupListener - ok
15:36:19.0701 0x141c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:36:19.0732 0x141c  HomeGroupProvider - ok
15:36:19.0748 0x141c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:36:19.0763 0x141c  HpSAMD - ok
15:36:19.0794 0x141c  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:36:19.0841 0x141c  HTTP - ok
15:36:19.0857 0x141c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:36:19.0872 0x141c  hwpolicy - ok
15:36:19.0888 0x141c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:36:19.0904 0x141c  i8042prt - ok
15:36:19.0950 0x141c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:36:19.0966 0x141c  iaStorV - ok
15:36:20.0013 0x141c  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:36:20.0028 0x141c  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:36:22.0790 0x141c  Detect skipped due to KSN trusted
15:36:22.0790 0x141c  IDriverT - ok
15:36:22.0883 0x141c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:36:22.0914 0x141c  idsvc - ok
15:36:22.0946 0x141c  IEEtwCollectorService - ok
15:36:22.0992 0x141c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:36:23.0008 0x141c  iirsp - ok
15:36:23.0055 0x141c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:36:23.0086 0x141c  IKEEXT - ok
15:36:23.0102 0x141c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:36:23.0117 0x141c  intelide - ok
15:36:23.0148 0x141c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
15:36:23.0180 0x141c  intelppm - ok
15:36:23.0211 0x141c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:36:23.0258 0x141c  IPBusEnum - ok
15:36:23.0289 0x141c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:36:23.0336 0x141c  IpFilterDriver - ok
15:36:23.0398 0x141c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:36:23.0445 0x141c  iphlpsvc - ok
15:36:23.0460 0x141c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:36:23.0476 0x141c  IPMIDRV - ok
15:36:23.0507 0x141c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:36:23.0554 0x141c  IPNAT - ok
15:36:23.0632 0x141c  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:36:23.0663 0x141c  iPod Service - ok
15:36:23.0694 0x141c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:36:23.0710 0x141c  IRENUM - ok
15:36:23.0726 0x141c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:36:23.0741 0x141c  isapnp - ok
15:36:23.0788 0x141c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:36:23.0819 0x141c  iScsiPrt - ok
15:36:23.0913 0x141c  [ BF59432890AB30BECE483B2ABB64416B, 518ACA8E74F6AF6330CE6E3FC3E3E99AA05EC979C242E7B1B5502D659CC904FB ] JTVNCProxy_15.0 C:\Program Files\Freedom Scientific\JAWS\15.0\JTVNCProxy.exe
15:36:23.0928 0x141c  JTVNCProxy_15.0 - ok
15:36:23.0960 0x141c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:36:23.0975 0x141c  kbdclass - ok
15:36:24.0006 0x141c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:36:24.0053 0x141c  kbdhid - ok
15:36:24.0069 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:36:24.0100 0x141c  KeyIso - ok
15:36:24.0147 0x141c  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:36:24.0162 0x141c  KSecDD - ok
15:36:24.0194 0x141c  [ 41774FF331F609EF442B7398EE6202B1, AD67DA06A74895C384F4A1F1CF47050DAEE9C6CE8AD12F1A116FC977B6C3A864 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:36:24.0209 0x141c  KSecPkg - ok
15:36:24.0225 0x141c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:36:24.0256 0x141c  ksthunk - ok
15:36:24.0287 0x141c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:36:24.0334 0x141c  KtmRm - ok
15:36:24.0381 0x141c  [ FC741259B7C22379EE83257D7CF91151, 37FAA2E03DFE8C04762178EC7C0AD7AB383155772EFF857D7D27225F8DF29C5B ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:36:24.0396 0x141c  L1C - ok
15:36:24.0428 0x141c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:36:24.0474 0x141c  LanmanServer - ok
15:36:24.0490 0x141c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:36:24.0521 0x141c  LanmanWorkstation - ok
15:36:24.0552 0x141c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:36:24.0599 0x141c  lltdio - ok
15:36:24.0646 0x141c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:36:24.0708 0x141c  lltdsvc - ok
15:36:24.0740 0x141c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:36:24.0771 0x141c  lmhosts - ok
15:36:24.0786 0x141c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:36:24.0802 0x141c  LSI_FC - ok
15:36:24.0818 0x141c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:36:24.0833 0x141c  LSI_SAS - ok
15:36:24.0833 0x141c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:36:24.0849 0x141c  LSI_SAS2 - ok
15:36:24.0864 0x141c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:36:24.0880 0x141c  LSI_SCSI - ok
15:36:24.0896 0x141c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:36:24.0942 0x141c  luafv - ok
15:36:24.0989 0x141c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:36:25.0020 0x141c  Mcx2Svc - ok
15:36:25.0036 0x141c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:36:25.0036 0x141c  megasas - ok
15:36:25.0067 0x141c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:36:25.0083 0x141c  MegaSR - ok
15:36:25.0098 0x141c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:36:25.0145 0x141c  MMCSS - ok
15:36:25.0161 0x141c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:36:25.0192 0x141c  Modem - ok
15:36:25.0208 0x141c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:36:25.0239 0x141c  monitor - ok
15:36:25.0270 0x141c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:36:25.0286 0x141c  mouclass - ok
15:36:25.0286 0x141c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:36:25.0301 0x141c  mouhid - ok
15:36:25.0317 0x141c  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:36:25.0332 0x141c  mountmgr - ok
15:36:25.0364 0x141c  [ DFCD29AB147716CA72416FA7D2196D46, ED60BF354347697F69A78C9FBE1ADCBE0C3EB4C2CC8DB97A7FA03A68BD796066 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:36:25.0379 0x141c  MozillaMaintenance - ok
15:36:25.0395 0x141c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:36:25.0410 0x141c  mpio - ok
15:36:25.0442 0x141c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:36:25.0488 0x141c  mpsdrv - ok
15:36:25.0535 0x141c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:36:25.0598 0x141c  MpsSvc - ok
15:36:25.0644 0x141c  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:36:25.0676 0x141c  MRxDAV - ok
15:36:25.0722 0x141c  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:36:25.0769 0x141c  mrxsmb - ok
15:36:25.0785 0x141c  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:36:25.0816 0x141c  mrxsmb10 - ok
15:36:25.0832 0x141c  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:36:25.0847 0x141c  mrxsmb20 - ok
15:36:25.0878 0x141c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:36:25.0910 0x141c  msahci - ok
15:36:25.0925 0x141c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:36:25.0925 0x141c  msdsm - ok
15:36:25.0941 0x141c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:36:25.0972 0x141c  MSDTC - ok
15:36:26.0003 0x141c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:36:26.0066 0x141c  Msfs - ok
15:36:26.0097 0x141c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:36:26.0144 0x141c  mshidkmdf - ok
15:36:26.0159 0x141c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:36:26.0175 0x141c  msisadrv - ok
15:36:26.0190 0x141c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:36:26.0237 0x141c  MSiSCSI - ok
15:36:26.0237 0x141c  msiserver - ok
15:36:26.0268 0x141c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:36:26.0315 0x141c  MSKSSRV - ok
15:36:26.0331 0x141c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:36:26.0378 0x141c  MSPCLOCK - ok
15:36:26.0378 0x141c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:36:26.0409 0x141c  MSPQM - ok
15:36:26.0440 0x141c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:36:26.0456 0x141c  MsRPC - ok
15:36:26.0471 0x141c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:36:26.0471 0x141c  mssmbios - ok
15:36:26.0487 0x141c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:36:26.0534 0x141c  MSTEE - ok
15:36:26.0549 0x141c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:36:26.0580 0x141c  MTConfig - ok
15:36:26.0612 0x141c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:36:26.0627 0x141c  Mup - ok
15:36:26.0658 0x141c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:36:26.0690 0x141c  napagent - ok
15:36:26.0736 0x141c  NasPmService - ok
15:36:26.0752 0x141c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:36:26.0783 0x141c  NativeWifiP - ok
15:36:26.0846 0x141c  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:36:26.0877 0x141c  NDIS - ok
15:36:26.0892 0x141c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:36:26.0924 0x141c  NdisCap - ok
15:36:26.0939 0x141c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:36:26.0986 0x141c  NdisTapi - ok
15:36:27.0017 0x141c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:36:27.0033 0x141c  Ndisuio - ok
15:36:27.0064 0x141c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:36:27.0095 0x141c  NdisWan - ok
15:36:27.0111 0x141c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:36:27.0158 0x141c  NDProxy - ok
15:36:27.0173 0x141c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:36:27.0236 0x141c  NetBIOS - ok
15:36:27.0267 0x141c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:36:27.0314 0x141c  NetBT - ok
15:36:27.0314 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:36:27.0329 0x141c  Netlogon - ok
15:36:27.0360 0x141c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:36:27.0407 0x141c  Netman - ok
15:36:27.0438 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0454 0x141c  NetMsmqActivator - ok
15:36:27.0454 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0470 0x141c  NetPipeActivator - ok
15:36:27.0501 0x141c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:36:27.0563 0x141c  netprofm - ok
15:36:27.0563 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0579 0x141c  NetTcpActivator - ok
15:36:27.0594 0x141c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:36:27.0610 0x141c  NetTcpPortSharing - ok
15:36:27.0626 0x141c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:36:27.0641 0x141c  nfrd960 - ok
15:36:27.0657 0x141c  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:36:27.0704 0x141c  NlaSvc - ok
15:36:27.0719 0x141c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:36:27.0766 0x141c  Npfs - ok
15:36:27.0782 0x141c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
15:36:27.0828 0x141c  nsi - ok
15:36:27.0844 0x141c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:36:27.0875 0x141c  nsiproxy - ok
15:36:27.0984 0x141c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:36:28.0047 0x141c  Ntfs - ok
15:36:28.0047 0x141c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
15:36:28.0078 0x141c  Null - ok
15:36:28.0109 0x141c  [ B4F53BCA4C688FF47F04FA90098F896E, 6051CFC0CFE659A2C4CFC1029F19CF1B1B98A1A5E59C2B3A10D7B3407A7FA5C0 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:36:28.0125 0x141c  NVHDA - ok
15:36:28.0421 0x141c  [ 0A2F27B5BCC45B64E152DD6AE0815198, FD973BEED46A139BD125F06A8115DE3CF9D5543CD862F6EAF3D4818A32EA290F ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:36:28.0655 0x141c  nvlddmkm - ok
15:36:28.0718 0x141c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:36:28.0733 0x141c  nvraid - ok
15:36:28.0749 0x141c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:36:28.0764 0x141c  nvstor - ok
15:36:28.0796 0x141c  [ 574087EA9105F23FB522A4FDDD5292D9, 3BD7148F3CFE005284DB9A66F6DFE4971471F92736302283DF9B10DC5AF9B6EA ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:36:28.0827 0x141c  nvsvc - ok
15:36:28.0905 0x141c  [ ABA5A88740635D37A2B6CEB27DBC738A, B45BF13B54125D195568E421948305E5994E5FF6C1FEF0A95A4BA93CD94BE77D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
15:36:28.0952 0x141c  nvUpdatusService - ok
15:36:28.0967 0x141c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:36:28.0983 0x141c  nv_agp - ok
15:36:28.0998 0x141c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:36:29.0014 0x141c  ohci1394 - ok
15:36:29.0061 0x141c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:36:29.0092 0x141c  ose - ok
15:36:29.0295 0x141c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:36:29.0466 0x141c  osppsvc - ok
15:36:29.0529 0x141c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:36:29.0560 0x141c  p2pimsvc - ok
15:36:29.0622 0x141c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
15:36:29.0700 0x141c  p2psvc - ok
15:36:29.0716 0x141c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
15:36:29.0747 0x141c  Parport - ok
15:36:29.0794 0x141c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:36:29.0810 0x141c  partmgr - ok
15:36:29.0825 0x141c  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:36:29.0856 0x141c  PcaSvc - ok
15:36:29.0888 0x141c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
15:36:29.0903 0x141c  pci - ok
15:36:29.0950 0x141c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:36:29.0950 0x141c  pciide - ok
15:36:29.0981 0x141c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:36:29.0997 0x141c  pcmcia - ok
15:36:30.0028 0x141c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:36:30.0028 0x141c  pcw - ok
15:36:30.0059 0x141c  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:36:30.0122 0x141c  PEAUTH - ok
15:36:30.0184 0x141c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:36:30.0200 0x141c  PerfHost - ok
15:36:30.0262 0x141c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
15:36:30.0387 0x141c  pla - ok
15:36:30.0449 0x141c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:36:30.0480 0x141c  PlugPlay - ok
15:36:30.0496 0x141c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:36:30.0527 0x141c  PNRPAutoReg - ok
15:36:30.0558 0x141c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:36:30.0574 0x141c  PNRPsvc - ok
15:36:30.0605 0x141c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:36:30.0668 0x141c  PolicyAgent - ok
15:36:30.0699 0x141c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
15:36:30.0746 0x141c  Power - ok
15:36:30.0808 0x141c  [ 949537047889E3335FE273978D262D42, F35B44F52327ED89140F67A8080E9ACFC2C01C6D3FD4AC775448A7A049247043 ] PowerBrl        C:\Windows\system32\Drivers\powerbrl.sys
15:36:30.0839 0x141c  PowerBrl - ok
15:36:30.0870 0x141c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:36:30.0917 0x141c  PptpMiniport - ok
15:36:30.0933 0x141c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
15:36:30.0964 0x141c  Processor - ok
15:36:31.0026 0x141c  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:36:31.0073 0x141c  ProfSvc - ok
15:36:31.0073 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:36:31.0089 0x141c  ProtectedStorage - ok
15:36:31.0104 0x141c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:36:31.0151 0x141c  Psched - ok
15:36:31.0229 0x141c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:36:31.0292 0x141c  ql2300 - ok
15:36:31.0307 0x141c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:36:31.0323 0x141c  ql40xx - ok
15:36:31.0354 0x141c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
15:36:31.0370 0x141c  QWAVE - ok
15:36:31.0385 0x141c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:36:31.0401 0x141c  QWAVEdrv - ok
15:36:31.0416 0x141c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:36:31.0448 0x141c  RasAcd - ok
15:36:31.0463 0x141c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:36:31.0526 0x141c  RasAgileVpn - ok
15:36:31.0541 0x141c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
15:36:31.0572 0x141c  RasAuto - ok
15:36:31.0588 0x141c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:36:31.0635 0x141c  Rasl2tp - ok
15:36:31.0666 0x141c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
15:36:31.0713 0x141c  RasMan - ok
15:36:31.0744 0x141c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:36:31.0791 0x141c  RasPppoe - ok
15:36:31.0822 0x141c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:36:31.0869 0x141c  RasSstp - ok
15:36:31.0900 0x141c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:36:31.0947 0x141c  rdbss - ok
15:36:31.0962 0x141c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:36:31.0978 0x141c  rdpbus - ok
15:36:31.0994 0x141c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:36:32.0040 0x141c  RDPCDD - ok
15:36:32.0072 0x141c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:36:32.0118 0x141c  RDPENCDD - ok
15:36:32.0150 0x141c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:36:32.0196 0x141c  RDPREFMP - ok
15:36:32.0228 0x141c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:36:32.0274 0x141c  RDPWD - ok
15:36:32.0337 0x141c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:36:32.0352 0x141c  rdyboost - ok
15:36:32.0384 0x141c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:36:32.0430 0x141c  RemoteAccess - ok
15:36:32.0462 0x141c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:36:32.0493 0x141c  RemoteRegistry - ok
15:36:32.0540 0x141c  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:36:32.0571 0x141c  RFCOMM - ok
15:36:32.0602 0x141c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:36:32.0664 0x141c  RpcEptMapper - ok
15:36:32.0696 0x141c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
15:36:32.0711 0x141c  RpcLocator - ok
15:36:32.0758 0x141c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
15:36:32.0805 0x141c  RpcSs - ok
15:36:32.0820 0x141c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:36:32.0867 0x141c  rspndr - ok
15:36:32.0867 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe
15:36:32.0883 0x141c  SamSs - ok
15:36:32.0898 0x141c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:36:32.0914 0x141c  sbp2port - ok
15:36:32.0930 0x141c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:36:32.0992 0x141c  SCardSvr - ok
15:36:33.0008 0x141c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:36:33.0039 0x141c  scfilter - ok
15:36:33.0086 0x141c  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
15:36:33.0179 0x141c  Schedule - ok
15:36:33.0210 0x141c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:36:33.0242 0x141c  SCPolicySvc - ok
15:36:33.0257 0x141c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:36:33.0273 0x141c  SDRSVC - ok
15:36:33.0288 0x141c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:36:33.0320 0x141c  secdrv - ok
15:36:33.0351 0x141c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
15:36:33.0382 0x141c  seclogon - ok
15:36:33.0382 0x141c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
15:36:33.0413 0x141c  SENS - ok
15:36:33.0429 0x141c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:36:33.0460 0x141c  SensrSvc - ok
15:36:33.0491 0x141c  [ 255476B54C82A89416EFDF09FD62F107, 000A6F7F15177A08ED4E22DB1C06F9FF0F8D324541A3E7AF7F35123D9CA4122D ] Sentinel64      C:\Windows\System32\Drivers\Sentinel64.sys
15:36:33.0507 0x141c  Sentinel64 - ok
15:36:33.0522 0x141c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\drivers\serenum.sys
15:36:33.0554 0x141c  Serenum - ok
15:36:33.0585 0x141c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
15:36:33.0616 0x141c  Serial - ok
15:36:33.0647 0x141c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:36:33.0663 0x141c  sermouse - ok
15:36:33.0710 0x141c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
15:36:33.0756 0x141c  SessionEnv - ok
15:36:33.0756 0x141c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:36:33.0788 0x141c  sffdisk - ok
15:36:33.0788 0x141c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:36:33.0803 0x141c  sffp_mmc - ok
15:36:33.0803 0x141c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:36:33.0819 0x141c  sffp_sd - ok
15:36:33.0834 0x141c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:36:33.0834 0x141c  sfloppy - ok
15:36:33.0881 0x141c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:36:33.0928 0x141c  SharedAccess - ok
15:36:33.0959 0x141c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:36:34.0022 0x141c  ShellHWDetection - ok
15:36:34.0053 0x141c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:36:34.0053 0x141c  SiSRaid2 - ok
15:36:34.0068 0x141c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:36:34.0084 0x141c  SiSRaid4 - ok
15:36:34.0100 0x141c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:36:34.0146 0x141c  Smb - ok
15:36:34.0178 0x141c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:36:34.0209 0x141c  SNMPTRAP - ok
15:36:34.0224 0x141c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:36:34.0240 0x141c  spldr - ok
15:36:34.0287 0x141c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
15:36:34.0302 0x141c  Spooler - ok
15:36:34.0412 0x141c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
15:36:34.0552 0x141c  sppsvc - ok
15:36:34.0568 0x141c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:36:34.0599 0x141c  sppuinotify - ok
15:36:34.0661 0x141c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:36:34.0708 0x141c  srv - ok
15:36:34.0724 0x141c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:36:34.0770 0x141c  srv2 - ok
15:36:34.0786 0x141c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:36:34.0802 0x141c  srvnet - ok
15:36:34.0833 0x141c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:36:34.0880 0x141c  SSDPSRV - ok
15:36:34.0942 0x141c  [ 0211AB46B73A2623B86C1CFCB30579AB, 7CC9BA2DF7B9EA6BB17EE342898EDD7F54703B93B6DED6A819E83A7EE9F938B4 ] SSPORT          C:\Windows\system32\Drivers\SSPORT.sys
15:36:34.0958 0x141c  SSPORT - ok
15:36:34.0973 0x141c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:36:35.0036 0x141c  SstpSvc - ok
15:36:35.0067 0x141c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:36:35.0082 0x141c  stexstor - ok
15:36:35.0098 0x141c  STHDA - ok
15:36:35.0129 0x141c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
15:36:35.0176 0x141c  stisvc - ok
15:36:35.0192 0x141c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:36:35.0192 0x141c  swenum - ok
15:36:35.0223 0x141c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
15:36:35.0270 0x141c  swprv - ok
15:36:35.0316 0x141c  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
15:36:35.0394 0x141c  SysMain - ok
15:36:35.0426 0x141c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:36:35.0441 0x141c  TabletInputService - ok
15:36:35.0472 0x141c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:36:35.0504 0x141c  TapiSrv - ok
15:36:35.0519 0x141c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
15:36:35.0566 0x141c  TBS - ok
15:36:35.0660 0x141c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:36:35.0722 0x141c  Tcpip - ok
15:36:35.0800 0x141c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:36:35.0847 0x141c  TCPIP6 - ok
15:36:35.0894 0x141c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:36:35.0925 0x141c  tcpipreg - ok
15:36:35.0972 0x141c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:36:36.0003 0x141c  TDPIPE - ok
15:36:36.0034 0x141c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:36:36.0065 0x141c  TDTCP - ok
15:36:36.0128 0x141c  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:36:36.0159 0x141c  tdx - ok
15:36:36.0174 0x141c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:36:36.0190 0x141c  TermDD - ok
15:36:36.0252 0x141c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
15:36:36.0299 0x141c  TermService - ok
15:36:36.0315 0x141c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
15:36:36.0362 0x141c  Themes - ok
15:36:36.0377 0x141c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:36:36.0408 0x141c  THREADORDER - ok
15:36:36.0502 0x141c  [ 0765EE4A7A0D6609BF91CA2E4700E885, 5E2459639CE5D100B15CD5E6077C4D8C0ECD66DD94DA1881B5722B22AA906853 ] TomTomHOMEService C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
15:36:36.0533 0x141c  TomTomHOMEService - ok
15:36:36.0549 0x141c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
15:36:36.0596 0x141c  TrkWks - ok
15:36:36.0642 0x141c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:36:36.0720 0x141c  TrustedInstaller - ok
15:36:36.0752 0x141c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:36:36.0783 0x141c  tssecsrv - ok
15:36:36.0814 0x141c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:36:36.0845 0x141c  TsUsbFlt - ok
15:36:36.0876 0x141c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:36:36.0908 0x141c  TsUsbGD - ok
15:36:36.0939 0x141c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:36:36.0986 0x141c  tunnel - ok
15:36:37.0001 0x141c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:36:37.0001 0x141c  uagp35 - ok
15:36:37.0032 0x141c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:36:37.0064 0x141c  udfs - ok
15:36:37.0095 0x141c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:36:37.0110 0x141c  UI0Detect - ok
15:36:37.0110 0x141c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:36:37.0126 0x141c  uliagpkx - ok
15:36:37.0142 0x141c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:36:37.0173 0x141c  umbus - ok
15:36:37.0173 0x141c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:36:37.0188 0x141c  UmPass - ok
15:36:37.0220 0x141c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
15:36:37.0266 0x141c  upnphost - ok
15:36:37.0329 0x141c  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:36:37.0360 0x141c  USBAAPL64 - ok
15:36:37.0391 0x141c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:36:37.0407 0x141c  usbccgp - ok
15:36:37.0469 0x141c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:36:37.0500 0x141c  usbcir - ok
15:36:37.0532 0x141c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:36:37.0610 0x141c  usbehci - ok
15:36:37.0672 0x141c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:36:37.0719 0x141c  usbhub - ok
15:36:37.0750 0x141c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:36:37.0766 0x141c  usbohci - ok
15:36:37.0797 0x141c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:36:37.0828 0x141c  usbprint - ok
15:36:37.0859 0x141c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:36:37.0906 0x141c  usbscan - ok
15:36:37.0937 0x141c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:36:37.0953 0x141c  USBSTOR - ok
15:36:37.0984 0x141c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:36:38.0015 0x141c  usbuhci - ok
15:36:38.0046 0x141c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
15:36:38.0093 0x141c  UxSms - ok
15:36:38.0109 0x141c  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe
15:36:38.0124 0x141c  VaultSvc - ok
15:36:38.0156 0x141c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:36:38.0156 0x141c  vdrvroot - ok
15:36:38.0187 0x141c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
15:36:38.0234 0x141c  vds - ok
15:36:38.0265 0x141c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:36:38.0296 0x141c  vga - ok
15:36:38.0312 0x141c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:36:38.0343 0x141c  VgaSave - ok
15:36:38.0374 0x141c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:36:38.0390 0x141c  vhdmp - ok
15:36:38.0421 0x141c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:36:38.0421 0x141c  viaide - ok
15:36:38.0436 0x141c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:36:38.0452 0x141c  volmgr - ok
15:36:38.0468 0x141c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:36:38.0483 0x141c  volmgrx - ok
15:36:38.0499 0x141c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:36:38.0530 0x141c  volsnap - ok
15:36:38.0546 0x141c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:36:38.0561 0x141c  vsmraid - ok
15:36:38.0655 0x141c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
15:36:38.0764 0x141c  VSS - ok
15:36:38.0795 0x141c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
15:36:38.0811 0x141c  vwifibus - ok
15:36:38.0826 0x141c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
15:36:38.0858 0x141c  W32Time - ok
15:36:38.0873 0x141c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:36:38.0904 0x141c  WacomPen - ok
15:36:38.0936 0x141c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:36:38.0982 0x141c  WANARP - ok
15:36:38.0998 0x141c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:36:39.0014 0x141c  Wanarpv6 - ok
15:36:39.0092 0x141c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
15:36:39.0154 0x141c  wbengine - ok
15:36:39.0170 0x141c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:36:39.0216 0x141c  WbioSrvc - ok
15:36:39.0248 0x141c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:36:39.0279 0x141c  wcncsvc - ok
15:36:39.0294 0x141c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:36:39.0310 0x141c  WcsPlugInService - ok
15:36:39.0341 0x141c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
15:36:39.0357 0x141c  Wd - ok
15:36:39.0404 0x141c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:36:39.0435 0x141c  Wdf01000 - ok
15:36:39.0466 0x141c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:36:39.0513 0x141c  WdiServiceHost - ok
15:36:39.0513 0x141c  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:36:39.0528 0x141c  WdiSystemHost - ok
15:36:39.0575 0x141c  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
15:36:39.0606 0x141c  WebClient - ok
15:36:39.0638 0x141c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:36:39.0684 0x141c  Wecsvc - ok
15:36:39.0700 0x141c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:36:39.0747 0x141c  wercplsupport - ok
15:36:39.0778 0x141c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:36:39.0809 0x141c  WerSvc - ok
15:36:39.0825 0x141c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:36:39.0856 0x141c  WfpLwf - ok
15:36:39.0872 0x141c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:36:39.0887 0x141c  WIMMount - ok
15:36:39.0903 0x141c  WinDefend - ok
15:36:39.0934 0x141c  WinHttpAutoProxySvc - ok
15:36:39.0965 0x141c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:36:40.0028 0x141c  Winmgmt - ok
15:36:40.0121 0x141c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
15:36:40.0230 0x141c  WinRM - ok
15:36:40.0293 0x141c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:36:40.0324 0x141c  WinUsb - ok
15:36:40.0371 0x141c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:36:40.0418 0x141c  Wlansvc - ok
15:36:40.0433 0x141c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
15:36:40.0449 0x141c  WmiAcpi - ok
15:36:40.0496 0x141c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:36:40.0511 0x141c  wmiApSrv - ok
15:36:40.0527 0x141c  WMPNetworkSvc - ok
15:36:40.0542 0x141c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:36:40.0558 0x141c  WPCSvc - ok
15:36:40.0574 0x141c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:36:40.0589 0x141c  WPDBusEnum - ok
15:36:40.0605 0x141c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:36:40.0636 0x141c  ws2ifsl - ok
15:36:40.0652 0x141c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
15:36:40.0683 0x141c  wscsvc - ok
15:36:40.0714 0x141c  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:36:40.0761 0x141c  WSDPrintDevice - ok
15:36:40.0761 0x141c  WSearch - ok
15:36:40.0886 0x141c  [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:36:40.0964 0x141c  wuauserv - ok
15:36:40.0995 0x141c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:36:41.0042 0x141c  WudfPf - ok
15:36:41.0073 0x141c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:36:41.0088 0x141c  WUDFRd - ok
15:36:41.0104 0x141c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:36:41.0120 0x141c  wudfsvc - ok
15:36:41.0166 0x141c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:36:41.0198 0x141c  WwanSvc - ok
15:36:41.0229 0x141c  ================ Scan global ===============================
15:36:41.0260 0x141c  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
15:36:41.0307 0x141c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:36:41.0322 0x141c  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
15:36:41.0338 0x141c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
15:36:41.0354 0x141c  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
15:36:41.0369 0x141c  [ Global ] - ok
15:36:41.0369 0x141c  ================ Scan MBR ==================================
15:36:41.0369 0x141c  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
15:36:41.0541 0x141c  \Device\Harddisk0\DR0 - ok
15:36:41.0541 0x141c  ================ Scan VBR ==================================
15:36:41.0588 0x141c  [ BC50927B01451C4F53E661A78DFBA302 ] \Device\Harddisk0\DR0\Partition1
15:36:41.0588 0x141c  \Device\Harddisk0\DR0\Partition1 - ok
15:36:41.0603 0x141c  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
15:36:41.0603 0x141c  \Device\Harddisk0\DR0\Partition2 - ok
15:36:41.0603 0x141c  [ 3F19E88EFBA5F3DAFB2645A7F956AF95 ] \Device\Harddisk0\DR0\Partition3
15:36:41.0603 0x141c  \Device\Harddisk0\DR0\Partition3 - ok
15:36:41.0603 0x141c  ================ Scan generic autorun ======================
15:36:41.0666 0x141c  [ 564765F1F68BBFA26CAC8F89662F106B, AA7A3CD8C3515E824DE10390852538BAAF998421ABA4F1E4CA967CC451DE493D ] C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
15:36:41.0712 0x141c  CDAServer - detected UnsignedFile.Multi.Generic ( 1 )
15:36:46.0018 0x141c  Detect skipped due to KSN trusted
15:36:46.0018 0x141c  CDAServer - ok
15:36:46.0330 0x141c  [ 62AC2BB471CEC5CB4191CCB57DFA4CED, 0D226B9C54D50C049024DD99E771BC6CEAF5617E4118CF66E8F02C2FEF04F921 ] C:\Program Files\Freedom Scientific\JAWS\15.0\jfw.exe
15:36:46.0470 0x141c  JAWS - ok
15:36:46.0580 0x141c  [ 996E0DF31F7C7AD1C5BD8B56DFB601D3, CA68E25B69A21CB02EAA472FBF012BC8F358A155BCF8EA1EAA45FA405F48C0AE ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
15:36:46.0626 0x141c  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
15:36:49.0045 0x141c  Detect skipped due to KSN trusted
15:36:49.0045 0x141c  AtherosBtStack - ok
15:36:49.0091 0x141c  [ 82CDD11153EC417F7E0C8C653805105B, 742EFC9F716F134608B790B84C7E808E0CEFE4297B15A3FF21F8A5F00211360F ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
15:36:49.0123 0x141c  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
15:36:51.0541 0x141c  Detect skipped due to KSN trusted
15:36:51.0541 0x141c  AthBtTray - ok
15:36:51.0650 0x141c  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
15:36:51.0665 0x141c  APSDaemon - ok
15:36:51.0837 0x141c  [ 21B8FAAFA5CCD89663AAD5833ABF4B35, DE46AD49AE1ED34697EE387BB77E73BCD7DA60E6063E02660021A9C2EA3C0801 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
15:36:51.0977 0x141c  AvastUI.exe - ok
15:36:52.0040 0x141c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0118 0x141c  Sidebar - ok
15:36:52.0149 0x141c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0165 0x141c  mctadmin - ok
15:36:52.0196 0x141c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0243 0x141c  Sidebar - ok
15:36:52.0243 0x141c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0258 0x141c  mctadmin - ok
15:36:52.0321 0x141c  [ 48C3EBD6D5E52AFCB1A0FA9B7F9802FA, 4F2E27AA8305FFC94F65C65C5FDB8462C92ED02A7B37627404382C3CAB65AC59 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
15:36:52.0352 0x141c  iCloudServices - ok
15:36:52.0383 0x141c  [ 799BCC829F48F19C5689478179060435, 495C6E363982F7BE1785A46C12ED4AC99E0AF98F340F1CE3C55D39EBE6FE33AA ] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
15:36:52.0399 0x141c  ApplePhotoStreams - ok
15:36:52.0492 0x141c  [ DAB55357D9CC9A76052F4472EBD5C729, 6028463D46079D1D8AD564197B54D89035AD85472A80ABA2FD11D3F7A91FCAD4 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
15:36:52.0539 0x141c  AppleIEDAV - ok
15:36:52.0555 0x141c  EEDSpeedLauncher - ok
15:36:52.0586 0x141c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0617 0x141c  Sidebar - ok
15:36:52.0633 0x141c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0648 0x141c  mctadmin - ok
15:36:52.0679 0x141c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:36:52.0726 0x141c  Sidebar - ok
15:36:52.0726 0x141c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:36:52.0742 0x141c  mctadmin - ok
15:36:52.0757 0x141c  [ 8EEFD0B92F46B6762A5EC41EF55F7043, 0C3417D92D7DA44327910A78C5379D05D28B9BCB0FB3740E1E9D399ECC6E53C4 ] C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe
15:36:52.0773 0x141c  TomTomHOME.exe - ok
15:36:52.0773 0x141c  Waiting for KSN requests completion. In queue: 14
15:36:53.0787 0x141c  Waiting for KSN requests completion. In queue: 14
15:36:54.0801 0x141c  Waiting for KSN requests completion. In queue: 14
15:36:55.0862 0x141c  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2018.391 ), 0x41000 ( enabled : updated )
15:36:55.0862 0x141c  Win FW state via NFP2: enabled
15:36:58.0327 0x141c  ============================================================
15:36:58.0327 0x141c  Scan finished
15:36:58.0327 0x141c  ============================================================
15:36:58.0327 0x1430  Detected object count: 0
15:36:58.0327 0x1430  Actual detected object count: 0
15:42:26.0005 0x17e8  Deinitialize success
         
mbar Log:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.29.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17501
Hartmut und Marion :: WOHNZIMMER-PC [administrator]

29.12.2014 15:43:46
mbar-log-2014-12-29 (15-43-46).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 430438
Time elapsed: 19 minute(s), 55 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
So das war alles vom 2ten Rechner.
Ich selbst hätte Rechner 1 verdächtigt, obwohl zum Zeitpunkt nicht auszuschließen ist, dass Rechner 2 auch am Netz war.

Was kann ich nun gegen die AdWare auf Rechner 1 tun?

Alt 29.12.2014, 21:47   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Machen wir jetzt

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.12.2014, 23:31   #9
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Hab das ganze jetzt auf PC 1 gemacht. Muss das ganze auf den 2ten Rechner auch gemacht werden? Wenn ja, werde ich das morgen nachreichen.

PC1:

mbam.txt
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 30.12.2014
Suchlauf-Zeit: 00:04:16
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.29.07
Rootkit Datenbank: v2014.12.29.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Pascal

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363570
Verstrichene Zeit: 5 Min, 37 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 1
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-1010802133-681624663-1200860190-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, In Quarantäne, [851671f78def5ed8f12cf1eba45e34cc], 

Registrierungswerte: 0
(Keine schädliche Elemente erkannt)

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 25
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main\bin, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main\Logs, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\Main\rep, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\SearchProtect, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\SEARCHPROTECT\bin, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\SEARCHPROTECT\rep, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\bin, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\bubble, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\Images, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\libs, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\protection, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\settings, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\dialogs\uninstall, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\PROGRAM FILES (X86)\SEARCHPROTECT\UI\rep, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\Logs, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\Logs, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\UI, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\UI\rep, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 

Dateien: 72
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\EULA.txt, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\bin\SPTool.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\bin\uninstall.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPTool64.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, E:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, In Quarantäne, [aaf1bdabb9c34fe7243c705208fc26da], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 
PUP.Optional.SearchProtect.A, C:\Users\Pascal\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [c7d48fd9e5973cfa5360b88658ab57a9], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         
AdwCleaner[S0].txt
Code:
ATTFilter
# AdwCleaner v4.106 - Bericht erstellt am 30/12/2014 um 00:17:37
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-28.1 [Live]
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : Pascal - PASCALS-PC
# Gestartet von : C:\Users\Pascal\Desktop\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg
Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v32.0.1 (x86 de)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [1654 octets] - [30/12/2014 00:16:16]
AdwCleaner[S0].txt - [1525 octets] - [30/12/2014 00:17:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1585 octets] ##########
         
JRT.txt
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.1 (12.28.2014:1)
OS: Windows 8.1 x64
Ran by Pascal on 30.12.2014 at  0:20:47,74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\Pascal\AppData\Roaming\mozilla\firefox\profiles\9ir82fto.default\minidumps [1 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.12.2014 at  0:23:01,96
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pascal (administrator) on PASCALS-PC on 30-12-2014 00:24:52
Running from C:\Users\Pascal\Downloads
Loaded Profile: Pascal (Available profiles: Pascal)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(BUFFALO INC.) E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
() E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(IvoSoft) E:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => E:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-20] (Valve Corporation)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Battle.net] => E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2864688 2014-12-10] (Blizzard Entertainment)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-26] (Electronic Arts)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED] => E:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
AppInit_DLLs: E:\Program Files => E:\Program Files [0 2014-08-29] ()
AppInit_DLLs-x32: E:\Program Files => E:\Program Files [0 2014-08-29] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> E:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_32.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
Toolbar: HKLM-x32 - No Name - {553891B7-A0D5-4526-BE18-D3CE461D6310} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default
FF DefaultSearchEngine: Microsoft (Bing)
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> E:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> E:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: ubisoft.com/uplaypc -> E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\searchplugins\bing-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-20]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (ZenMate) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-09]
CHR Extension: (Twitch Live) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-08-30]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2014-12-30]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (avast! Online Security) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)
R3 AvastVBoxSvc; E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-28] (Avast Software)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 DAUpdaterSvc; E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 gupdate; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-08-01] (Apple Inc.)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [118896 2014-02-13] (Mozilla Foundation)
R2 NasPmService; E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-26] (Electronic Arts)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-12] ()
R2 Razer Game Scanner Service; E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-31] ()
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-12-20] (Valve Corporation)
R2 Stereo Service; E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768 2014-12-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-28] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-28] ()
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [37888 2014-09-02] (LogMeIn Inc.) [File not signed]
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-10-31] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R2 VBoxAswDrv; E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-28] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-30 00:23 - 2014-12-30 00:23 - 00001543 _____ () C:\Users\Pascal\Desktop\JRT.txt
2014-12-30 00:20 - 2014-12-30 00:21 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-20-50.028-AvastVBoxSVC.exe-3316.log
2014-12-30 00:20 - 2014-12-30 00:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-12-30 00:19 - 2014-12-30 00:19 - 00001669 _____ () C:\Users\Pascal\Desktop\AdwCleaner[S0].txt
2014-12-30 00:16 - 2014-12-30 00:17 - 00000000 ____D () C:\AdwCleaner
2014-12-30 00:16 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-16-27.053-aswFe.exe-6520.log
2014-12-30 00:14 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-14-47.042-aswFe.exe-2820.log
2014-12-30 00:14 - 2014-12-30 00:14 - 01707939 _____ (Thisisu) C:\Users\Pascal\Desktop\JRT.exe
2014-12-30 00:14 - 2014-12-30 00:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-14-45.074-AvastVBoxSVC.exe-2268.log
2014-12-30 00:13 - 2014-12-30 00:13 - 02173952 _____ () C:\Users\Pascal\Desktop\AdwCleaner_4.106.exe
2014-12-30 00:13 - 2014-12-30 00:13 - 00015712 _____ () C:\Users\Pascal\Desktop\mbam.txt
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-29 23:59 - 2014-12-29 23:59 - 00001017 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-29 23:59 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-29 23:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-29 23:50 - 2014-12-29 23:50 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Pascal\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-29 15:27 - 2014-12-30 00:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 15:27 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-29 15:27 - 2014-12-29 15:36 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-29 15:25 - 2014-12-29 15:36 - 00000000 ____D () C:\Users\Pascal\Desktop\mbar
2014-12-29 15:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-29 15:20 - 2014-12-29 15:20 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Pascal\Desktop\mbar-1.08.2.1001.exe
2014-12-29 15:19 - 2014-12-29 15:19 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Pascal\Downloads\tdsskiller.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-12-28 19:51 - 2014-12-28 19:51 - 00001055 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-28 17:08 - 2014-12-28 21:02 - 00000000 ____D () E:\Program Files (x86)\Mozilla Thunderbird
2014-12-28 16:41 - 2014-12-30 00:24 - 00022355 _____ () C:\Users\Pascal\Downloads\FRST.txt
2014-12-28 16:41 - 2014-12-30 00:24 - 00000000 ____D () C:\FRST
2014-12-28 16:41 - 2014-12-28 16:41 - 00046595 _____ () C:\Users\Pascal\Downloads\Addition.txt
2014-12-28 16:29 - 2014-12-28 16:29 - 02123264 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2014-12-28 01:34 - 2014-12-30 00:01 - 00000000 ____D () E:\Program Files (x86)\Mod Organizer
2014-12-28 01:34 - 2014-12-28 01:34 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2014-12-27 19:52 - 2014-12-27 19:52 - 00002032 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-27 19:52 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-27 19:51 - 2014-12-27 19:52 - 00000000 ____D () C:\WINDOWS\LastGood
2014-12-27 19:51 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-27 19:51 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-27 19:51 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-27 19:51 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-27 19:51 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-27 04:12 - 2014-12-27 18:55 - 00000000 ____D () C:\ENB FXAA SweetFX Manager
2014-12-26 02:06 - 2014-12-29 15:20 - 00000000 ____D () C:\Users\Pascal\Downloads\Skyrim
2014-12-26 01:33 - 2014-12-26 01:34 - 18816637 _____ () C:\Users\Pascal\Desktop\Mod Organizer v1_2_14 installer-1334-1-2-14.exe
2014-12-25 23:00 - 2014-12-25 23:00 - 00012678 _____ () C:\Users\Pascal\Desktop\Mods.csv
2014-12-25 18:22 - 2014-12-25 18:22 - 00000000 ____D () C:\Users\Pascal\AppData\Local\RzStats
2014-12-24 16:10 - 2014-12-24 16:10 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-24 16:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-24 16:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-24 01:20 - 2014-11-17 22:37 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2014-12-24 01:19 - 2014-12-24 01:19 - 00068072 _____ () C:\WINDOWS\DPINST.LOG
2014-12-24 01:19 - 2014-10-31 23:27 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-12-12 15:47 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 15:47 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 23:18 - 2014-12-10 23:18 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 16:02 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 16:02 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 15:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 15:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 15:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 15:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 15:56 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 15:56 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 15:56 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 15:56 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 15:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 15:56 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 15:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 15:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 15:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 15:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 15:55 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 15:55 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 15:55 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 15:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 15:55 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-04 16:15 - 2014-12-04 16:15 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Risk_of_Rain

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-30 00:23 - 2014-08-05 22:28 - 00099328 ___SH () C:\Users\Pascal\Downloads\Thumbs.db
2014-12-30 00:21 - 2014-03-31 14:49 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-30 00:20 - 2013-10-20 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-12-30 00:20 - 2013-10-20 14:21 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-12-30 00:19 - 2013-10-20 15:26 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Battle.net
2014-12-30 00:18 - 2014-08-14 15:14 - 00100872 _____ () C:\WINDOWS\PFRO.log
2014-12-30 00:18 - 2014-03-31 14:49 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 00:18 - 2014-03-16 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-30 00:18 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-30 00:17 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-30 00:17 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-30 00:17 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-30 00:16 - 2013-10-20 12:09 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1010802133-681624663-1200860190-1001
2014-12-30 00:15 - 2013-11-05 18:57 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-12-30 00:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-12-30 00:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-30 00:01 - 2014-03-16 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\ClassicShell
2014-12-29 23:59 - 2014-03-16 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-29 22:32 - 2013-10-26 21:17 - 00324096 ___SH () C:\Users\Pascal\Desktop\Thumbs.db
2014-12-29 21:25 - 2013-10-20 14:10 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CE681B-6CA3-4450-AB68-D7D283842AA0}
2014-12-29 20:22 - 2014-05-17 00:30 - 00000000 ____D () E:\Program Files\Java
2014-12-29 20:20 - 2014-08-07 16:37 - 00000000 ____D () E:\Program Files (x86)\Java
2014-12-29 20:20 - 2014-06-16 21:57 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00111016 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2014-12-29 20:20 - 2013-11-16 23:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-29 20:19 - 2014-08-07 16:37 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-29 20:19 - 2014-03-16 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-29 18:53 - 2014-08-06 00:56 - 01788168 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-28 19:51 - 2014-05-17 00:02 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-28 03:05 - 2014-08-06 15:59 - 00000000 ____D () E:\Program Files (x86)\RivaTuner Statistics Server
2014-12-27 19:52 - 2014-08-11 00:05 - 00005484 _____ () C:\WINDOWS\setupact.log
2014-12-27 19:52 - 2013-10-20 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-27 18:29 - 2014-10-07 18:19 - 00000000 ___RD () E:\Program Files (x86)\Skype
2014-12-27 18:29 - 2013-10-20 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-25 22:43 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\vlc
2014-12-25 18:15 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-25 17:48 - 2013-08-22 15:44 - 05074848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-24 14:38 - 2013-12-25 00:59 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Razer
2014-12-24 01:20 - 2013-12-25 00:59 - 00000000 ____D () C:\ProgramData\Razer
2014-12-24 01:19 - 2013-12-25 00:00 - 00000000 ____D () E:\Program Files (x86)\Razer
2014-12-20 02:18 - 2013-11-14 23:22 - 00000000 ____D () E:\Program Files (x86)\StarCraft II
2014-12-19 14:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 11:48 - 2014-04-19 18:42 - 00000000 ____D () E:\Program Files (x86)\World of Warcraft
2014-12-18 21:34 - 2014-07-06 15:31 - 00000000 ____D () C:\Users\Pascal\.gimp-2.8
2014-12-14 20:14 - 2013-11-24 21:45 - 00000000 ____D () C:\ProgramData\Origin
2014-12-14 18:44 - 2014-11-26 18:53 - 00001205 _____ () C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2014-12-14 18:37 - 2013-11-24 21:45 - 00000000 ____D () E:\Program Files (x86)\Origin
2014-12-13 11:08 - 2014-11-21 14:18 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-13 11:08 - 2014-06-29 01:26 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-03-16 16:58 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-03-16 16:58 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2014-03-16 16:58 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 17:10 - 2013-10-25 16:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-11 19:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 14:03 - 2013-10-20 15:26 - 00000000 ____D () E:\Program Files (x86)\Battle.net
2014-12-10 23:18 - 2014-07-09 22:18 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 16:55 - 2013-10-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 16:55 - 2013-10-20 12:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 16:52 - 2013-10-20 12:39 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 21:02 - 2013-10-20 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-09 14:24 - 2014-07-12 16:52 - 00000000 ____D () E:\Program Files (x86)\Diablo III Public Test
2014-12-05 20:42 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\dvdcss
2014-12-04 21:15 - 2014-01-25 15:24 - 00000000 ____D () E:\Program Files (x86)\Hearthstone

Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Pascal\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Pascal\AppData\Local\Temp\nvStInst.exe
C:\Users\Pascal\AppData\Local\Temp\pyl4699.tmp.exe
C:\Users\Pascal\AppData\Local\Temp\Quarantine.exe
C:\Users\Pascal\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pascal\AppData\Local\Temp\sonarinst.exe
C:\Users\Pascal\AppData\Local\Temp\sqlite3.dll
C:\Users\Pascal\AppData\Local\Temp\__pythonRunner.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-29 05:27

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Pascal at 2014-12-30 00:25:15
Running from C:\Users\Pascal\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version:  - Cold Beam Games)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BRINK (HKLM-x32\...\Steam App 22350) (Version:  - Splash Damage)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version:  - Techland)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CastleStorm (HKLM-x32\...\Steam App 241410) (Version:  - Zen Studios)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CodeBlocks (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
Cyberduck 4.4.5 (14721) (HKLM-x32\...\Cyberduck) (Version: 4.4.5 (14721) - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.24.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version:  - Going Loud Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Awakening Redesigned) (Version:  - )
Dragon Age II (HKLM-x32\...\Steam App 47900) (Version:  - BioWare)
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned © Morrigan) (Version:  - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned- Leliana's Song) (Version:  - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Wynne) (Version:  - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version:  - WayForward)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ESO Survey Live version 1.4.5 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.4.5 - Immersyve, Inc.)
EVE Online (HKLM-x32\...\Steam App 8500) (Version:  - CCP)
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - Black Forest Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version:  - Paradox Development Studio)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Minifigures Online (HKLM-x32\...\LEGO Minifigures Online_is1) (Version: 1.0.0 - Funcom)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
MouseCraft (HKLM-x32\...\Steam App 252750) (Version:  - Crunching Koalas)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Firefox 32.0.3 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.2 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.2.0 - Electronic Arts)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShootMania Storm (HKLM-x32\...\Steam App 229870) (Version:  - Nadeo)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Solar 2 (HKLM-x32\...\Steam App 97000) (Version:  - Murudai)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Marines (HKLM-x32\...\Steam App 253630) (Version:  - )
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version:  - Image&amp;Form)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version:  - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Game Studios®)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version:  - Stridemann)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visitenkarten (HKLM-x32\...\{B3C40846-559F-4334-BAD5-E138F483A5C5}) (Version:  - )
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 3.0.4.3 - Wrye & Wrye Bash Development Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-12-2014 19:50:47 avast! antivirus system restore point
29-12-2014 20:22:25 Removed Java 7 Update 60 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {31603D6A-F053-4F98-836F-425073C5D8B6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {83214325-2D0C-46EE-933F-0679FAD52A3B} - System32\Tasks\Apple\AppleSoftwareUpdate => E:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DDC57E8-CFCE-4711-98E3-1F35528EC83C} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {9B5AA326-9FC9-49CD-8D15-A3E8C9AC1690} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {AA0CD51E-DA4D-4FAB-8C48-676192B55872} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {CC8A2D10-AD23-424F-BAD2-9E2DCFEF69C9} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {DA482AF7-E48A-45C4-A620-18B49C75E965} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-29] (Adobe Systems Incorporated)
Task: {E6C32FA2-C268-45E3-B1B6-76E646DD49FB} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-28] (AVAST Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-16 16:58 - 2014-12-13 09:03 - 00117576 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-05-30 10:32 - 2013-05-30 10:32 - 00034304 _____ () C:\WINDOWS\System32\ssd3clm.dll
2014-08-15 16:48 - 2014-08-15 16:48 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-10-31 23:27 - 2014-10-31 23:27 - 00183488 _____ () E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00388208 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 05851328 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-16 23:35 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-03-16 23:35 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2013-12-17 17:34 - 2014-12-13 01:13 - 00708240 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-17 17:34 - 2014-12-13 01:13 - 00854160 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-12-29 21:14 - 2014-12-29 21:14 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14122901\algo.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 04495336 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 38562088 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Pascal\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "ESO Survey Live.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "NAS Scheduler.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "BUFFALO NAS Navigator2.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "EADM"

========================= Accounts: ==========================

Administrator (S-1-5-21-1010802133-681624663-1200860190-500 - Administrator - Disabled)
Gast (S-1-5-21-1010802133-681624663-1200860190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1010802133-681624663-1200860190-1004 - Limited - Enabled)
Pascal (S-1-5-21-1010802133-681624663-1200860190-1001 - Administrator - Enabled) => C:\Users\Pascal

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (12/30/2014 00:24:58 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}

Error: (12/30/2014 00:24:28 AM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {9AA46009-3CE0-458A-A354-715610A075E6}


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-12-28 20:25:18.419
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-04 00:25:19.004
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-09 23:48:39.975
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-18 23:58:22.793
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pascal\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-18 23:58:22.738
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 10%
Total physical RAM: 16315.5 MB
Available physical RAM: 14678.32 MB
Total Pagefile: 18747.5 MB
Available Pagefile: 17005.96 MB
Total Virtual: 131072 MB
Available Virtual: 131071.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.93 GB) (Free:26 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:126.93 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3964B577)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB3FFC79)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 30.12.2014, 17:57   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Nö, immer nur Rechner 1.



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.12.2014, 00:53   #11
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



log.txt
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=363ddc7f0d96b14da655d0f1a474c434
# engine=21761
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-30 08:50:14
# local_time=2014-12-30 09:50:14 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 95 81544 24630409 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 179347 4178346 0 0
# scanned=20500
# found=0
# cleaned=0
# scan_time=1193
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=363ddc7f0d96b14da655d0f1a474c434
# engine=21761
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-31 12:06:04
# local_time=2014-12-31 01:06:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 95 93294 24642159 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 191097 4190096 0 0
# scanned=675135
# found=0
# cleaned=0
# scan_time=11634
         
checkup.txt
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.93  
   x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 25  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	16.0.0.235  
 Mozilla Firefox 32.0.1 Firefox out of Date!  
 Mozilla Thunderbird (24.3.0) 
 Google Chrome (39.0.2171.71) 
 Google Chrome (39.0.2171.95) 
````````Process Check: objlist.exe by Laurent````````  
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast ng vbox\AvastVBoxSVC.exe 
 AVAST Software Avast ng ngservice.exe 
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
FRST.txt

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Pascal (administrator) on PASCALS-PC on 31-12-2014 01:49:12
Running from C:\Users\Pascal\Downloads
Loaded Profile: Pascal (Available profiles: Pascal)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) E:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(BUFFALO INC.) E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avast Software) E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Apple Inc.) E:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) E:\Program Files\Windows Media Player\wmpnetwk.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(IvoSoft) E:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\System\HsMgr64.exe
(NVIDIA Corporation) E:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(AVAST Software) E:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
() E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) E:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => E:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [Classic Start Menu] => E:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [Cmaudio8788] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\WINDOWS\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\WINDOWS\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM-x32\...\Run: [APSDaemon] => E:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => E:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585536 2014-11-03] (Razer Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => E:\Program Files\AVAST Software\Avast\AvastUI.exe [5226600 2014-12-28] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [1941696 2014-12-20] (Valve Corporation)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Battle.net] => E:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2864688 2014-12-10] (Blizzard Entertainment)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [EADM] => E:\Program Files (x86)\Origin\Origin.exe [3618648 2014-11-26] (Electronic Arts)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [Skype] => E:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Run: [GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED] => E:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
AppInit_DLLs: E:\Program Files => E:\Program Files [0 2014-12-30] ()
AppInit_DLLs-x32: E:\Program Files => E:\Program Files [0 2014-12-30] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> E:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BUFFALO NAS Navigator2.lnk
ShortcutTarget: BUFFALO NAS Navigator2.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\NasNavi.exe (Buffalo Inc.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\NAS Scheduler.lnk
ShortcutTarget: NAS Scheduler.lnk -> E:\Program Files (x86)\BUFFALO\NASNAVI\nassche.exe (BUFFALO INC.)
Startup: C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> E:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => E:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => E:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=AV01
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.msn.com/?pc=AV01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1010802133-681624663-1200860190-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_64.dll (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> E:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> E:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> E:\Program Files\Classic Shell\ClassicIEDLL_32.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - E:\Program Files\Classic Shell\ClassicExplorer64.dll No File
Toolbar: HKLM-x32 - No Name - {553891B7-A0D5-4526-BE18-D3CE461D6310} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default
FF DefaultSearchEngine: Microsoft (Bing)
FF DefaultSearchUrl: hxxp://www.bing.com/search
FF SearchEngineOrder.1: Microsoft (Bing)
FF SelectedSearchEngine: Microsoft (Bing)
FF Homepage: hxxp://www.msn.com/?pc=AV01
FF Keyword.URL: hxxp://www.bing.com/search
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> E:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> E:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> E:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> E:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> E:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> E:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> E:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1010802133-681624663-1200860190-1001: ubisoft.com/uplaypc -> E:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\9ir82fto.default\searchplugins\bing-avast.xml
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - E:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - E:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-20]

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.msn.com/?pc=AV01
CHR StartupUrls: Default -> "https://www.google.de/"
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-31]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-03]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-31]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-31]
CHR Extension: (ZenMate) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-12-09]
CHR Extension: (Twitch Live) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\iiljidcefnbhbpamageahhblhbbhhopm [2014-08-30]
CHR Extension: (Erfassen Webseite Screenshot - FireShot) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2014-12-30]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-31]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-31]
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-29]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-29]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-29]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-29]
CHR Extension: (avast! Online Security) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-29]
CHR Extension: (Google Wallet) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-08-29]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - E:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Apple Mobile Device; E:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [43336 2014-06-12] (Apple Inc.)
R2 avast! Antivirus; E:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-28] (AVAST Software)
R3 AvastVBoxSvc; E:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-12-28] (Avast Software)
R2 Bonjour Service; E:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-30] (Apple Inc.)
S3 DAUpdaterSvc; E:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2014-07-19] (BioWare)
R2 GfExperienceService; E:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-13] (NVIDIA Corporation)
S2 gupdate; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
S3 gupdatem; E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [116648 2013-10-20] (Google Inc.)
R3 iPod Service; E:\Program Files\iPod\bin\iPodService.exe [641352 2014-08-01] (Apple Inc.)
S3 MozillaMaintenance; E:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [118896 2014-02-13] (Mozilla Foundation)
R2 NasPmService; E:\Program Files (x86)\BUFFALO\NASNAVI\nassvc.exe [251760 2012-03-29] (BUFFALO INC.)
R2 NvNetworkService; E:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 NvStreamSvc; E:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-13] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [1900400 2014-11-26] (Electronic Arts)
S3 ose; E:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [149352 2010-01-09] (Microsoft Corporation)
S3 osppsvc; E:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-15] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-12] ()
R2 Razer Game Scanner Service; E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [186048 2014-12-09] ()
S2 SkypeUpdate; E:\Program Files (x86)\Skype\Updater\Updater.exe [315496 2014-12-11] (Skype Technologies)
S3 Steam Client Service; E:\Program Files (x86)\Common Files\Steam\SteamService.exe [833728 2014-12-20] (Valve Corporation)
R2 Stereo Service; E:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [410768 2014-12-13] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-28] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-28] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-28] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-28] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-28] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-28] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-28] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-28] ()
S3 cmudaxp; C:\Windows\system32\drivers\cmudaxp.sys [2735616 2013-12-11] (C-Media Inc)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [37888 2014-09-02] (LogMeIn Inc.) [File not signed]
R3 NvStreamKms; E:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-13] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [39592 2014-09-05] (Razer Inc)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2014-12-09] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129600 2014-11-17] (Razer, Inc.)
R2 VBoxAswDrv; E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-12-28] (Avast Software)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 01:48 - 2014-12-31 01:48 - 00001020 _____ () C:\Users\Pascal\Desktop\checkup.txt
2014-12-30 21:27 - 2014-12-30 21:27 - 00000000 ____D () E:\Program Files (x86)\ESET
2014-12-30 21:26 - 2014-12-30 21:27 - 02347384 _____ (ESET) C:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe
2014-12-30 21:26 - 2014-12-30 21:26 - 00852505 _____ () C:\Users\Pascal\Downloads\SecurityCheck.exe
2014-12-30 03:52 - 2014-12-30 03:52 - 00000197 _____ () C:\WINDOWS\system32\2014-12-30-02-52-36.040-AvastVBoxSVC.exe-3064.log
2014-12-30 02:44 - 2014-12-30 03:09 - 00000000 ____D () C:\Users\Pascal\Desktop\Daten
2014-12-30 00:29 - 2014-12-30 00:29 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-29-01.015-AvastVBoxSVC.exe-3008.log
2014-12-30 00:20 - 2014-12-30 00:21 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-20-50.028-AvastVBoxSVC.exe-3316.log
2014-12-30 00:20 - 2014-12-30 00:20 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-12-30 00:16 - 2014-12-30 00:17 - 00000000 ____D () C:\AdwCleaner
2014-12-30 00:16 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-16-27.053-aswFe.exe-6520.log
2014-12-30 00:14 - 2014-12-30 00:16 - 00000247 _____ () C:\WINDOWS\system32\2014-12-29-23-14-47.042-aswFe.exe-2820.log
2014-12-30 00:14 - 2014-12-30 00:14 - 01707939 _____ (Thisisu) C:\Users\Pascal\Desktop\JRT.exe
2014-12-30 00:14 - 2014-12-30 00:14 - 00000197 _____ () C:\WINDOWS\system32\2014-12-29-23-14-45.074-AvastVBoxSVC.exe-2268.log
2014-12-30 00:13 - 2014-12-30 00:13 - 02173952 _____ () C:\Users\Pascal\Desktop\AdwCleaner_4.106.exe
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\SysWOW64\vbox
2014-12-30 00:13 - 2014-12-30 00:13 - 00000000 ____D () C:\WINDOWS\system32\vbox
2014-12-29 23:59 - 2014-12-29 23:59 - 00001017 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () E:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-29 23:59 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-29 23:59 - 2014-11-21 06:14 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-12-29 23:59 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-12-29 15:27 - 2014-12-30 00:12 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-12-29 15:27 - 2014-12-29 23:59 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-29 15:27 - 2014-12-29 15:36 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-29 15:25 - 2014-12-29 15:36 - 00000000 ____D () C:\Users\Pascal\Desktop\mbar
2014-12-29 15:25 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-12-29 15:20 - 2014-12-29 15:20 - 16448208 _____ (Malwarebytes Corp.) C:\Users\Pascal\Desktop\mbar-1.08.2.1001.exe
2014-12-29 15:19 - 2014-12-29 15:19 - 04187592 _____ (Kaspersky Lab ZAO) C:\Users\Pascal\Downloads\tdsskiller.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-12-28 19:51 - 2014-12-28 19:51 - 00001055 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-12-28 17:08 - 2014-12-28 21:02 - 00000000 ____D () E:\Program Files (x86)\Mozilla Thunderbird
2014-12-28 16:41 - 2014-12-31 01:49 - 00022008 _____ () C:\Users\Pascal\Downloads\FRST.txt
2014-12-28 16:41 - 2014-12-31 01:49 - 00000000 ____D () C:\FRST
2014-12-28 16:41 - 2014-12-30 00:25 - 00032284 _____ () C:\Users\Pascal\Downloads\Addition.txt
2014-12-28 16:29 - 2014-12-28 16:29 - 02123264 _____ (Farbar) C:\Users\Pascal\Downloads\FRST64.exe
2014-12-28 01:34 - 2014-12-30 19:24 - 00000000 ____D () E:\Program Files (x86)\Mod Organizer
2014-12-28 01:34 - 2014-12-28 01:34 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mod Organizer
2014-12-27 19:52 - 2014-12-27 19:52 - 00002032 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-12-27 19:52 - 2014-12-13 01:47 - 00620176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-12-27 19:51 - 2014-12-27 19:52 - 00000000 ____D () C:\WINDOWS\LastGood
2014-12-27 19:51 - 2014-12-13 11:08 - 32099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 25460552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 20465808 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 17264312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13288360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 13202520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10770120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10710160 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 10345280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-12-27 19:51 - 2014-12-13 11:08 - 03610440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 03248968 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01895056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 01556624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434709.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00994384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00968336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00942400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00928072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00906560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00876976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00834880 _____ () C:\WINDOWS\system32\nvmcumd.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00496272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00399688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00391488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00353224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00346944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00306328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00178632 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2014-12-27 19:51 - 2014-12-13 11:08 - 00165760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2014-12-27 19:51 - 2014-10-09 18:02 - 00195728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvhda64v.sys
2014-12-27 19:51 - 2014-10-09 18:02 - 00030536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2014-12-27 19:51 - 2014-10-09 08:17 - 01540240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdagenco64.dll
2014-12-27 04:12 - 2014-12-27 18:55 - 00000000 ____D () C:\ENB FXAA SweetFX Manager
2014-12-26 02:06 - 2014-12-30 05:37 - 00000000 ____D () C:\Users\Pascal\Downloads\Skyrim
2014-12-26 01:33 - 2014-12-26 01:34 - 18816637 _____ () C:\Users\Pascal\Desktop\Mod Organizer v1_2_14 installer-1334-1-2-14.exe
2014-12-25 23:00 - 2014-12-25 23:00 - 00012678 _____ () C:\Users\Pascal\Desktop\Mods.csv
2014-12-25 18:22 - 2014-12-25 18:22 - 00000000 ____D () C:\Users\Pascal\AppData\Local\RzStats
2014-12-24 16:10 - 2014-12-24 16:10 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-12-24 16:10 - 2014-11-22 11:46 - 00038032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-12-24 16:10 - 2014-11-22 11:46 - 00032400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-12-24 01:20 - 2014-11-17 22:37 - 00129600 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2014-12-24 01:19 - 2014-12-24 01:19 - 00068072 _____ () C:\WINDOWS\DPINST.LOG
2014-12-24 01:19 - 2014-12-09 23:21 - 00037184 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2014-12-19 04:22 - 2014-12-19 04:22 - 00009728 _____ (Razer Inc.) C:\WINDOWS\SysWOW64\RzStats.IPC.dll
2014-12-12 15:47 - 2014-10-30 23:37 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-12-12 15:47 - 2014-10-30 23:34 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-12-10 23:18 - 2014-12-10 23:18 - 00000000 ____D () C:\WINDOWS\system32\appraiser
2014-12-10 16:02 - 2014-11-10 03:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-11-10 02:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2014-12-10 16:02 - 2014-10-31 00:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-12-10 16:02 - 2014-10-31 00:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-12-10 15:56 - 2014-11-22 04:13 - 25059840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:50 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-12-10 15:56 - 2014-11-22 03:49 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-12-10 15:56 - 2014-11-22 03:48 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:35 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-12-10 15:56 - 2014-11-22 03:34 - 06039552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-12-10 15:56 - 2014-11-22 03:22 - 19749376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-12-10 15:56 - 2014-11-22 03:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 03:07 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-12-10 15:56 - 2014-11-22 03:06 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-12-10 15:56 - 2014-11-22 03:06 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 03:05 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-12-10 15:56 - 2014-11-22 03:01 - 02277888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-12-10 15:56 - 2014-11-22 02:59 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:55 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-12-10 15:56 - 2014-11-22 02:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:49 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-12-10 15:56 - 2014-11-22 02:49 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:46 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:43 - 14412800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:35 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-12-10 15:56 - 2014-11-22 02:34 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-12-10 15:56 - 2014-11-22 02:33 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 04299264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-12-10 15:56 - 2014-11-22 02:29 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-12-10 15:56 - 2014-11-22 02:28 - 02358272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-12-10 15:56 - 2014-11-22 02:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-12-10 15:56 - 2014-11-22 02:23 - 00326656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-12-10 15:56 - 2014-11-22 02:22 - 02052096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-12-10 15:56 - 2014-11-22 02:15 - 01548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-12-10 15:56 - 2014-11-22 02:13 - 12836864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-12-10 15:56 - 2014-11-22 02:03 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-12-10 15:56 - 2014-11-22 02:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-12-10 15:56 - 2014-11-22 01:56 - 01307136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-12-10 15:56 - 2014-11-22 01:54 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-12-10 15:55 - 2014-12-04 00:37 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-12-10 15:55 - 2014-12-04 00:09 - 00830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 01083392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00396288 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-12-10 15:55 - 2014-12-03 00:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-12-10 15:55 - 2014-11-07 05:16 - 01762840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-07 04:26 - 01489072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-12-10 15:55 - 2014-11-01 00:57 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-12-10 15:55 - 2014-11-01 00:47 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-12-10 15:55 - 2014-10-13 03:43 - 00238912 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00153920 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-12-10 15:55 - 2014-10-13 03:43 - 00039744 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-12-04 16:15 - 2014-12-04 16:15 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Risk_of_Rain

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-31 01:45 - 2014-03-16 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\ClassicShell
2014-12-31 01:21 - 2014-03-31 14:49 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-31 01:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-31 00:59 - 2014-03-16 16:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-30 21:50 - 2013-10-20 19:13 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-12-30 21:50 - 2013-10-20 14:21 - 00000000 ____D () E:\Program Files (x86)\Steam
2014-12-30 21:46 - 2013-10-20 15:26 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Battle.net
2014-12-30 21:44 - 2013-10-20 14:10 - 00003942 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{61CE681B-6CA3-4450-AB68-D7D283842AA0}
2014-12-30 21:27 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-30 21:27 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-12-30 21:27 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-12-30 21:24 - 2014-08-11 00:05 - 00006279 _____ () C:\WINDOWS\setupact.log
2014-12-30 20:59 - 2013-11-05 18:57 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-12-30 19:39 - 2014-02-07 16:05 - 00008980 _____ () C:\Users\Pascal\Documents\TombRaider.log
2014-12-30 19:31 - 2014-06-24 21:12 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Nidhogg
2014-12-30 19:13 - 2014-08-06 00:56 - 01857046 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-30 15:35 - 2013-10-20 12:09 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1010802133-681624663-1200860190-1001
2014-12-30 15:25 - 2014-03-31 14:49 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-30 03:50 - 2014-03-16 16:58 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-30 03:50 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-30 00:23 - 2014-08-05 22:28 - 00099328 ___SH () C:\Users\Pascal\Downloads\Thumbs.db
2014-12-30 00:18 - 2014-08-14 15:14 - 00100872 _____ () C:\WINDOWS\PFRO.log
2014-12-30 00:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-12-29 22:32 - 2013-10-26 21:17 - 00324096 ___SH () C:\Users\Pascal\Desktop\Thumbs.db
2014-12-29 20:20 - 2014-08-07 16:37 - 00000000 ____D () E:\Program Files (x86)\Java
2014-12-29 20:20 - 2014-06-16 21:57 - 00320936 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00191400 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-12-29 20:20 - 2014-06-16 21:57 - 00190888 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-12-29 20:20 - 2013-11-16 23:55 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-29 20:19 - 2014-08-07 16:37 - 00272296 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00176552 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-12-29 20:19 - 2014-08-07 16:37 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-29 20:19 - 2014-03-16 16:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-12-28 19:51 - 2014-05-17 00:02 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 01050432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsnx.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00083280 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-12-28 19:51 - 2014-03-20 21:03 - 00003924 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-12-28 03:05 - 2014-08-06 15:59 - 00000000 ____D () E:\Program Files (x86)\RivaTuner Statistics Server
2014-12-27 19:52 - 2013-10-20 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-27 18:29 - 2014-10-07 18:19 - 00000000 ___RD () E:\Program Files (x86)\Skype
2014-12-27 18:29 - 2013-10-20 19:13 - 00000000 ____D () C:\ProgramData\Skype
2014-12-27 17:20 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-25 18:15 - 2013-08-22 14:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-25 17:48 - 2013-08-22 15:44 - 05074848 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-24 14:38 - 2013-12-25 00:59 - 00000000 ____D () C:\Users\Pascal\AppData\Local\Razer
2014-12-24 01:20 - 2013-12-25 00:59 - 00000000 ____D () C:\ProgramData\Razer
2014-12-24 01:19 - 2013-12-25 00:00 - 00000000 ____D () E:\Program Files (x86)\Razer
2014-12-20 02:18 - 2013-11-14 23:22 - 00000000 ____D () E:\Program Files (x86)\StarCraft II
2014-12-19 14:47 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-19 11:48 - 2014-04-19 18:42 - 00000000 ____D () E:\Program Files (x86)\World of Warcraft
2014-12-18 21:34 - 2014-07-06 15:31 - 00000000 ____D () C:\Users\Pascal\.gimp-2.8
2014-12-14 20:14 - 2013-11-24 21:45 - 00000000 ____D () C:\ProgramData\Origin
2014-12-14 18:44 - 2014-11-26 18:53 - 00001205 _____ () C:\Users\Public\Desktop\Dragon Age Inquisition.lnk
2014-12-14 18:37 - 2013-11-24 21:45 - 00000000 ____D () E:\Program Files (x86)\Origin
2014-12-13 11:08 - 2014-11-21 14:18 - 24764232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-12-13 11:08 - 2014-06-29 01:26 - 16040184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00074056 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:58 - 00060560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 18594432 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 14128496 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 03293136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 02897824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2014-12-13 11:08 - 2014-03-16 16:56 - 00027983 _____ () C:\WINDOWS\system32\nvinfo.pb
2014-12-13 09:03 - 2014-03-16 16:58 - 06859408 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 03513488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 02558608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00935240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2014-12-13 09:03 - 2014-03-16 16:58 - 00386368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2014-12-13 09:03 - 2014-03-16 16:58 - 00062608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01715224 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2014-12-13 01:12 - 2014-06-12 14:34 - 01291464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02824504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2014-12-13 01:12 - 2013-10-28 16:17 - 02210040 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2014-12-13 00:11 - 2014-03-16 16:58 - 04151176 _____ () C:\WINDOWS\system32\nvcoproc.bin
2014-12-12 17:10 - 2013-10-25 16:19 - 00000072 _____ () C:\Users\Public\LMDebug.log
2014-12-11 19:45 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-12-11 14:03 - 2013-10-20 15:26 - 00000000 ____D () E:\Program Files (x86)\Battle.net
2014-12-10 23:18 - 2014-07-09 22:18 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-12-10 23:18 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppCompat
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-12-10 16:56 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-12-10 16:55 - 2013-10-20 14:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-10 16:55 - 2013-10-20 12:39 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-10 16:52 - 2013-10-20 12:39 - 112710672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-12-09 21:02 - 2013-10-20 14:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2014-12-09 14:24 - 2014-07-12 16:52 - 00000000 ____D () E:\Program Files (x86)\Diablo III Public Test
2014-12-05 20:42 - 2014-04-06 00:55 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\dvdcss
2014-12-04 21:15 - 2014-01-25 15:24 - 00000000 ____D () E:\Program Files (x86)\Hearthstone

Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\Pascal\AppData\Local\Temp\jre-8u20-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\jre-8u25-windows-au.exe
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Pascal\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Pascal\AppData\Local\Temp\nvStInst.exe
C:\Users\Pascal\AppData\Local\Temp\pyl4699.tmp.exe
C:\Users\Pascal\AppData\Local\Temp\Quarantine.exe
C:\Users\Pascal\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Pascal\AppData\Local\Temp\sonarinst.exe
C:\Users\Pascal\AppData\Local\Temp\sqlite3.dll
C:\Users\Pascal\AppData\Local\Temp\__pythonRunner.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-29 05:27

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition.txt
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Pascal at 2014-12-31 01:49:34
Running from C:\Users\Pascal\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
Batman™: Arkham Origins (HKLM-x32\...\Steam App 209000) (Version:  - WB Games Montreal)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield™ Hardline Beta (HKLM-x32\...\{599276A7-F45D-40B1-A0B6-CF132A1CAD49}) (Version: 1.0.0.5 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Beat Hazard (HKLM-x32\...\Steam App 49600) (Version:  - Cold Beam Games)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version:  - 2K Australia)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BRINK (HKLM-x32\...\Steam App 22350) (Version:  - Splash Damage)
BUFFALO NAS Navigator2 (HKLM-x32\...\UN060501) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version:  - Techland)
CanoScan Toolbox Ver4.9 (HKLM-x32\...\{CA9BCD4D-B782-4637-8F1F-F9A328D3C244}) (Version:  - )
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version:  - The Behemoth)
CastleStorm (HKLM-x32\...\Steam App 241410) (Version:  - Zen Studios)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version:  - Colossal Order Ltd.)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CodeBlocks (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\CodeBlocks) (Version: 13.12 - The Code::Blocks Team)
Company of Heroes 2 (HKLM-x32\...\Steam App 231430) (Version:  - Relic Entertainment)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Creation Kit (HKLM-x32\...\Steam App 202480) (Version:  - bgs.bethsoft.com)
Cyberduck 4.4.5 (14721) (HKLM-x32\...\Cyberduck) (Version: 4.4.5 (14721) - )
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dead Space™ 3 (HKLM-x32\...\{D4329609-4102-4F8C-B83F-7FE024EEA314}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version:  - Blizzard Entertainment)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.2.24.20 - Electronic Arts Inc.)
Die Sims™ 4 Erstelle einen Sim-Demo (HKLM-x32\...\{6908ED99-F02B-4E99-A202-3FAC99C510ED}) (Version: 1.0.233.190 - Electronic Arts Inc.)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version:  - Going Loud Studios)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dragon Age Awakening Redesigned (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Awakening Redesigned) (Version:  - )
Dragon Age II (HKLM-x32\...\Steam App 47900) (Version:  - BioWare)
Dragon Age Redesigned © Morrigan (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned © Morrigan) (Version:  - )
Dragon Age Redesigned- Leliana's Song (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned- Leliana's Song) (Version:  - )
Dragon Age Redesigned Oghren© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned Oghren©) (Version:  - )
Dragon Age Redesigned©  Zevran (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©  Zevran) (Version:  - )
Dragon Age Redesigned© (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned©) (Version:  - )
Dragon Age Redesigned© Leliana (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Leliana) (Version:  - )
Dragon Age Redesigned© Sten (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Sten) (Version:  - )
Dragon Age Redesigned© Wynne (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Dragon Age Redesigned© Wynne) (Version:  - )
Dragon Age: Origins - Ultimate Edition (HKLM-x32\...\Steam App 47810) (Version:  - BioWare)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.3 - Electronic Arts)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version:  - WayForward)
EA SPORTS™ FIFA 15 Demo (HKLM-x32\...\{108C0C19-6316-4944-A62F-C744488F8639}) (Version: 1.0.0.0 - Electronic Arts)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version:  - AMPLITUDE Studios)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
ESO Survey Live version 1.4.5 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.4.5 - Immersyve, Inc.)
EVE Online (HKLM-x32\...\Steam App 8500) (Version:  - CCP)
Evolve (HKLM-x32\...\Steam App 273350) (Version:  - Turtle Rock Studios)
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
FIFA 12 (HKLM-x32\...\{EA8ADAA9-6671-4839-A51E-0C6792B78F3E}) (Version: 1.6.0.0 - Electronic Arts)
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free PDF to Word Doc Converter v1.1 (HKLM-x32\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - Black Forest Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version:  - Robotronic Games)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hearts of Iron III (HKLM-x32\...\Steam App 25890) (Version:  - Paradox Development Studio)
Intel(R) Network Connections 18.2.63.0 (HKLM\...\PROSetDX) (Version: 18.2.63.0 - Intel)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Minifigures Online (HKLM-x32\...\LEGO Minifigures Online_is1) (Version: 1.0.0 - Funcom)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
MouseCraft (HKLM-x32\...\Steam App 252750) (Version:  - Crunching Koalas)
Mozilla Firefox 32.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.1 (x86 de)) (Version: 32.0.1 - Mozilla)
Mozilla Firefox 32.0.3 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
Mozilla Thunderbird 24.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.3.0 (x86 de)) (Version: 24.3.0 - Mozilla)
Mozilla Thunderbird 31.3.0 (x86 de) (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\Mozilla Thunderbird 31.3.0 (x86 de)) (Version: 31.3.0 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.2 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.3 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.09 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.09 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 347.09 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version:  - OVERKILL Software)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.2.0 - Electronic Arts)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.18.23036 - Razer Inc.)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
ROCCAT Kone Pure Mouse Driver (HKLM-x32\...\{4905245D-56E7-4176-BE68-962728B803D6}) (Version:  - Roccat GmbH)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Sanctum (HKLM-x32\...\Steam App 91600) (Version:  - Coffee Stain Studios)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
ShootMania Storm (HKLM-x32\...\Steam App 229870) (Version:  - Nadeo)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Solar 2 (HKLM-x32\...\Steam App 97000) (Version:  - Murudai)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Marines (HKLM-x32\...\Steam App 253630) (Version:  - )
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version:  - Image&amp;Form)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version:  - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Game Studios®)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Sims 2: Ultimate Collection (HKLM-x32\...\{04450C18-F039-4B81-A621-70C3B0F523D5}) (Version: 1.0.0.0 - Electronic Arts)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Thinking with Time Machine (HKLM-x32\...\Steam App 286080) (Version:  - Stridemann)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
UNi Xonar Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity Web Player (HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Universe Sandbox (HKLM-x32\...\Steam App 72200) (Version:  - Giant Army)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Visitenkarten (HKLM-x32\...\{B3C40846-559F-4334-BAD5-E138F483A5C5}) (Version:  - )
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Wrye Bash (HKLM-x32\...\Wrye Bash) (Version: 3.0.4.3 - Wrye & Wrye Bash Development Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

28-12-2014 19:50:47 avast! antivirus system restore point
29-12-2014 20:22:25 Removed Java 7 Update 60 (64-bit)

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {31603D6A-F053-4F98-836F-425073C5D8B6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {83214325-2D0C-46EE-933F-0679FAD52A3B} - System32\Tasks\Apple\AppleSoftwareUpdate => E:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8DDC57E8-CFCE-4711-98E3-1F35528EC83C} - System32\Tasks\GoogleUpdateTaskMachineUA => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {9B5AA326-9FC9-49CD-8D15-A3E8C9AC1690} - System32\Tasks\CCleanerSkipUAC => E:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {A008DB0F-322A-4965-9B85-CB54CA9C113C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-12-10] (Microsoft Corporation)
Task: {CC8A2D10-AD23-424F-BAD2-9E2DCFEF69C9} - System32\Tasks\GoogleUpdateTaskMachineCore => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-10-20] (Google Inc.)
Task: {DA482AF7-E48A-45C4-A620-18B49C75E965} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-29] (Adobe Systems Incorporated)
Task: {E6C32FA2-C268-45E3-B1B6-76E646DD49FB} - System32\Tasks\avast! Emergency Update => E:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-28] (AVAST Software)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => E:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-05-30 10:32 - 2013-05-30 10:32 - 00034304 _____ () C:\WINDOWS\System32\ssd3clm.dll
2014-08-15 16:48 - 2014-08-15 16:48 - 00076152 _____ () C:\WINDOWS\system32\PnkBstrA.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 00388208 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 05851328 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-03-16 16:58 - 2014-12-13 09:03 - 00117576 _____ () E:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () E:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-03-16 23:35 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2014-03-16 23:35 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\System\HsMgr64.exe
2013-12-17 17:34 - 2014-12-13 01:13 - 00708240 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2013-12-17 17:34 - 2014-12-13 01:13 - 00854160 _____ () E:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-12-09 23:22 - 2014-12-09 23:22 - 00186048 _____ () E:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2014-12-28 19:51 - 2014-12-28 19:51 - 04495336 _____ () E:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-30 19:31 - 2014-12-30 19:31 - 02908160 _____ () E:\Program Files\AVAST Software\Avast\defs\14123001\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () E:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-12-28 19:51 - 2014-12-28 19:51 - 38562088 _____ () E:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-01 10:08 - 2014-06-01 10:08 - 00035328 _____ () E:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00091648 _____ () E:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 17:41 - 2014-05-24 17:41 - 00892416 _____ () E:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01077064 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 00211272 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 09009480 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 19:26 - 2014-12-06 02:50 - 01677128 _____ () E:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Pascal\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "ESO Survey Live.lnk"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "NAS Scheduler.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\StartupFolder: => "BUFFALO NAS Navigator2.lnk"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1010802133-681624663-1200860190-1001\...\StartupApproved\Run: => "EADM"

========================= Accounts: ==========================

Administrator (S-1-5-21-1010802133-681624663-1200860190-500 - Administrator - Disabled)
Gast (S-1-5-21-1010802133-681624663-1200860190-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1010802133-681624663-1200860190-1004 - Limited - Enabled)
Pascal (S-1-5-21-1010802133-681624663-1200860190-1001 - Administrator - Enabled) => C:\Users\Pascal

==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/31/2014 01:45:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/30/2014 10:42:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{5b553e30-20eb-4018-8526-38096049c098}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (12/30/2014 10:42:19 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (12/30/2014 09:51:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.0.0.35, Zeitstempel: 0x548957e0
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc000041d
Fehleroffset: 0x353a3135
ID des fehlerhaften Prozesses: 0x1bfc
Startzeit der fehlerhaften Anwendung: 0xRzStats.Manager.exe0
Pfad der fehlerhaften Anwendung: RzStats.Manager.exe1
Pfad des fehlerhaften Moduls: RzStats.Manager.exe2
Berichtskennung: RzStats.Manager.exe3
Vollständiger Name des fehlerhaften Pakets: RzStats.Manager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RzStats.Manager.exe5

Error: (12/30/2014 09:51:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: RzStats.Manager.exe, Version: 1.0.0.35, Zeitstempel: 0x548957e0
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x353a3135
ID des fehlerhaften Prozesses: 0x1bfc
Startzeit der fehlerhaften Anwendung: 0xRzStats.Manager.exe0
Pfad der fehlerhaften Anwendung: RzStats.Manager.exe1
Pfad des fehlerhaften Moduls: RzStats.Manager.exe2
Berichtskennung: RzStats.Manager.exe3
Vollständiger Name des fehlerhaften Pakets: RzStats.Manager.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: RzStats.Manager.exe5

Error: (12/30/2014 09:51:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 353A3135
Stapel:

Error: (12/30/2014 09:51:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/30/2014 09:51:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/30/2014 09:27:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (12/30/2014 09:27:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.


System errors:
=============
Error: (12/30/2014 06:56:30 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/30/2014 06:56:00 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/30/2014 04:38:17 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/30/2014 04:08:41 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/30/2014 04:08:11 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/30/2014 03:52:35 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/30/2014 03:52:05 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/30/2014 03:36:44 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/30/2014 03:36:14 PM) (Source: DCOM) (EventID: 10010) (User: Pascals-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/30/2014 00:59:52 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Razer Game Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (12/31/2014 01:45:48 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestE:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (12/30/2014 10:42:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: \\?\Volume{5b553e30-20eb-4018-8526-38096049c098}\Falscher Parameter. (0x80070057)

Error: (12/30/2014 10:42:19 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WiederherstellungFalscher Parameter. (0x80070057)

Error: (12/30/2014 09:51:57 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RzStats.Manager.exe1.0.0.35548957e0unknown0.0.0.000000000c000041d353a31351bfc01d0243ce857009dC:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeunknownb1253e41-9065-11e4-bf21-bc5ff4bc94c0

Error: (12/30/2014 09:51:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: RzStats.Manager.exe1.0.0.35548957e0unknown0.0.0.000000000c0000005353a31351bfc01d0243ce857009dC:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exeunknownb06e418e-9065-11e4-bf21-bc5ff4bc94c0

Error: (12/30/2014 09:51:56 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: RzStats.Manager.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: Ausnahmecode c0000005, Ausnahmeadresse 353A3135
Stapel:

Error: (12/30/2014 09:51:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe

Error: (12/30/2014 09:51:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe

Error: (12/30/2014 09:27:25 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe

Error: (12/30/2014 09:27:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Pascal\Downloads\esetsmartinstaller_deu.exe


CodeIntegrity Errors:
===================================
  Date: 2014-12-28 20:25:18.419
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-09-04 00:25:19.004
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\Hamdrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-08-09 23:48:39.975
  Description: Code Integrity determined that a process (\Device\HarddiskVolume6\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume6\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2014-07-18 23:58:22.793
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Users\Pascal\AppData\Local\Temp\EverestDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-18 23:58:22.738
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Percentage of memory in use: 18%
Total physical RAM: 16315.5 MB
Available physical RAM: 13263.79 MB
Total Pagefile: 18747.5 MB
Available Pagefile: 15306.23 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:110.93 GB) (Free:24.88 GB) NTFS
Drive e: (Daten) (Fixed) (Total:931.51 GB) (Free:130.28 GB) NTFS
Drive f: () (Removable) (Total:7.85 GB) (Free:6.62 GB) NTFS
Drive g: (UUI) (Removable) (Total:3.73 GB) (Free:2.78 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 111.8 GB) (Disk ID: 3964B577)

Partition: GPT Partition Type.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CB3FFC79)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 7.9 GB) (Disk ID: 010E39BC)
Partition 1: (Active) - (Size=7.9 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 3.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
         

Alt 31.12.2014, 15:26   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Java und Firefox updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
AppInit_DLLs: E:\Program Files => E:\Program Files [0 2014-12-30] ()
AppInit_DLLs-x32: E:\Program Files => E:\Program Files [0 2014-12-30] ()
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.12.2014, 16:38   #13
LiveSergeant
 
Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Hat alles geklappt und vielen Dank für die nette Unterstützung!

Alt 31.12.2014, 18:22   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Telekom Abuse Team warnt vor Bedrohung. - Standard

Telekom Abuse Team warnt vor Bedrohung.



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Telekom Abuse Team warnt vor Bedrohung.
abuse, antivirus, avast, bedrohung, befinden, board, e-mail, erhalte, folge, folgende, frage, hinweise, infiziert, interne, laufen, meldung, rechner, sicherheitsexperten, telekom, trojaner, trojaner board, verbindet, warnt, wirklich, zugang, zusätzlich



Ähnliche Themen: Telekom Abuse Team warnt vor Bedrohung.


  1. Email vom Telekom-Abuse Team mit Hinweis auf Trojaner gozi2
    Log-Analyse und Auswertung - 20.10.2015 (11)
  2. Email vom Abuse-Team der Telekom
    Plagegeister aller Art und deren Bekämpfung - 11.08.2015 (14)
  3. Bedep , Skinhole, Meldung Telekom Abuse Team
    Log-Analyse und Auswertung - 31.07.2015 (21)
  4. Brief von Telekom-Abuse-Team (Sinkhole)
    Log-Analyse und Auswertung - 01.07.2015 (7)
  5. Telekom Abuse Team - generic Trojaner/Virus
    Log-Analyse und Auswertung - 03.06.2015 (37)
  6. Deutsche Telekom Abuse-Team - Infektion: generic
    Plagegeister aller Art und deren Bekämpfung - 25.04.2015 (19)
  7. Telekom Abuse Team, Infektion: generic
    Plagegeister aller Art und deren Bekämpfung - 01.03.2015 (13)
  8. Telekom Abuse Team - generic Trojaner/Virus
    Alles rund um Windows - 25.02.2015 (27)
  9. Telekom Abuse Team - generic Trojaner/Virus
    Alles rund um Mac OSX & Linux - 20.02.2015 (9)
  10. Telekom Abuse Team E-Mail - generic Trojaner
    Plagegeister aller Art und deren Bekämpfung - 18.02.2015 (9)
  11. Sicherheitswarnung Telekom Abuse Team
    Log-Analyse und Auswertung - 10.02.2015 (13)
  12. Telekom Abuse Team Sicherheitswarnung: Spam-Mails
    Plagegeister aller Art und deren Bekämpfung - 09.01.2015 (23)
  13. Brief von Telekom Abuse Team wegen Verdachts auf Hacking
    Log-Analyse und Auswertung - 14.07.2013 (24)
  14. Brief von Telekom Abuse Team erhalten- Spamversand.
    Plagegeister aller Art und deren Bekämpfung - 06.07.2013 (18)
  15. Email von Telekom-Abuse-Team | Log-File anbei
    Log-Analyse und Auswertung - 14.02.2013 (11)
  16. Telekom Brief von Abuse-Team
    Plagegeister aller Art und deren Bekämpfung - 05.11.2012 (9)
  17. Telekom Brief (per Post) vom Abuse Team - PC 1
    Log-Analyse und Auswertung - 26.10.2012 (8)

Zum Thema Telekom Abuse Team warnt vor Bedrohung. - Hallo Trojaner Board, ich habe eine E-Mail der Telekom erhalten, in der auf einen potenziellen Trojanerbefall von mindestens einem Rechner im Netz gesprochen wird. Zitat: Sehr geehrte Kundin, sehr geehrter - Telekom Abuse Team warnt vor Bedrohung....
Archiv
Du betrachtest: Telekom Abuse Team warnt vor Bedrohung. auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.