Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: audiodg.exe - Virus?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 14.05.2015, 00:24   #1
Teron821
 
audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



Hey und hallo ich galube ich habe mir mal wieder einen Virus zugezogen wenn ja dann einen ziemlich agressiven... glaube ich. Mir ist aufgefallen das in letzter Zeit immer wenn ich TeamSpeak laufen hatte ein Programm namens "audiodg.exe" ziemlich viel CPU zieht. Außerdem kann ich mein Avira nicht updaten konnte weil es wohl keine "internet conection" gäbe. Zudem lässt es mich keine Scans machen acuh wenn ich im Admin Acount bin.

Hier Ein paar logs:
Aviar Update:
Code:
ATTFilter
Avira Free Antivirus Updater 
Complete product update

Creation time: Donnerstag, 14. Mai 2015 00:20:58

Operating system:
Windows 8.1 ()  [6.2.9200] 64 bit

Product information:
Product version: 15.0.10.434
Updater: C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe 15.0.10.434
Update resource: C:\Program Files (x86)\Avira\AntiVir Desktop\updaterc.dll 15.0.10.236
Library: C:\Program Files (x86)\Avira\AntiVir Desktop\update.dll 15.0.10.434
GUI: C:\Program Files (x86)\Avira\AntiVir Desktop\updgui.dll 15.0.10.414

Temp Directory: C:\ProgramData\Avira\Antivirus\TEMP\UPDATE\
Backup folder: C:\ProgramData\Avira\Antivirus\BACKUP\
Installation Directory: C:\Program Files (x86)\Avira\AntiVir Desktop\
Updater folder: C:\Program Files (x86)\Avira\AntiVir Desktop\
AppData folder: C:\ProgramData\Avira\Antivirus\

Connection settings:
- Connection type:	Web server
- Transfer type:	Existing connection
-Proxy settings:	System settings used

00:20:58 [UPD] [ERROR]      Failed to get update bridge data: 
00:21:00 [UPD] [ERROR]      Failed to get update bridge data: 
00:21:04 [UPD] [ERROR]      Failed to get update bridge data: 
00:21:10 [UPD] [ERROR]      Failed to get update bridge data: 
00:21:10 [UPD] [ERROR]      Missing settings from updater bridge: server '' file ''


Summary:
********
	0 Files downloaded
	0 Files installed

	Donnerstag, 14. Mai 2015 00:21:10

The update failed!
         
Angehängte Grafiken
Dateityp: png Unbenannt.PNG (10,1 KB, 103x aufgerufen)

Alt 14.05.2015, 00:31   #2
Teron821
 
audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



Dann noch Avira scan log:
Code:
ATTFilter
Exported events:

12.05.2015 18:12 [System Scanner] Scan
      Scan completed [The scan has been done completely.].
       Number of files:	1551786
       Number of directories:	70337
       Number of malware:	0
       Number of warnings:	2
         
UND FRST:

Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-05-2015 01
Ran by MeinAdmin at 2015-05-14 00:27:09
Running from C:\Users\Leo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-514103404-2733609734-414756415-1002 - Administrator - Enabled) => C:\Users\peter
Administrator (S-1-5-21-514103404-2733609734-414756415-500 - Administrator - Disabled)
Gast (S-1-5-21-514103404-2733609734-414756415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514103404-2733609734-414756415-1009 - Limited - Enabled)
Leo (S-1-5-21-514103404-2733609734-414756415-1006 - Limited - Enabled) => C:\Users\Leo
Mama (S-1-5-21-514103404-2733609734-414756415-1005 - Administrator - Enabled)
MeinAdmin (S-1-5-21-514103404-2733609734-414756415-1008 - Administrator - Enabled) => C:\Users\MeinAdmin
Robert (S-1-5-21-514103404-2733609734-414756415-1007 - Administrator - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{0B448829-3672-18EA-4117-C1240D4CF140}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3906 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Notes de-DE (HKLM-x32\...\{C438C1D0-A46C-4BFA-AF07-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Hours of Titanfall (HKLM-x32\...\Steam App 292060) (Version:  - Geoff Keighley)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeoGebra 5 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\GeoGebra 5) (Version: 5.0.67.0 - International GeoGebra Institute)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HIT (HKLM-x32\...\Steam App 336670) (Version:  - Shifty Chair Games)
Hitman: Contracts (HKLM-x32\...\Steam App 247430) (Version:  - IO Interactive)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Color LaserJet Pro MFP M176 (HKLM-x32\...\{7ef5f914-a8e1-4f35-8b91-5f5a3ea16c55}) (Version: 8.0.13192.913 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM176DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM176LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM176 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.3.2.2 (HKLM-x32\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{F93EE340-3735-4032-8B74-0A3E489017A0}) (Version: 4.1.4670 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
Paintball2 Alpha build 40 (HKLM-x32\...\Paintball2) (Version: Alpha build 40 - Digital Paint)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Pokki) (Version: 0.269.7.574 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.8 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
Toribash (HKLM-x32\...\Steam App 248570) (Version:  - Nabi Studios)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

14-04-2015 19:42:50 Geplanter Prüfpunkt
27-04-2015 13:57:36 Geplanter Prüfpunkt
05-05-2015 19:56:03 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {316007E6-D02E-481B-80AE-AAF221232C23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {4DEC0FF5-02D7-4A5D-A92F-C760D3A73FEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {6657947E-2D48-4AE1-BF4E-CF4D6105712B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {B284AD28-073B-4655-94C7-C0C257C067AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {B84A40CB-13A5-40E8-8476-DE10AB0D9D27} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {D3CCAA93-6012-4DC7-8DD8-61855EC97C88} - System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/abandoninstall?page=tsProgressBar
Task: {DD3A2C72-2298-436B-848C-94FA11EE34ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {E8BC3766-ADA2-4E7D-BC00-7201889A3FE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EF9A97A4-4FCB-4D9F-9B50-B63DAF391E2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {F32F1211-375B-484F-8FE8-D44401E98193} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-01 18:38 - 2014-03-01 18:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-04-06 22:38 - 2014-04-06 22:38 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-10 21:21 - 2014-03-05 18:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-03-01 18:41 - 2014-03-01 18:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\fl_core.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_asr.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_base.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_pron.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_platform.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\sdxg.dll
2014-06-10 21:46 - 2013-02-01 11:15 - 00027136 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\WASAPIResamplingStreamCOMServer.dll
2015-04-06 18:37 - 2015-03-16 10:59 - 00023496 _____ () C:\Users\Leo\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-10-01 20:19 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:53 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-10-01 20:19 - 2015-05-12 00:03 - 02396352 _____ () C:\Program Files (x86)\Steam\video.dll
2015-01-20 16:53 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:53 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-10-01 20:19 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-10-01 20:19 - 2015-05-12 00:03 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-01 20:19 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-13 23:01 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2014-02-28 15:33 - 2014-02-28 15:33 - 00148480 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00864768 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:45 - 2014-02-27 15:45 - 00677376 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00092104 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2014-08-04 15:43 - 2014-08-04 15:43 - 00105416 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00025600 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00242688 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00477128 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:45 - 2014-08-04 15:45 - 00484808 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-27 15:46 - 2014-02-27 15:46 - 00123904 _____ () C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\peter\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-514103404-2733609734-414756415-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{534EAE76-5BD5-4C7F-92A2-CF7BCD016932}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B8F5F911-67A9-499F-930D-2C04450BEE01}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F43B38F-58AD-45A3-BB95-ACEF24BD7F10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0EF8A23A-6CD0-47F1-811F-FCB12B5158DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2027DDBC-8D98-4416-82CA-5BA362FB91F9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{AEDD7A15-184A-47B8-AE85-01C85E89A19E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{300161F6-4599-49E6-867E-FA5F87FA4A15}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F73BD28F-DE8B-407A-B685-9410EF5E304A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F5A63762-0D2A-40EE-8DF5-DDD7C2220ED6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{3D08EED6-E6B8-4516-B6AA-DDC431911A64}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F3F10151-8FA3-4127-BCDF-16E83B19A176}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{42AE9A0D-04AE-4AF6-83D5-84AEBBBC3DF2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3239697B-80F4-4047-AAA0-AF431D6F1A8D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BB78B2B8-B7F5-49BF-99BB-AFA56D744B82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5EEF03FE-3D0F-4C6C-A008-E1D850923B6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BC94677-9600-4ECB-AC94-F1EB5E326F7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{80ED146F-F349-4B24-8BA7-FE231D5533E4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CB74F533-638D-49C4-81B3-73D94B16E39E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{8A0C432F-0477-4A51-8F15-8CA5A2457D18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{C30E76F1-A545-4017-8629-FEBA58680BD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A8A82F7B-7232-4E8E-8A16-0FE738363E2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B529881D-9A12-49A9-832B-F76932049145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{95E50C90-5652-4602-B3B4-E44E2C38800D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{67BC7081-9238-4C08-9DB4-97D4CDB3B95A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{EFA5C98D-50A1-48EA-A3EE-60FB61771471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{FFB45D2E-CA82-4940-ADF6-9A290167E293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{65DC87C8-56B6-41F0-9F25-B1C2885C669A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{26476AE8-5B9A-47C2-BEBA-B12ED08B37ED}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{6E0137E5-4DA1-4AD9-95FE-B64C94FF40BF}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{53D139FB-CBB7-4DF2-933A-8CF9F2F0102F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{10C3AA12-62C8-411E-9D84-770DA4CE9B82}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BD59F42F-4452-4D6E-BE89-A0DFAC4BAA5B}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{AF0F5FFF-7703-4BBA-BE93-5AD784E8D25D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{2D838EE3-8C8E-4750-8F85-1C57411D4D87}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{2EB8CBBE-7691-4AA8-838B-4AF9CAFE8966}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{6E22E814-9FAD-4222-872D-F85DEC1CACE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9777A85D-795E-4613-92FD-91458A068297}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9115C681-FFBB-422D-8AFC-8020F5E4DC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{D9F1C8C8-E9EC-4A2F-A26E-3081F55B1E5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{B143437E-45BC-4953-AFA2-2F9D8EA6863D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E73E896C-BDAA-479B-B4F4-F5FEC79C8563}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{2F814522-A797-4090-B4F8-815A75FE6439}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CC481BB3-3A1B-4AE4-BE30-E028FB09A3EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AB41F4F6-C6C1-425E-8D07-8DA1A1926C2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{A1510135-637C-491A-A874-B4C30BA7E9C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{49C50CDE-9068-43C7-9B8F-D0F614BDA5EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{76700D58-87E8-4E43-B368-9648DE627B9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{23651672-6196-46B3-B0DA-4461B6B65B1F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D3669514-03FE-401F-85A4-28AD41525A58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{802C2036-075F-4EF8-A3CB-F210CCD239F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2FEB3C83-84E2-4C44-94BD-3EBBBA4A3366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2DB46667-8550-4783-825A-BD44B7C6717D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{B4685F03-ABF5-4743-A43A-396664AE607D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{411F0DEF-B8C9-430A-97E4-A03261456C5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{55354E14-020D-4709-B53B-6207752C3752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{7C48D6EB-2424-432B-A4FD-F8B704EBD2DE}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{E64DE9C0-483E-4008-8D1B-159AE6F66073}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F380107C-89F8-4F7D-B5DF-6FB6E2F67AF2}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{ADA98FF6-6983-4F58-B4CD-ED692B13CDED}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{F9EE632C-0BDB-4D1F-82EE-0DD12263FDF4}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{D7518C62-9CCC-43BB-8C03-DC8009AC0367}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{6177F14D-325E-4428-B288-96FFB9E705EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{C1495705-DA12-453E-865C-8E36F234E2A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{B96B3B33-C234-413E-B10B-2698CD2F23F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{5406563B-E4E2-47F5-BAF4-B8787E44B574}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9A8C5A42-AE0C-4996-8B0D-8187B3936A3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{28349028-CF09-4AD5-BAAF-EA459F7A8C2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{B3333E87-2FBF-420C-BFAD-0FC53EADA025}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{76DC9CF0-CD25-4F82-B0CF-D104FA72D607}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\bin\EWSProxy.exe
FirewallRules: [{840B0353-9EB2-444C-A67C-5D86C32D3D77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{782E3D06-8A10-4DFA-9735-F0D8ED354141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{76318C2B-F4C9-432D-AB62-EC0E5142013B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{04F2A747-B5E6-4D44-8F79-49A54479EA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{781D1462-76E4-4AAE-AF77-8B0C378BAA68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{11493C8B-117C-40B5-8B29-582DE836E589}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{718043E5-F4FD-4585-B95C-215494BDA0BB}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{43DD6891-85C8-4456-B4BD-BD7E98E31D09}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A749BACB-ABC1-47A6-87CB-349878047E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [{83596A7B-A660-4FE0-9B48-D3B5EA138628}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [TCP Query User{62B1F110-543C-461A-B205-9748228351C2}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [UDP Query User{122630AD-62E9-4F13-B88C-28D3F474E66D}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [TCP Query User{E1C170C0-D3ED-429D-A4AE-A907AE1B4108}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{7120984A-0E64-430C-9D33-E3BE629729A4}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{B466B9CB-E64F-46EE-8401-C776695B1D30}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{7B258906-3465-4C3E-9AED-5C8A8C4AC136}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8CF91F74-6DAC-42C3-8B38-78237C9C3CAA}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{69309EDB-A33C-40B2-ADEF-231A106A8EF7}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{89BAF8BB-0CAF-4083-9313-237BCDB4FDE2}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{7B4D17E4-DB77-46C5-8C7C-6A0E0CB878D4}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{6D6AEBD2-0C3B-42A7-9B0B-F4D0686E2DDF}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{3B7A4431-4EA6-41DC-941D-EDAF205BB932}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{5CCD112E-0826-41AC-A96F-C97BE372F16B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{795534E5-E479-497B-97E9-349C696885E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{92B68362-3073-4FC2-8C78-D1C8A680A4B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{5C9E5335-C5A2-44DE-9F54-0F2EBE66C014}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{2164DE04-3D9C-4EEC-967C-524393BEE922}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{466E2B41-DCC0-4F96-9379-92A5E244425D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{01CB6B61-8B59-4C23-AEF4-50F5D0FE141A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{17283D23-0E99-46D3-BC0A-6FFA7B38B9A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{392D2C4C-3C12-48B8-BF5B-9D94C7C24FC4}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{67537A71-C1C9-46C4-9008-744818432D62}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{C7C04817-84F1-4922-8F7F-A5F4DF7B9625}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.

Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.141.77.240:5353   22 baerenfrosch._arxcontrol._tcp.local. TXT allowed=*¦protocol=18

Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1484

Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1484

Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1453

Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1453

Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2875

Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2875


System errors:
=============
Error: (05/13/2015 11:01:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (05/13/2015 11:01:28 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

Error: (05/12/2015 03:36:24 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/11/2015 01:09:50 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/11/2015 01:09:19 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/09/2015 10:24:30 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎09.‎05.‎2015 um 03:47:16 unerwartet heruntergefahren.

Error: (05/09/2015 10:24:09 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841169248

Error: (05/08/2015 10:47:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎06.‎05.‎2015 um 19:43:24 unerwartet heruntergefahren.

Error: (05/05/2015 07:42:49 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/04/2015 07:14:25 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


Microsoft Office Sessions:
=========================
Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.

Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 25.141.77.240:5353   22 baerenfrosch._arxcontrol._tcp.local. TXT allowed=*¦protocol=18

Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1484

Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1484

Error: (05/13/2015 03:41:17 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1453

Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1453

Error: (05/11/2015 08:09:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2875

Error: (05/11/2015 06:58:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2875


==================== Memory info =========================== 

Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 19%
Total physical RAM: 11461.2 MB
Available physical RAM: 9256.71 MB
Total Pagefile: 13189.2 MB
Available Pagefile: 10462.76 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:909.38 GB) (Free:688.16 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.12 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6F653072)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 13-05-2015 01
Ran by MeinAdmin (administrator) on BAERENFROSCH on 14-05-2015 00:26:05
Running from C:\Users\Leo\Desktop
Loaded Profiles: Leo & MeinAdmin (Available profiles: Admin & Leo & MeinAdmin)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Users\Leo\AppData\Local\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-10-31] (LogMeIn, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1006 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1008 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-02] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-02] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-514103404-2733609734-414756415-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)

Chrome: 
=======
CHR Profile: C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (YouTube) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Google Search) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Avira Browser Safety) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]
CHR Extension: (Gmail) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-23] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
S3 celavimushost; C:\Program Files (x86)\Steam\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-04-14] (altPUG LLC)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-10-31] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-10-31] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-04-22] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-10-31] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-03-29] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-06] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation                           )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-04-22] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 GENERICDRV; \??\C:\Users\ADMINI~1\AppData\Local\Temp\pftDAE8.tmp\amifldrv64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-14 00:26 - 2015-05-14 00:26 - 00019185 _____ () C:\Users\Leo\Desktop\FRST.txt
2015-05-14 00:25 - 2015-05-14 00:25 - 00000000 ____D () C:\Users\Leo\Desktop\FRST-OlderVersion
2015-05-06 19:22 - 2015-05-06 19:22 - 00000875 _____ () C:\Users\Leo\AppData\Local\recently-used.xbel
2015-04-28 07:43 - 2015-04-28 07:43 - 01253126 _____ () C:\Users\Leo\Downloads\Homo neandertalensis(1).odp
2015-04-28 07:43 - 2015-04-28 07:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis(1).odp#
2015-04-28 07:42 - 2015-04-28 07:42 - 00003080 _____ () C:\Windows\System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0}
2015-04-27 15:43 - 2015-04-27 15:43 - 01203520 _____ () C:\Users\Leo\Downloads\Homo neandertalensis.odp
2015-04-27 15:43 - 2015-04-27 15:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis.odp#
2015-04-26 17:04 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Packages
2015-04-26 17:03 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP
2015-04-23 18:34 - 2015-04-23 18:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-04-14 16:29 - 2015-04-14 16:29 - 00000000 ____D () C:\ProgramData\Celavimus
2015-04-14 16:24 - 2015-04-14 16:24 - 00001330 _____ () C:\Users\Public\Desktop\CEVO Client (CSGO).lnk
2015-04-14 16:24 - 2015-04-14 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CEVO Client
2015-04-14 16:21 - 2015-04-14 16:22 - 24006320 _____ ( ) C:\Users\Leo\Downloads\CEVO CSGO Client.exe
2015-04-14 15:35 - 2015-04-14 15:35 - 00000000 ____D () C:\God Mode.{ED7BA470-8E54-465E-825C-99712043E01C}

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-14 00:26 - 2015-03-21 14:44 - 00000000 ____D () C:\FRST
2015-05-14 00:25 - 2015-03-21 14:42 - 02104832 _____ (Farbar) C:\Users\Leo\Desktop\FRST64.exe
2015-05-14 00:24 - 2014-10-01 19:18 - 01477182 _____ () C:\Windows\WindowsUpdate.log
2015-05-14 00:23 - 2014-11-01 16:04 - 00053760 ___SH () C:\Users\Leo\Desktop\Thumbs.db
2015-05-14 00:22 - 2014-10-01 20:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\ClassicShell
2015-05-14 00:09 - 2014-10-01 20:27 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1006
2015-05-14 00:06 - 2014-11-08 00:38 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Roaming\ClassicShell
2015-05-14 00:04 - 2014-10-02 15:43 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\TS3Client
2015-05-14 00:03 - 2014-11-08 00:31 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-14 00:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-13 23:45 - 2014-11-08 00:31 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-13 23:16 - 2014-10-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-13 15:25 - 2015-02-01 22:38 - 00000000 ____D () C:\Users\Leo\AppData\Local\Adobe
2015-05-13 15:23 - 2014-10-02 11:23 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Local\Adobe
2015-05-13 14:57 - 2014-10-01 20:23 - 00000000 ____D () C:\Users\Leo\Documents\Youcam
2015-05-09 22:24 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-09 03:50 - 2014-10-01 20:21 - 00000000 ____D () C:\Users\Leo
2015-05-06 19:22 - 2015-01-10 15:33 - 00000000 ____D () C:\Users\Leo\.gimp-2.8
2015-05-06 19:20 - 2014-11-05 22:54 - 00293376 ___SH () C:\Users\Leo\Downloads\Thumbs.db
2015-05-05 19:48 - 2015-02-07 14:58 - 00000000 ____D () C:\Users\Mama
2015-05-05 19:48 - 2014-10-01 19:36 - 00000000 ____D () C:\Users\peter
2015-05-05 15:04 - 2015-04-01 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 15:02 - 2015-03-01 21:05 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 15:02 - 2015-03-01 21:05 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-04 22:13 - 2014-10-02 08:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\vlc
2015-05-04 19:23 - 2014-11-11 18:44 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\Skype
2015-05-01 01:53 - 2014-11-08 00:33 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-28 07:39 - 2014-05-01 00:19 - 00800954 _____ () C:\Windows\system32\perfh007.dat
2015-04-28 07:39 - 2014-05-01 00:19 - 00174458 _____ () C:\Windows\system32\perfc007.dat
2015-04-28 07:39 - 2014-03-18 11:53 - 01921154 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 07:37 - 2013-08-22 16:46 - 00038026 _____ () C:\Windows\setupact.log
2015-04-27 14:47 - 2014-10-01 20:31 - 00000000 ____D () C:\Users\MeinAdmin
2015-04-27 13:45 - 2015-04-07 15:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 17:40 - 2015-02-07 15:05 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005
2015-04-26 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-19 20:33 - 2015-01-10 16:48 - 00000000 ____D () C:\Users\Leo\Documents\MSA

==================== Files in the root of some directories =======

2014-12-18 15:05 - 2014-12-18 15:05 - 0007626 _____ () C:\Users\MeinAdmin\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Leo\AppData\Local\Temp\avgnt.exe
C:\Users\MeinAdmin\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-05 19:42

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________


Alt 14.05.2015, 07:37   #3
schrauber
/// the machine
/// TB-Ausbilder
 

audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 14.05.2015, 17:15   #4
Teron821
 
audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



sollte mein rechner neu starten wenn mbar fertig ist?

mein Rechner hat sich nicht neu gessartet und ich mach grad nen 2. check aber Hier der erste:
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.14.02
  rootkit: v2015.04.21.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17498
MeinAdmin :: BAERENFROSCH [administrator]

14.05.2015 14:13:47
mbar-log-2015-05-14 (14-13-47).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 499280
Time elapsed: 42 minute(s), 58 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Leo\AppData\Roaming\Minecraft.exe (Trojan.Agent) -> Delete on reboot. [1f6b157e1c6e9d998b2326d9f70dd52b]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
17:08:36.0451 0x1274  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
17:08:36.0451 0x1274  UEFI system
17:08:44.0430 0x1274  ============================================================
17:08:44.0431 0x1274  Current date / time: 2015/05/14 17:08:44.0430
17:08:44.0431 0x1274  SystemInfo:
17:08:44.0431 0x1274  
17:08:44.0431 0x1274  OS Version: 6.3.9600 ServicePack: 0.0
17:08:44.0431 0x1274  Product type: Workstation
17:08:44.0431 0x1274  ComputerName: BAERENFROSCH
17:08:44.0431 0x1274  UserName: MeinAdmin
17:08:44.0431 0x1274  Windows directory: C:\Windows
17:08:44.0431 0x1274  System windows directory: C:\Windows
17:08:44.0431 0x1274  Running under WOW64
17:08:44.0431 0x1274  Processor architecture: Intel x64
17:08:44.0431 0x1274  Number of processors: 4
17:08:44.0431 0x1274  Page size: 0x1000
17:08:44.0431 0x1274  Boot type: Normal boot
17:08:44.0431 0x1274  ============================================================
17:08:45.0750 0x1274  KLMD registered as C:\Windows\system32\drivers\50198259.sys
17:08:46.0277 0x1274  System UUID: {D041FC9F-19CA-1568-059C-36591B5101B2}
17:08:46.0863 0x1274  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:08:46.0869 0x1274  ============================================================
17:08:46.0870 0x1274  \Device\Harddisk0\DR0:
17:08:46.0870 0x1274  GPT partitions:
17:08:46.0870 0x1274  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {F77E0279-F168-413B-BAE2-477675BDE672}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000
17:08:46.0870 0x1274  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A7E29BA9-70B4-4B78-86E1-D18E3343A256}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000
17:08:46.0870 0x1274  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E9472B92-232E-472A-9E44-BE898F31361A}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000
17:08:46.0870 0x1274  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {60E84A2A-DE04-49FF-8C9D-94D5E2A16B3B}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x71AC0800
17:08:46.0870 0x1274  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {CFDF3F4D-73AF-44EF-B2A9-1F9B07DE2EFA}, Name: Basic data partition, StartLBA 0x71CC8000, BlocksNum 0x2A3C000
17:08:46.0870 0x1274  MBR partitions:
17:08:46.0870 0x1274  ============================================================
17:08:46.0904 0x1274  C: <-> \Device\Harddisk0\DR0\Partition4
17:08:46.0946 0x1274  D: <-> \Device\Harddisk0\DR0\Partition5
17:08:46.0946 0x1274  ============================================================
17:08:46.0947 0x1274  Initialize success
17:08:46.0947 0x1274  ============================================================
17:11:29.0352 0x1320  ============================================================
17:11:29.0352 0x1320  Scan started
17:11:29.0352 0x1320  Mode: Manual; SigCheck; TDLFS; 
17:11:29.0352 0x1320  ============================================================
17:11:29.0352 0x1320  KSN ping started
17:11:32.0320 0x1320  KSN ping finished: true
17:11:34.0096 0x1320  ================ Scan system memory ========================
17:11:34.0096 0x1320  System memory - ok
17:11:34.0097 0x1320  ================ Scan services =============================
17:11:34.0242 0x1320  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
17:11:34.0340 0x1320  1394ohci - ok
17:11:34.0372 0x1320  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
17:11:34.0408 0x1320  3ware - ok
17:11:34.0437 0x1320  [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer   C:\Windows\system32\DRIVERS\Accelerometer.sys
17:11:34.0448 0x1320  Accelerometer - ok
17:11:34.0489 0x1320  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:11:34.0525 0x1320  ACPI - ok
17:11:34.0535 0x1320  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
17:11:34.0551 0x1320  acpiex - ok
17:11:34.0571 0x1320  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
17:11:34.0609 0x1320  acpipagr - ok
17:11:34.0618 0x1320  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
17:11:34.0678 0x1320  AcpiPmi - ok
17:11:34.0691 0x1320  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
17:11:34.0729 0x1320  acpitime - ok
17:11:34.0783 0x1320  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
17:11:34.0825 0x1320  ADP80XX - ok
17:11:34.0863 0x1320  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:11:34.0919 0x1320  AeLookupSvc - ok
17:11:34.0968 0x1320  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\Windows\system32\drivers\afd.sys
17:11:35.0020 0x1320  AFD - ok
17:11:35.0037 0x1320  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:11:35.0053 0x1320  agp440 - ok
17:11:35.0066 0x1320  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
17:11:35.0118 0x1320  ahcache - ok
17:11:35.0145 0x1320  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
17:11:35.0187 0x1320  ALG - ok
17:11:35.0212 0x1320  [ 6EF9DB99793BC3494EDA6C2B1DA7FA32, 5EDA9068E84070445A0585D27727D1ED74E17E87584A6661D08E394544E14E34 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:11:35.0285 0x1320  AMD External Events Utility - ok
17:11:35.0340 0x1320  AMD FUEL Service - ok
17:11:35.0373 0x1320  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
17:11:35.0434 0x1320  AmdK8 - ok
17:11:35.0917 0x1320  [ EA20992B6D899437F844F796325F42D7, A7671D1154841BE8D9B6E59C527F64D5790ACBE18F1CE033CC58C080AC7D8BC2 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:11:36.0470 0x1320  amdkmdag - ok
17:11:36.0548 0x1320  [ 3FC5DEC11E6B595EAF80537B3A7827AA, 5AEE9D8931BA9D0C2D9FAB66874501B7138CAACB5588D7D08349AE9CA0D66D35 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:11:36.0583 0x1320  amdkmdap - ok
17:11:36.0608 0x1320  [ C04F35935BF6274F5593B78C7B295760, 29BC36696B3D5C75DEF9C9D96D3C06E5C6D964A00B4D5CD354CB08002E085191 ] amdkmpfd        C:\Windows\system32\drivers\amdkmpfd.sys
17:11:36.0626 0x1320  amdkmpfd - ok
17:11:36.0648 0x1320  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
17:11:36.0673 0x1320  AmdPPM - ok
17:11:36.0682 0x1320  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:11:36.0697 0x1320  amdsata - ok
17:11:36.0731 0x1320  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:11:36.0853 0x1320  amdsbs - ok
17:11:36.0879 0x1320  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:11:36.0893 0x1320  amdxata - ok
17:11:36.0990 0x1320  [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
17:11:37.0024 0x1320  AntiVirMailService - ok
17:11:37.0069 0x1320  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:11:37.0090 0x1320  AntiVirSchedulerService - ok
17:11:37.0128 0x1320  [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:11:37.0148 0x1320  AntiVirService - ok
17:11:37.0198 0x1320  [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:11:37.0241 0x1320  AntiVirWebService - ok
17:11:37.0270 0x1320  [ 10378ADFA7F832B68616C3B8C6470DBB, 4738F81C40BF3B75612E983AC0DADCA8B4A7D3A5B3FBB5058B93D421A32979AC ] AODDriver4.3    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:11:37.0280 0x1320  AODDriver4.3 - ok
17:11:37.0319 0x1320  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\Windows\system32\inetsrv\apphostsvc.dll
17:11:37.0375 0x1320  AppHostSvc - ok
17:11:37.0391 0x1320  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\Windows\system32\drivers\appid.sys
17:11:37.0430 0x1320  AppID - ok
17:11:37.0455 0x1320  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:11:37.0491 0x1320  AppIDSvc - ok
17:11:37.0530 0x1320  [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo         C:\Windows\System32\appinfo.dll
17:11:37.0572 0x1320  Appinfo - ok
17:11:37.0603 0x1320  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
17:11:37.0675 0x1320  AppReadiness - ok
17:11:37.0738 0x1320  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
17:11:37.0809 0x1320  AppXSvc - ok
17:11:37.0837 0x1320  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:11:37.0854 0x1320  arcsas - ok
17:11:37.0937 0x1320  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:11:37.0951 0x1320  aspnet_state - ok
17:11:37.0970 0x1320  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:11:37.0982 0x1320  atapi - ok
17:11:38.0010 0x1320  [ 8645A198090288F4C5FD998903736216, 720B37BEE126E708E70ECA51770670E5DE389C0E48AEA191DCBCB08A8A1655F1 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdWB6.sys
17:11:38.0052 0x1320  AtiHDAudioService - ok
17:11:38.0089 0x1320  [ 7F70B1044272982AAEA7C16E83424770, A7694D38DF5A0E1040688017DB811EF0788874FE505ADD572DE4D4647073DC12 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
17:11:38.0139 0x1320  AudioEndpointBuilder - ok
17:11:38.0185 0x1320  [ C0484CA5C7F87E38909746B63C7FC868, 65159639E2300AEA886184E9D47D449350DAF69A8AA2F9DBD6BD8A474BA73177 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:11:38.0249 0x1320  Audiosrv - ok
17:11:38.0284 0x1320  [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
17:11:38.0297 0x1320  avgntflt - ok
17:11:38.0316 0x1320  [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
17:11:38.0329 0x1320  avipbb - ok
17:11:38.0367 0x1320  [ 0D32033DCB359FD98B4C3513EF849FE6, 5870D67526BC29D888DAF8DBAB04B1E97ED5C7C51484ED400A5E65D0EB61576A ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
17:11:38.0381 0x1320  Avira.OE.ServiceHost - ok
17:11:38.0388 0x1320  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
17:11:38.0474 0x1320  avkmgr - ok
17:11:38.0503 0x1320  [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
17:11:38.0524 0x1320  avnetflt - ok
17:11:38.0543 0x1320  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:11:38.0581 0x1320  AxInstSV - ok
17:11:38.0621 0x1320  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:11:38.0653 0x1320  b06bdrv - ok
17:11:38.0670 0x1320  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
17:11:38.0715 0x1320  BasicDisplay - ok
17:11:38.0738 0x1320  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
17:11:38.0801 0x1320  BasicRender - ok
17:11:38.0818 0x1320  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
17:11:38.0829 0x1320  bcmfn2 - ok
17:11:38.0875 0x1320  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:11:38.0916 0x1320  BDESVC - ok
17:11:38.0936 0x1320  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
17:11:38.0978 0x1320  Beep - ok
17:11:39.0035 0x1320  [ BE43A13207D6428947248AF7EE05E772, 4118288ECD13B77738070DC298A64732693EEF9679CCFA59FD523CCAACF6335B ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
17:11:39.0058 0x1320  BEService - ok
17:11:39.0117 0x1320  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE             C:\Windows\System32\bfe.dll
17:11:39.0182 0x1320  BFE - ok
17:11:39.0239 0x1320  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
17:11:39.0313 0x1320  BITS - ok
17:11:39.0359 0x1320  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:11:39.0382 0x1320  Bonjour Service - ok
17:11:39.0418 0x1320  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:11:39.0468 0x1320  bowser - ok
17:11:39.0504 0x1320  [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
17:11:39.0553 0x1320  BrokerInfrastructure - ok
17:11:39.0592 0x1320  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser         C:\Windows\System32\browser.dll
17:11:39.0635 0x1320  Browser - ok
17:11:39.0695 0x1320  [ 0D78CF518DDED441E22663A9C8F74D57, 1704F37002EC290A0F2365E93D02B5F009AEEEECAFF3636B8220370F0DFE7125 ] BTDevManager    C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
17:11:39.0712 0x1320  BTDevManager - detected UnsignedFile.Multi.Generic ( 1 )
17:11:46.0350 0x1320  BTDevManager ( UnsignedFile.Multi.Generic ) - warning
17:11:46.0393 0x1320  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
17:11:46.0444 0x1320  BthAvrcpTg - ok
17:11:46.0492 0x1320  [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum         C:\Windows\System32\drivers\BthEnum.sys
17:11:46.0538 0x1320  BthEnum - ok
17:11:46.0567 0x1320  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
17:11:46.0595 0x1320  BthHFEnum - ok
17:11:46.0611 0x1320  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
17:11:46.0639 0x1320  bthhfhid - ok
17:11:46.0671 0x1320  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\Windows\system32\DRIVERS\BthLEEnum.sys
17:11:46.0721 0x1320  BthLEEnum - ok
17:11:46.0740 0x1320  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
17:11:46.0769 0x1320  BTHMODEM - ok
17:11:46.0850 0x1320  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\Windows\System32\drivers\bthpan.sys
17:11:46.0917 0x1320  BthPan - ok
17:11:47.0020 0x1320  [ 97B9076611291AE4C4C107BC915BD026, 0A77873AAF1ADB76CAB98A84D2242781E34E2699632E45EB92ED7DB20B2BE0C1 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
17:11:47.0082 0x1320  BTHPORT - ok
17:11:47.0125 0x1320  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
17:11:47.0155 0x1320  bthserv - ok
17:11:47.0207 0x1320  [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
17:11:47.0235 0x1320  BTHUSB - ok
17:11:47.0251 0x1320  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:11:47.0281 0x1320  cdfs - ok
17:11:47.0301 0x1320  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
17:11:47.0325 0x1320  cdrom - ok
17:11:47.0400 0x1320  [ 7D3B8479F17A2A40DDC40844E07E4837, A2F02564370291EFFED893B0B7CDD5EC65CA960CAD75392E8E5BB9AC5407E3F5 ] celavimushost   C:\Program Files (x86)\Steam\CEVO\CSGO Client Beta\CelavimusClientHelper.exe
17:11:47.0414 0x1320  celavimushost - ok
17:11:47.0443 0x1320  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:11:47.0482 0x1320  CertPropSvc - ok
17:11:47.0496 0x1320  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
17:11:47.0525 0x1320  circlass - ok
17:11:47.0570 0x1320  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
17:11:47.0597 0x1320  CLFS - ok
17:11:47.0635 0x1320  [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive  C:\Windows\system32\DRIVERS\CLVirtualDrive.sys
17:11:47.0647 0x1320  CLVirtualDrive - ok
17:11:47.0671 0x1320  [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd           C:\Windows\system32\DRIVERS\clwvd.sys
17:11:47.0682 0x1320  clwvd - ok
17:11:47.0704 0x1320  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
17:11:47.0760 0x1320  CmBatt - ok
17:11:47.0804 0x1320  [ 4E1207CE16E615B0B7A70DC889F4500E, 1778D5AC0AF5F5DD1551192F4CDBCCB9878995155CF337EBB03460A6FD5C6B78 ] CNG             C:\Windows\system32\Drivers\cng.sys
17:11:47.0841 0x1320  CNG - ok
17:11:47.0852 0x1320  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
17:11:47.0872 0x1320  CompositeBus - ok
17:11:47.0879 0x1320  COMSysApp - ok
17:11:47.0904 0x1320  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
17:11:47.0939 0x1320  condrv - ok
17:11:47.0976 0x1320  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:11:48.0021 0x1320  CryptSvc - ok
17:11:48.0083 0x1320  [ F016D182507CD4671B6D6672CD71C54B, 392382207B76B313895D9BDF48AFDF3B0E11EDF9381059EF757817FE60BE077D ] DACoreService   C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
17:11:48.0104 0x1320  DACoreService - ok
17:11:48.0117 0x1320  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
17:11:48.0131 0x1320  dam - ok
17:11:48.0177 0x1320  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:11:48.0254 0x1320  DcomLaunch - ok
17:11:48.0304 0x1320  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:11:48.0354 0x1320  defragsvc - ok
17:11:48.0395 0x1320  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\Windows\system32\das.dll
17:11:48.0433 0x1320  DeviceAssociationService - ok
17:11:48.0469 0x1320  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
17:11:48.0516 0x1320  DeviceInstall - ok
17:11:48.0552 0x1320  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
17:11:48.0593 0x1320  Dfsc - ok
17:11:48.0628 0x1320  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:11:48.0693 0x1320  dg_ssudbus - ok
17:11:48.0743 0x1320  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:11:48.0800 0x1320  Dhcp - ok
17:11:48.0831 0x1320  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
17:11:48.0847 0x1320  disk - ok
17:11:48.0858 0x1320  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
17:11:48.0938 0x1320  dmvsc - ok
17:11:48.0973 0x1320  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:11:49.0010 0x1320  Dnscache - ok
17:11:49.0045 0x1320  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
17:11:49.0083 0x1320  dot3svc - ok
17:11:49.0110 0x1320  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
17:11:49.0136 0x1320  DPS - ok
17:11:49.0155 0x1320  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:11:49.0169 0x1320  drmkaud - ok
17:11:49.0197 0x1320  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
17:11:49.0234 0x1320  DsmSvc - ok
17:11:49.0313 0x1320  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:11:49.0385 0x1320  DXGKrnl - ok
17:11:49.0416 0x1320  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
17:11:49.0449 0x1320  Eaphost - ok
17:11:49.0617 0x1320  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:11:49.0870 0x1320  ebdrv - ok
17:11:49.0905 0x1320  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\Windows\System32\lsass.exe
17:11:49.0920 0x1320  EFS - ok
17:11:49.0954 0x1320  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
17:11:49.0970 0x1320  EhStorClass - ok
17:11:49.0991 0x1320  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
17:11:50.0011 0x1320  EhStorTcgDrv - ok
17:11:50.0025 0x1320  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
17:11:50.0052 0x1320  ErrDev - ok
17:11:50.0116 0x1320  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
17:11:50.0163 0x1320  EventSystem - ok
17:11:50.0198 0x1320  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:11:50.0234 0x1320  exfat - ok
17:11:50.0259 0x1320  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:11:50.0280 0x1320  fastfat - ok
17:11:50.0317 0x1320  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
17:11:50.0393 0x1320  Fax - ok
17:11:50.0416 0x1320  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
17:11:50.0436 0x1320  fdc - ok
17:11:50.0463 0x1320  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
17:11:50.0493 0x1320  fdPHost - ok
17:11:50.0515 0x1320  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
17:11:50.0553 0x1320  FDResPub - ok
17:11:50.0574 0x1320  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
17:11:50.0628 0x1320  fhsvc - ok
17:11:50.0657 0x1320  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:11:50.0673 0x1320  FileInfo - ok
17:11:50.0694 0x1320  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:11:50.0726 0x1320  Filetrace - ok
17:11:50.0741 0x1320  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
17:11:50.0767 0x1320  flpydisk - ok
17:11:50.0808 0x1320  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:11:50.0836 0x1320  FltMgr - ok
17:11:50.0906 0x1320  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\Windows\system32\FntCache.dll
17:11:50.0993 0x1320  FontCache - ok
17:11:51.0025 0x1320  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:11:51.0037 0x1320  FontCache3.0.0.0 - ok
17:11:51.0048 0x1320  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:11:51.0062 0x1320  FsDepends - ok
17:11:51.0079 0x1320  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:11:51.0091 0x1320  Fs_Rec - ok
17:11:51.0131 0x1320  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:11:51.0168 0x1320  fvevol - ok
17:11:51.0192 0x1320  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
17:11:51.0216 0x1320  FxPPM - ok
17:11:51.0224 0x1320  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:11:51.0304 0x1320  gagp30kx - ok
17:11:51.0370 0x1320  [ E6CE7A89183D1840F0FF63694292FFA2, 8907ADCF9967026CD1A9D545E2274569F840F1DFF0E407CC77B6A662267AAC4B ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
17:11:51.0385 0x1320  GamesAppIntegrationService - ok
17:11:51.0405 0x1320  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:11:51.0419 0x1320  GamesAppService - ok
17:11:51.0451 0x1320  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
17:11:51.0501 0x1320  gencounter - ok
17:11:51.0521 0x1320  GENERICDRV - ok
17:11:51.0558 0x1320  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
17:11:51.0578 0x1320  GPIOClx0101 - ok
17:11:51.0657 0x1320  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:11:51.0736 0x1320  gpsvc - ok
17:11:51.0784 0x1320  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:11:51.0795 0x1320  gupdate - ok
17:11:51.0802 0x1320  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:11:51.0813 0x1320  gupdatem - ok
17:11:51.0843 0x1320  [ 7797D1580D933056023B822BB5CD0FE2, 24585AAFB43862AE4B9228B513658D906550EC8A475C67182933FB233621A85D ] Hamachi         C:\Windows\system32\DRIVERS\Hamdrv.sys
17:11:51.0852 0x1320  Hamachi - ok
17:11:51.0983 0x1320  [ 03CABA844BC03C99DB84146BF51A9259, 81E6340B9C9DAC97FE5C6F26FEACAB204E857FD5B0490E52D209066B83610DBB ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
17:11:52.0062 0x1320  Hamachi2Svc - ok
17:11:52.0100 0x1320  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:11:52.0135 0x1320  HdAudAddService - ok
17:11:52.0168 0x1320  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
17:11:52.0202 0x1320  HDAudBus - ok
17:11:52.0227 0x1320  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
17:11:52.0251 0x1320  HidBatt - ok
17:11:52.0267 0x1320  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
17:11:52.0290 0x1320  HidBth - ok
17:11:52.0298 0x1320  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
17:11:52.0316 0x1320  hidi2c - ok
17:11:52.0339 0x1320  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
17:11:52.0360 0x1320  HidIr - ok
17:11:52.0390 0x1320  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
17:11:52.0422 0x1320  hidserv - ok
17:11:52.0451 0x1320  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
17:11:52.0501 0x1320  HidUsb - ok
17:11:52.0515 0x1320  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:11:52.0544 0x1320  hkmsvc - ok
17:11:52.0592 0x1320  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:11:52.0636 0x1320  HomeGroupListener - ok
17:11:52.0673 0x1320  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:11:52.0731 0x1320  HomeGroupProvider - ok
17:11:52.0794 0x1320  [ 86724A200BF1F08A03FB563660FCD928, E2BDD30D7AFECB0F517BB02C788C93D506FB2B180DCA239BC4A1FEDB1E986EAD ] HP DS Service   C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
17:11:52.0809 0x1320  HP DS Service - detected UnsignedFile.Multi.Generic ( 1 )
17:11:52.0809 0x1320  HP DS Service ( UnsignedFile.Multi.Generic ) - warning
17:11:52.0856 0x1320  [ 64E96B86D6C5D29C89B206D6F19DABE9, FADF501FB18FEFC79DEA76BB8D7BC234E56DA714807EE7EC80D5FBF3AC4053B8 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
17:11:52.0875 0x1320  HP LaserJet Service - detected UnsignedFile.Multi.Generic ( 1 )
17:11:52.0875 0x1320  HP LaserJet Service ( UnsignedFile.Multi.Generic ) - warning
17:11:52.0951 0x1320  [ 94D91D0DA8499D19F963DA69B8DB1371, 33559E64AFF9F56D9F1D8015CB1B090E947469E337CBD362EBCC96500FD6347D ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
17:11:52.0972 0x1320  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
17:11:52.0972 0x1320  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - warning
17:11:52.0996 0x1320  [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt        C:\Windows\system32\DRIVERS\hpdskflt.sys
17:11:53.0004 0x1320  hpdskflt - ok
17:11:53.0082 0x1320  [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
17:11:53.0123 0x1320  hpqwmiex - ok
17:11:53.0153 0x1320  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:11:53.0234 0x1320  HpSAMD - ok
17:11:53.0255 0x1320  [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv           C:\Windows\system32\Hpservice.exe
17:11:53.0267 0x1320  hpsrv - ok
17:11:53.0312 0x1320  [ 29E334F41C4F96818DF73CB20FB49E95, 9C86C820207A67157441CF17E72BFB2B1F0947BB2E78F30F2D575B9ABD86F2A3 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
17:11:53.0335 0x1320  HPWMISVC - ok
17:11:53.0388 0x1320  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:11:53.0440 0x1320  HTTP - ok
17:11:53.0449 0x1320  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:11:53.0462 0x1320  hwpolicy - ok
17:11:53.0474 0x1320  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
17:11:53.0504 0x1320  hyperkbd - ok
17:11:53.0518 0x1320  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
17:11:53.0545 0x1320  HyperVideo - ok
17:11:53.0571 0x1320  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
17:11:53.0606 0x1320  i8042prt - ok
17:11:53.0612 0x1320  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
17:11:53.0623 0x1320  iaLPSSi_GPIO - ok
17:11:53.0632 0x1320  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
17:11:53.0672 0x1320  iaLPSSi_I2C - ok
17:11:53.0705 0x1320  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
17:11:53.0734 0x1320  iaStorAV - ok
17:11:53.0765 0x1320  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:11:53.0843 0x1320  iaStorV - ok
17:11:53.0850 0x1320  IEEtwCollectorService - ok
17:11:53.0915 0x1320  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:11:53.0971 0x1320  IKEEXT - ok
17:11:54.0129 0x1320  [ 01262E2BE97708F54666E700482027DE, 7643FCFB6EBFABDD7D1A914C40FADE97DDC633C5D75BE2CADBAC61675564E5CD ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
17:11:54.0295 0x1320  IntcAzAudAddService - ok
17:11:54.0320 0x1320  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:11:54.0352 0x1320  intelide - ok
17:11:54.0382 0x1320  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
17:11:54.0397 0x1320  intelpep - ok
17:11:54.0428 0x1320  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
17:11:54.0450 0x1320  intelppm - ok
17:11:54.0467 0x1320  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:11:54.0495 0x1320  IpFilterDriver - ok
17:11:54.0553 0x1320  [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:11:54.0613 0x1320  iphlpsvc - ok
17:11:54.0640 0x1320  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
17:11:54.0682 0x1320  IPMIDRV - ok
17:11:54.0706 0x1320  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:11:54.0748 0x1320  IPNAT - ok
17:11:54.0762 0x1320  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:11:54.0789 0x1320  IRENUM - ok
17:11:54.0797 0x1320  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:11:54.0811 0x1320  isapnp - ok
17:11:54.0860 0x1320  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
17:11:54.0886 0x1320  iScsiPrt - ok
17:11:54.0913 0x1320  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
17:11:54.0928 0x1320  kbdclass - ok
17:11:54.0935 0x1320  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
17:11:54.0993 0x1320  kbdhid - ok
17:11:55.0021 0x1320  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
17:11:55.0089 0x1320  kdnic - ok
17:11:55.0105 0x1320  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\Windows\system32\lsass.exe
17:11:55.0120 0x1320  KeyIso - ok
17:11:55.0147 0x1320  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:11:55.0164 0x1320  KSecDD - ok
17:11:55.0190 0x1320  [ 6D2EE96150E35B9EA49F2B481DE0369A, AC5915219FD81D89E444F6E86D71F7C495108FC35E7BD683321FC7006161AFE1 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:11:55.0210 0x1320  KSecPkg - ok
17:11:55.0217 0x1320  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:11:55.0238 0x1320  ksthunk - ok
17:11:55.0275 0x1320  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:11:55.0313 0x1320  KtmRm - ok
17:11:55.0355 0x1320  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:11:55.0403 0x1320  LanmanServer - ok
17:11:55.0444 0x1320  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:11:55.0482 0x1320  LanmanWorkstation - ok
17:11:55.0532 0x1320  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
17:11:55.0583 0x1320  lfsvc - ok
17:11:55.0621 0x1320  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
17:11:55.0631 0x1320  LGBusEnum - ok
17:11:55.0662 0x1320  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
17:11:55.0670 0x1320  LGVirHid - ok
17:11:55.0692 0x1320  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:11:55.0721 0x1320  lltdio - ok
17:11:55.0757 0x1320  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:11:55.0782 0x1320  lltdsvc - ok
17:11:55.0797 0x1320  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:11:55.0835 0x1320  lmhosts - ok
17:11:55.0880 0x1320  [ D6BF6FD055BD719F3D62E51B90857159, A7777D18E404164B4DA531AD94D2A712D9CC6A9288795B7388037752A558E96F ] LMIGuardianSvc  C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
17:11:55.0900 0x1320  LMIGuardianSvc - ok
17:11:55.0937 0x1320  [ 0F28935ECF1FBDEC22BAF720A5A94564, A4E8E13FD7FE1882243AD7139D5E0925F09069616920382F952D79586A4936E7 ] LMIInfo         C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys
17:11:55.0946 0x1320  LMIInfo - ok
17:11:55.0964 0x1320  [ 826D817BA4C19DBAB969323CE40CD817, 69608FF69020540E722DDC47B6E12A36DC1FB1583641EA2389D853E32F3F3A3A ] LMIMaint        C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
17:11:55.0979 0x1320  LMIMaint - ok
17:11:56.0001 0x1320  [ 413ECDCFAD9A82804D3674C8D7EEC24E, C8A65ED0B079D16D1A4449E840B4A9475388FBE61B5A84DFEFC35F4FB3B9A9B1 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
17:11:56.0010 0x1320  lmimirr - ok
17:11:56.0016 0x1320  LMIRfsClientNP - ok
17:11:56.0051 0x1320  [ C57D3FAA50E6F395759FFB7C709BD944, 7B0B86F0E710934D57801E1F7BB048AD878F871147B2A16BBF81219A4022B499 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
17:11:56.0062 0x1320  LMIRfsDriver - ok
17:11:56.0098 0x1320  [ D3760BC17E1755091B7120CF32DBF56B, 2B31CA0CD838BEE0103054520E2FBEA2436A07D99E711B14543B85F3A511478F ] LogMeIn         C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
17:11:56.0118 0x1320  LogMeIn - ok
17:11:56.0142 0x1320  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:11:56.0160 0x1320  LSI_SAS - ok
17:11:56.0175 0x1320  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:11:56.0191 0x1320  LSI_SAS2 - ok
17:11:56.0215 0x1320  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
17:11:56.0263 0x1320  LSI_SAS3 - ok
17:11:56.0272 0x1320  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
17:11:56.0319 0x1320  LSI_SSS - ok
17:11:56.0370 0x1320  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\Windows\System32\lsm.dll
17:11:56.0432 0x1320  LSM - ok
17:11:56.0461 0x1320  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:11:56.0488 0x1320  luafv - ok
17:11:56.0514 0x1320  [ CF12E148C6FC151335B7D7FE03F1C7A2, 7087DF6D884AF0A57AC22D7AE9C2903913AAB4CE52D19666B6513C3D5706E43C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
17:11:56.0524 0x1320  MBAMProtector - ok
17:11:56.0616 0x1320  [ 86701B8E4C53280AA8642AC85F8500F4, 6839F2B840410857AE7DA215A17922A7499A9B99D96032756525878E98175103 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
17:11:56.0681 0x1320  MBAMScheduler - ok
17:11:56.0737 0x1320  [ E27891A49DF92004041FEC5C3A2D4230, A4679A1F10F84935875E35A83FC7075499B8F4CBB543209A38C0D946347CD264 ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
17:11:56.0777 0x1320  MBAMService - ok
17:11:56.0797 0x1320  [ 7FD0FDFB97D80B21195273C4C3810FE1, E1072821AB338F45740DE6CF7BDB7C676CC67AB4BFC2ACF78773ABB424152D2C ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
17:11:56.0807 0x1320  MBAMWebAccessControl - ok
17:11:56.0828 0x1320  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
17:11:56.0843 0x1320  megasas - ok
17:11:56.0888 0x1320  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
17:11:56.0960 0x1320  megasr - ok
17:11:56.0991 0x1320  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
17:11:57.0054 0x1320  MMCSS - ok
17:11:57.0082 0x1320  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
17:11:57.0110 0x1320  Modem - ok
17:11:57.0127 0x1320  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
17:11:57.0170 0x1320  monitor - ok
17:11:57.0178 0x1320  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
17:11:57.0192 0x1320  mouclass - ok
17:11:57.0199 0x1320  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\Windows\System32\drivers\mouhid.sys
17:11:57.0224 0x1320  mouhid - ok
17:11:57.0233 0x1320  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:11:57.0249 0x1320  mountmgr - ok
17:11:57.0287 0x1320  [ 03D14BF1DC59130002F6B8BA3AD89DB9, 1729CCD8AAF51CDB86ED67569974D0B6B1CFFA5F90EF6E6004B0D8A305D88C27 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:11:57.0301 0x1320  MozillaMaintenance - ok
17:11:57.0309 0x1320  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:11:57.0342 0x1320  mpsdrv - ok
17:11:57.0400 0x1320  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:11:57.0446 0x1320  MpsSvc - ok
17:11:57.0492 0x1320  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:11:57.0526 0x1320  MRxDAV - ok
17:11:57.0563 0x1320  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:11:57.0601 0x1320  mrxsmb - ok
17:11:57.0635 0x1320  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:11:57.0669 0x1320  mrxsmb10 - ok
17:11:57.0705 0x1320  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:11:57.0748 0x1320  mrxsmb20 - ok
17:11:57.0768 0x1320  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
17:11:57.0812 0x1320  MsBridge - ok
17:11:57.0828 0x1320  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
17:11:57.0860 0x1320  MSDTC - ok
17:11:57.0896 0x1320  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:11:57.0922 0x1320  Msfs - ok
17:11:57.0937 0x1320  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
17:11:57.0951 0x1320  msgpiowin32 - ok
17:11:57.0971 0x1320  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:11:58.0001 0x1320  mshidkmdf - ok
17:11:58.0021 0x1320  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
17:11:58.0049 0x1320  mshidumdf - ok
17:11:58.0074 0x1320  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:11:58.0088 0x1320  msisadrv - ok
17:11:58.0117 0x1320  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:11:58.0136 0x1320  MSiSCSI - ok
17:11:58.0143 0x1320  msiserver - ok
17:11:58.0169 0x1320  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:11:58.0196 0x1320  MSKSSRV - ok
17:11:58.0212 0x1320  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
17:11:58.0247 0x1320  MsLldp - ok
17:11:58.0259 0x1320  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:11:58.0286 0x1320  MSPCLOCK - ok
17:11:58.0301 0x1320  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:11:58.0322 0x1320  MSPQM - ok
17:11:58.0363 0x1320  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:11:58.0389 0x1320  MsRPC - ok
17:11:58.0400 0x1320  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
17:11:58.0415 0x1320  mssmbios - ok
17:11:58.0429 0x1320  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:11:58.0450 0x1320  MSTEE - ok
17:11:58.0462 0x1320  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
17:11:58.0490 0x1320  MTConfig - ok
17:11:58.0499 0x1320  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
17:11:58.0515 0x1320  Mup - ok
17:11:58.0535 0x1320  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
17:11:58.0575 0x1320  mvumis - ok
17:11:58.0615 0x1320  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
17:11:58.0655 0x1320  napagent - ok
17:11:58.0704 0x1320  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:11:58.0741 0x1320  NativeWifiP - ok
17:11:58.0771 0x1320  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
17:11:58.0808 0x1320  NcaSvc - ok
17:11:58.0828 0x1320  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
17:11:58.0878 0x1320  NcbService - ok
17:11:58.0896 0x1320  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
17:11:58.0946 0x1320  NcdAutoSetup - ok
17:11:59.0005 0x1320  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:11:59.0061 0x1320  NDIS - ok
17:11:59.0084 0x1320  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:11:59.0126 0x1320  NdisCap - ok
17:11:59.0148 0x1320  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
17:11:59.0193 0x1320  NdisImPlatform - ok
17:11:59.0217 0x1320  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:11:59.0248 0x1320  NdisTapi - ok
17:11:59.0268 0x1320  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:11:59.0292 0x1320  Ndisuio - ok
17:11:59.0299 0x1320  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
17:11:59.0323 0x1320  NdisVirtualBus - ok
17:11:59.0361 0x1320  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:59.0397 0x1320  NdisWan - ok
17:11:59.0407 0x1320  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
17:11:59.0432 0x1320  NdisWanLegacy - ok
17:11:59.0440 0x1320  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:11:59.0470 0x1320  NDProxy - ok
17:11:59.0492 0x1320  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
17:11:59.0513 0x1320  Ndu - ok
17:11:59.0521 0x1320  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:11:59.0549 0x1320  NetBIOS - ok
17:11:59.0589 0x1320  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:11:59.0627 0x1320  NetBT - ok
17:11:59.0649 0x1320  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\Windows\system32\lsass.exe
17:11:59.0665 0x1320  Netlogon - ok
17:11:59.0707 0x1320  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
17:11:59.0745 0x1320  Netman - ok
17:11:59.0781 0x1320  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
17:11:59.0832 0x1320  netprofm - ok
17:11:59.0890 0x1320  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:11:59.0907 0x1320  NetTcpPortSharing - ok
17:11:59.0944 0x1320  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
17:11:59.0966 0x1320  netvsc - ok
17:12:00.0005 0x1320  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:12:00.0046 0x1320  NlaSvc - ok
17:12:00.0059 0x1320  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:12:00.0092 0x1320  Npfs - ok
17:12:00.0102 0x1320  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
17:12:00.0147 0x1320  npsvctrig - ok
17:12:00.0181 0x1320  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
17:12:00.0208 0x1320  nsi - ok
17:12:00.0226 0x1320  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:12:00.0251 0x1320  nsiproxy - ok
17:12:00.0344 0x1320  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:12:00.0432 0x1320  Ntfs - ok
17:12:00.0457 0x1320  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
17:12:00.0472 0x1320  Null - ok
17:12:00.0504 0x1320  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:12:00.0521 0x1320  nvraid - ok
17:12:00.0532 0x1320  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:12:00.0551 0x1320  nvstor - ok
17:12:00.0561 0x1320  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:12:00.0578 0x1320  nv_agp - ok
17:12:00.0676 0x1320  [ 10432B8F54E8E0B853F63CDCE634ED11, F46AFAA7F187C88FE2FDBFA3E9FADCEBFD49476F985B90715D296A35C5AB12DF ] omniserv        C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
17:12:00.0683 0x1320  omniserv - detected UnsignedFile.Multi.Generic ( 1 )
17:12:00.0684 0x1320  omniserv ( UnsignedFile.Multi.Generic ) - warning
17:12:00.0717 0x1320  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:12:00.0776 0x1320  p2pimsvc - ok
17:12:00.0812 0x1320  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:12:00.0864 0x1320  p2psvc - ok
17:12:00.0898 0x1320  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
17:12:00.0929 0x1320  Parport - ok
17:12:00.0943 0x1320  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:12:00.0958 0x1320  partmgr - ok
17:12:01.0005 0x1320  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:12:01.0034 0x1320  PcaSvc - ok
17:12:01.0069 0x1320  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\Windows\system32\drivers\pci.sys
17:12:01.0093 0x1320  pci - ok
17:12:01.0112 0x1320  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:12:01.0125 0x1320  pciide - ok
17:12:01.0149 0x1320  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:12:01.0166 0x1320  pcmcia - ok
17:12:01.0187 0x1320  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:12:01.0201 0x1320  pcw - ok
17:12:01.0228 0x1320  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\Windows\system32\drivers\pdc.sys
17:12:01.0244 0x1320  pdc - ok
17:12:01.0285 0x1320  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:12:01.0319 0x1320  PEAUTH - ok
17:12:01.0416 0x1320  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:12:01.0464 0x1320  PerfHost - ok
17:12:01.0547 0x1320  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
17:12:01.0619 0x1320  pla - ok
17:12:01.0647 0x1320  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:12:01.0665 0x1320  PlugPlay - ok
17:12:01.0686 0x1320  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:12:01.0703 0x1320  PNRPAutoReg - ok
17:12:01.0728 0x1320  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:12:01.0756 0x1320  PNRPsvc - ok
17:12:01.0792 0x1320  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:12:01.0821 0x1320  PolicyAgent - ok
17:12:01.0857 0x1320  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
17:12:01.0905 0x1320  Power - ok
17:12:02.0055 0x1320  [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:12:02.0204 0x1320  PrintNotify - ok
17:12:02.0243 0x1320  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
17:12:02.0270 0x1320  Processor - ok
17:12:02.0303 0x1320  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:12:02.0337 0x1320  ProfSvc - ok
17:12:02.0355 0x1320  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:12:02.0388 0x1320  Psched - ok
17:12:02.0424 0x1320  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
17:12:02.0457 0x1320  QWAVE - ok
17:12:02.0474 0x1320  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:12:02.0505 0x1320  QWAVEdrv - ok
17:12:02.0515 0x1320  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:12:02.0532 0x1320  RasAcd - ok
17:12:02.0552 0x1320  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
17:12:02.0573 0x1320  RasAuto - ok
17:12:02.0607 0x1320  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\Windows\System32\rasmans.dll
17:12:02.0661 0x1320  RasMan - ok
17:12:02.0689 0x1320  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:12:02.0722 0x1320  RasPppoe - ok
17:12:02.0751 0x1320  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:12:02.0817 0x1320  rdbss - ok
17:12:02.0837 0x1320  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
17:12:02.0873 0x1320  rdpbus - ok
17:12:02.0891 0x1320  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:12:02.0924 0x1320  RDPDR - ok
17:12:02.0979 0x1320  [ 9F08A6608F98B5407E7DDBCF306573EF, 92812F97CFDB2EC128BC48143DE215B7D012B15D3FB4D2199222AD8C31DA5016 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:12:02.0992 0x1320  RdpVideoMiniport - ok
17:12:03.0016 0x1320  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:12:03.0037 0x1320  rdyboost - ok
17:12:03.0102 0x1320  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
17:12:03.0150 0x1320  ReFS - ok
17:12:03.0190 0x1320  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:12:03.0224 0x1320  RemoteAccess - ok
17:12:03.0252 0x1320  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:12:03.0283 0x1320  RemoteRegistry - ok
17:12:03.0332 0x1320  [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
17:12:03.0358 0x1320  RFCOMM - ok
17:12:03.0376 0x1320  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:12:03.0396 0x1320  RpcEptMapper - ok
17:12:03.0432 0x1320  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
17:12:03.0454 0x1320  RpcLocator - ok
17:12:03.0499 0x1320  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\Windows\system32\rpcss.dll
17:12:03.0538 0x1320  RpcSs - ok
17:12:03.0581 0x1320  [ 6A940599A059C6C9D6E54D7A3EF356B8, 3C3B7706197CD4A43369C639BB8F4A101EC0B159ABADA91373824B06615D4411 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
17:12:03.0599 0x1320  RSP2STOR - ok
17:12:03.0614 0x1320  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:12:03.0633 0x1320  rspndr - ok
17:12:03.0694 0x1320  [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
17:12:03.0710 0x1320  RtkAudioService - ok
17:12:03.0752 0x1320  [ E0B9475F9696E502C530FFB3EE5686B3, C36D3AFEBF10F5D3C6D413005843385A0ECECB44133B68B22DE6AAF7A2C8EEBD ] RtkBtFilter     C:\Windows\system32\DRIVERS\RtkBtfilter.sys
17:12:03.0779 0x1320  RtkBtFilter - ok
17:12:03.0829 0x1320  [ 7CC0D898D00675F14BA0C4BF056C1CF4, E9203DD2A201AEF206C1A4177FD564DDFC8E7468DC268BD99389626A2C6593D3 ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
17:12:03.0864 0x1320  RTL8168 - ok
17:12:04.0001 0x1320  [ 38D6D0577D7F31573886EA130B142079, 45309E70EFD467B996DA2FDBB50533E3014A7ECA992A7A6B0D39B9EA657E945F ] RTWlanE         C:\Windows\system32\DRIVERS\rtwlane.sys
17:12:04.0115 0x1320  RTWlanE - ok
17:12:04.0146 0x1320  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
17:12:04.0171 0x1320  s3cap - ok
17:12:04.0194 0x1320  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\Windows\system32\lsass.exe
17:12:04.0209 0x1320  SamSs - ok
17:12:04.0228 0x1320  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:12:04.0245 0x1320  sbp2port - ok
17:12:04.0280 0x1320  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:12:04.0318 0x1320  SCardSvr - ok
17:12:04.0337 0x1320  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
17:12:04.0370 0x1320  ScDeviceEnum - ok
17:12:04.0386 0x1320  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:12:04.0406 0x1320  scfilter - ok
17:12:04.0472 0x1320  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\Windows\system32\schedsvc.dll
17:12:04.0549 0x1320  Schedule - ok
17:12:04.0589 0x1320  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:12:04.0611 0x1320  SCPolicySvc - ok
17:12:04.0642 0x1320  [ 7B7C482CF48E6EE33664340D1A78E6FE, CE5077C4B0372F4F9F02B0B37AE58C0DAEFCA9D242065731A23F072506430575 ] sdbus           C:\Windows\System32\drivers\sdbus.sys
17:12:04.0664 0x1320  sdbus - ok
17:12:04.0702 0x1320  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
17:12:04.0718 0x1320  sdstor - ok
17:12:04.0735 0x1320  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:12:04.0756 0x1320  secdrv - ok
17:12:04.0777 0x1320  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\Windows\system32\seclogon.dll
17:12:04.0799 0x1320  seclogon - ok
17:12:04.0821 0x1320  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
17:12:04.0851 0x1320  SENS - ok
17:12:04.0873 0x1320  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:12:04.0918 0x1320  SensrSvc - ok
17:12:04.0945 0x1320  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
17:12:04.0959 0x1320  SerCx - ok
17:12:04.0970 0x1320  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
17:12:04.0988 0x1320  SerCx2 - ok
17:12:04.0996 0x1320  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
17:12:05.0014 0x1320  Serenum - ok
17:12:05.0031 0x1320  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
17:12:05.0056 0x1320  Serial - ok
17:12:05.0067 0x1320  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
17:12:05.0081 0x1320  sermouse - ok
17:12:05.0136 0x1320  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:12:05.0172 0x1320  SessionEnv - ok
17:12:05.0180 0x1320  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
17:12:05.0196 0x1320  sfloppy - ok
17:12:05.0237 0x1320  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:12:05.0278 0x1320  SharedAccess - ok
17:12:05.0350 0x1320  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:12:05.0410 0x1320  ShellHWDetection - ok
17:12:05.0427 0x1320  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:12:05.0487 0x1320  SiSRaid2 - ok
17:12:05.0518 0x1320  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:12:05.0563 0x1320  SiSRaid4 - ok
17:12:05.0620 0x1320  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
17:12:05.0642 0x1320  SkypeUpdate - ok
17:12:05.0672 0x1320  [ 32B3FB238A26267D358D7159B9171505, 692470C2F8B77A5342A72DA7E384DA762DBEEEFAC25301242E23C20427DB7440 ] SmbDrv          C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys
17:12:05.0683 0x1320  SmbDrv - ok
17:12:05.0696 0x1320  [ B71EF473D8B90A2C4DC76B03E382DEE6, 1224488EB9C23FAB78252A09ED2A986F5A8263EB6F236B33A54DB777426BF636 ] SmbDrvI         C:\Windows\System32\drivers\Smb_driver_Intel.sys
17:12:05.0705 0x1320  SmbDrvI - ok
17:12:05.0720 0x1320  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\Windows\System32\smphost.dll
17:12:05.0770 0x1320  smphost - ok
17:12:05.0792 0x1320  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:12:05.0826 0x1320  SNMPTRAP - ok
17:12:05.0875 0x1320  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport       C:\Windows\system32\drivers\spaceport.sys
17:12:05.0905 0x1320  spaceport - ok
17:12:05.0919 0x1320  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
17:12:05.0935 0x1320  SpbCx - ok
17:12:05.0975 0x1320  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler         C:\Windows\System32\spoolsv.exe
17:12:06.0036 0x1320  Spooler - ok
17:12:06.0272 0x1320  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
17:12:06.0587 0x1320  sppsvc - ok
17:12:06.0647 0x1320  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:12:06.0694 0x1320  srv - ok
17:12:06.0730 0x1320  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:12:06.0774 0x1320  srv2 - ok
17:12:06.0818 0x1320  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:12:06.0846 0x1320  srvnet - ok
17:12:06.0874 0x1320  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:12:06.0900 0x1320  SSDPSRV - ok
17:12:06.0910 0x1320  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:12:06.0933 0x1320  SstpSvc - ok
17:12:06.0975 0x1320  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
17:12:07.0032 0x1320  ssudmdm - ok
17:12:07.0092 0x1320  [ CBEE56BA774ACACB74B9CCB40450220F, 091671C3868BB76DDE19E4A24BAB7D0F9DD11C6DD2D87EA7FF6CE1F276A8312B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:12:07.0128 0x1320  Steam Client Service - ok
17:12:07.0154 0x1320  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:12:07.0169 0x1320  stexstor - ok
17:12:07.0221 0x1320  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
17:12:07.0299 0x1320  stisvc - ok
17:12:07.0335 0x1320  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
17:12:07.0352 0x1320  storahci - ok
17:12:07.0369 0x1320  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
17:12:07.0399 0x1320  storflt - ok
17:12:07.0407 0x1320  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
17:12:07.0422 0x1320  stornvme - ok
17:12:07.0461 0x1320  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
17:12:07.0494 0x1320  StorSvc - ok
17:12:07.0515 0x1320  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:12:07.0528 0x1320  storvsc - ok
17:12:07.0542 0x1320  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
17:12:07.0576 0x1320  svsvc - ok
17:12:07.0590 0x1320  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
17:12:07.0603 0x1320  swenum - ok
17:12:07.0653 0x1320  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\Windows\System32\swprv.dll
17:12:07.0710 0x1320  swprv - ok
17:12:07.0752 0x1320  [ CDA92383EFB52846B7894280A559C330, 8ACE4212AD4ABD29B06950F8CABBDF1B4813A311FAE3C0A999E60E711FD236CC ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
17:12:07.0810 0x1320  SynTP - ok
17:12:07.0858 0x1320  [ EE9F01B61899A4576AC09EE7DD200A34, 6990E332CD11ABBB535535EC9079D87BBD4D0BE37119EBC5878A7320F2689F64 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
17:12:07.0873 0x1320  SynTPEnhService - ok
17:12:07.0933 0x1320  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\Windows\system32\sysmain.dll
17:12:08.0014 0x1320  SysMain - ok
17:12:08.0061 0x1320  [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
17:12:08.0102 0x1320  SystemEventsBroker - ok
17:12:08.0135 0x1320  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
17:12:08.0156 0x1320  TabletInputService - ok
17:12:08.0178 0x1320  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:12:08.0222 0x1320  TapiSrv - ok
17:12:08.0339 0x1320  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:12:08.0446 0x1320  Tcpip - ok
17:12:08.0524 0x1320  [ CCB3A2BB60FE5073F2DEA63FE83CF8FE, 02982136236DD595D8974E6645A008D663B4DD3BC3824721E4DE4377B97887C7 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:12:08.0626 0x1320  TCPIP6 - ok
17:12:08.0661 0x1320  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:12:08.0701 0x1320  tcpipreg - ok
17:12:08.0726 0x1320  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:12:08.0744 0x1320  tdx - ok
17:12:08.0767 0x1320  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
17:12:08.0781 0x1320  terminpt - ok
17:12:08.0843 0x1320  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\Windows\System32\termsrv.dll
17:12:08.0915 0x1320  TermService - ok
17:12:08.0935 0x1320  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
17:12:08.0971 0x1320  Themes - ok
17:12:08.0992 0x1320  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:12:09.0008 0x1320  THREADORDER - ok
17:12:09.0031 0x1320  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
17:12:09.0068 0x1320  TimeBroker - ok
17:12:09.0104 0x1320  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
17:12:09.0124 0x1320  TPM - ok
17:12:09.0135 0x1320  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
17:12:09.0156 0x1320  TrkWks - ok
17:12:09.0203 0x1320  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:12:09.0263 0x1320  TrustedInstaller - ok
17:12:09.0280 0x1320  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:12:09.0321 0x1320  TsUsbFlt - ok
17:12:09.0329 0x1320  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
17:12:09.0356 0x1320  TsUsbGD - ok
17:12:09.0386 0x1320  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:12:09.0410 0x1320  tunnel - ok
17:12:09.0419 0x1320  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:12:09.0435 0x1320  uagp35 - ok
17:12:09.0454 0x1320  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
17:12:09.0471 0x1320  UASPStor - ok
17:12:09.0492 0x1320  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
17:12:09.0515 0x1320  UCX01000 - ok
17:12:09.0538 0x1320  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:12:09.0579 0x1320  udfs - ok
17:12:09.0596 0x1320  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
17:12:09.0610 0x1320  UEFI - ok
17:12:09.0646 0x1320  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:12:09.0681 0x1320  UI0Detect - ok
17:12:09.0715 0x1320  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:12:09.0750 0x1320  uliagpkx - ok
17:12:09.0774 0x1320  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
17:12:09.0799 0x1320  umbus - ok
17:12:09.0805 0x1320  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
17:12:09.0828 0x1320  UmPass - ok
17:12:09.0865 0x1320  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:12:09.0897 0x1320  UmRdpService - ok
17:12:09.0923 0x1320  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
17:12:09.0971 0x1320  upnphost - ok
17:12:10.0007 0x1320  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
17:12:10.0025 0x1320  usbccgp - ok
17:12:10.0060 0x1320  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
17:12:10.0089 0x1320  usbcir - ok
17:12:10.0119 0x1320  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
17:12:10.0134 0x1320  usbehci - ok
17:12:10.0168 0x1320  [ 5A4AC5D05A7C97C68596416C05D6F2B4, 1CDE5172B763D2D65379B9F3ABACC080AF676DB9354EC98A455E620C4CE3E18A ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
17:12:10.0178 0x1320  usbfilter - ok
17:12:10.0226 0x1320  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\Windows\System32\drivers\usbhub.sys
17:12:10.0256 0x1320  usbhub - ok
17:12:10.0292 0x1320  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
17:12:10.0325 0x1320  USBHUB3 - ok
17:12:10.0373 0x1320  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
17:12:10.0428 0x1320  usbohci - ok
17:12:10.0451 0x1320  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
17:12:10.0494 0x1320  usbprint - ok
17:12:10.0523 0x1320  [ F04D164C4168701A4E7835607722E5F1, 6F743CF2CF73945B4A4B1C4402744BC2FE1624F1346C194493AD2F7110F9EB35 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
17:12:10.0550 0x1320  usbscan - ok
17:12:10.0590 0x1320  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
17:12:10.0609 0x1320  USBSTOR - ok
17:12:10.0648 0x1320  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
17:12:10.0670 0x1320  usbuhci - ok
17:12:10.0703 0x1320  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:12:10.0727 0x1320  usbvideo - ok
17:12:10.0745 0x1320  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
17:12:10.0771 0x1320  USBXHCI - ok
17:12:10.0784 0x1320  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:12:10.0799 0x1320  VaultSvc - ok
17:12:10.0806 0x1320  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:12:10.0820 0x1320  vdrvroot - ok
17:12:10.0876 0x1320  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\Windows\System32\vds.exe
17:12:10.0941 0x1320  vds - ok
17:12:10.0961 0x1320  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
17:12:10.0981 0x1320  VerifierExt - ok
17:12:11.0012 0x1320  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
17:12:11.0049 0x1320  vhdmp - ok
17:12:11.0086 0x1320  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:12:11.0099 0x1320  viaide - ok
17:12:11.0108 0x1320  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:12:11.0124 0x1320  vmbus - ok
17:12:11.0130 0x1320  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
17:12:11.0160 0x1320  VMBusHID - ok
17:12:11.0206 0x1320  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
17:12:11.0237 0x1320  vmicguestinterface - ok
17:12:11.0256 0x1320  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
17:12:11.0287 0x1320  vmicheartbeat - ok
17:12:11.0307 0x1320  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
17:12:11.0337 0x1320  vmickvpexchange - ok
17:12:11.0356 0x1320  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
17:12:11.0386 0x1320  vmicrdv - ok
17:12:11.0404 0x1320  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
17:12:11.0435 0x1320  vmicshutdown - ok
17:12:11.0453 0x1320  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
17:12:11.0484 0x1320  vmictimesync - ok
17:12:11.0502 0x1320  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
17:12:11.0533 0x1320  vmicvss - ok
17:12:11.0549 0x1320  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:12:11.0567 0x1320  volmgr - ok
17:12:11.0596 0x1320  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:12:11.0623 0x1320  volmgrx - ok
17:12:11.0661 0x1320  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:12:11.0688 0x1320  volsnap - ok
17:12:11.0705 0x1320  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\Windows\System32\drivers\vpci.sys
17:12:11.0750 0x1320  vpci - ok
17:12:11.0768 0x1320  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:12:11.0786 0x1320  vsmraid - ok
17:12:11.0867 0x1320  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\Windows\system32\vssvc.exe
17:12:11.0937 0x1320  VSS - ok
17:12:11.0975 0x1320  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
17:12:11.0999 0x1320  VSTXRAID - ok
17:12:12.0027 0x1320  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:12:12.0075 0x1320  vwifibus - ok
17:12:12.0107 0x1320  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:12:12.0170 0x1320  vwififlt - ok
17:12:12.0190 0x1320  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:12:12.0205 0x1320  vwifimp - ok
17:12:12.0237 0x1320  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
17:12:12.0270 0x1320  W32Time - ok
17:12:12.0317 0x1320  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\Windows\system32\inetsrv\w3logsvc.dll
17:12:12.0344 0x1320  w3logsvc - ok
17:12:12.0360 0x1320  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
17:12:12.0375 0x1320  WacomPen - ok
17:12:12.0408 0x1320  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\Windows\system32\inetsrv\iisw3adm.dll
17:12:12.0450 0x1320  WAS - ok
17:12:12.0528 0x1320  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\Windows\system32\wbengine.exe
17:12:12.0605 0x1320  wbengine - ok
17:12:12.0641 0x1320  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:12:12.0720 0x1320  WbioSrvc - ok
17:12:12.0753 0x1320  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
17:12:12.0784 0x1320  Wcmsvc - ok
17:12:12.0823 0x1320  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:12:12.0868 0x1320  wcncsvc - ok
17:12:12.0882 0x1320  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:12:12.0924 0x1320  WcsPlugInService - ok
17:12:12.0960 0x1320  [ 0359607177E5E9F6041136CC0A5CB0B6, 16687BE2639648CF46E8768BA1798030472C525612C629BF134D053240E2195B ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
17:12:12.0974 0x1320  WdBoot - ok
17:12:13.0034 0x1320  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:12:13.0073 0x1320  Wdf01000 - ok
17:12:13.0096 0x1320  [ DE8D12B4C3F55FA2C5E9774314F6C58A, C3E835DC066A94E1431BCDC90D7EA27AAC6F82826F4A5527B37D865241D7A366 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
17:12:13.0121 0x1320  WdFilter - ok
17:12:13.0141 0x1320  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:12:13.0176 0x1320  WdiServiceHost - ok
17:12:13.0195 0x1320  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:12:13.0220 0x1320  WdiSystemHost - ok
17:12:13.0253 0x1320  [ 4AD874CDC812EC156265E451B6B09DAB, 6E3E05B8301841425E9BB0D54B35EF386B78EEB307B5A6153FD1F366D30F23FA ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
17:12:13.0271 0x1320  WdNisDrv - ok
17:12:13.0296 0x1320  WdNisSvc - ok
17:12:13.0331 0x1320  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient       C:\Windows\System32\webclnt.dll
17:12:13.0361 0x1320  WebClient - ok
17:12:13.0397 0x1320  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:12:13.0430 0x1320  Wecsvc - ok
17:12:13.0452 0x1320  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
17:12:13.0474 0x1320  WEPHOSTSVC - ok
17:12:13.0496 0x1320  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:12:13.0554 0x1320  wercplsupport - ok
17:12:13.0588 0x1320  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:12:13.0623 0x1320  WerSvc - ok
17:12:13.0646 0x1320  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
17:12:13.0664 0x1320  WFPLWFS - ok
17:12:13.0683 0x1320  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
17:12:13.0714 0x1320  WiaRpc - ok
17:12:13.0744 0x1320  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:12:13.0758 0x1320  WIMMount - ok
17:12:13.0762 0x1320  WinDefend - ok
17:12:13.0827 0x1320  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
17:12:13.0876 0x1320  WinHttpAutoProxySvc - ok
17:12:13.0928 0x1320  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:12:13.0952 0x1320  Winmgmt - ok
17:12:14.0071 0x1320  [ 9CE162EB9057CF079736F4DD00FC0D6C, 412C34557866D2A3B3CDAFA5A03B87C01AACF75E349802E511098B20137028D9 ] WinRM           C:\Windows\system32\WsmSvc.dll
17:12:14.0185 0x1320  WinRM - ok
17:12:14.0245 0x1320  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:12:14.0266 0x1320  WinUsb - ok
17:12:14.0289 0x1320  [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys
17:12:14.0299 0x1320  WirelessButtonDriver - ok
17:12:14.0376 0x1320  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc         C:\Windows\System32\wlansvc.dll
17:12:14.0440 0x1320  WlanSvc - ok
17:12:14.0515 0x1320  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
17:12:14.0577 0x1320  wlidsvc - ok
17:12:14.0604 0x1320  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
17:12:14.0625 0x1320  WmiAcpi - ok
17:12:14.0665 0x1320  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:12:14.0698 0x1320  wmiApSrv - ok
17:12:14.0719 0x1320  WMPNetworkSvc - ok
17:12:14.0747 0x1320  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\Windows\system32\drivers\Wof.sys
17:12:14.0765 0x1320  Wof - ok
17:12:14.0854 0x1320  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
17:12:14.0929 0x1320  workfolderssvc - ok
17:12:14.0971 0x1320  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
17:12:14.0986 0x1320  wpcfltr - ok
17:12:15.0004 0x1320  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:12:15.0045 0x1320  WPCSvc - ok
17:12:15.0077 0x1320  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:12:15.0129 0x1320  WPDBusEnum - ok
17:12:15.0149 0x1320  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
17:12:15.0164 0x1320  WpdUpFltr - ok
17:12:15.0185 0x1320  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:12:15.0202 0x1320  ws2ifsl - ok
17:12:15.0229 0x1320  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\Windows\System32\wscsvc.dll
17:12:15.0280 0x1320  wscsvc - ok
17:12:15.0287 0x1320  WSearch - ok
17:12:15.0440 0x1320  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\Windows\System32\WSService.dll
17:12:15.0589 0x1320  WSService - ok
17:12:15.0756 0x1320  [ DCD090318EC800CF6275C6835900B0C6, 9E72762EEE46CC0606B909850E6D22E9C8E5C88E82F7C974B2B7C1E5160BEBA7 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:12:15.0902 0x1320  wuauserv - ok
17:12:15.0942 0x1320  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:12:15.0966 0x1320  WudfPf - ok
17:12:15.0989 0x1320  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
17:12:16.0018 0x1320  WUDFRd - ok
17:12:16.0032 0x1320  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP    C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:16.0050 0x1320  WUDFSensorLP - ok
17:12:16.0071 0x1320  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:12:16.0103 0x1320  wudfsvc - ok
17:12:16.0116 0x1320  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:16.0135 0x1320  WUDFWpdFs - ok
17:12:16.0145 0x1320  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
17:12:16.0165 0x1320  WUDFWpdMtp - ok
17:12:16.0208 0x1320  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:12:16.0257 0x1320  WwanSvc - ok
17:12:16.0277 0x1320  ================ Scan global ===============================
17:12:16.0324 0x1320  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
17:12:16.0359 0x1320  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\system32\winsrv.dll
17:12:16.0390 0x1320  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
17:12:16.0433 0x1320  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\system32\services.exe
17:12:16.0445 0x1320  [ Global ] - ok
17:12:16.0446 0x1320  ================ Scan MBR ==================================
17:12:16.0461 0x1320  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:12:16.0529 0x1320  \Device\Harddisk0\DR0 - ok
17:12:16.0529 0x1320  ================ Scan VBR ==================================
17:12:16.0559 0x1320  [ E59F3C308AE24486B4C866AC3F32289F ] \Device\Harddisk0\DR0\Partition1
17:12:16.0620 0x1320  \Device\Harddisk0\DR0\Partition1 - ok
17:12:16.0635 0x1320  [ D01C23EFB4D4D71D7752BECAD848E919 ] \Device\Harddisk0\DR0\Partition2
17:12:16.0688 0x1320  \Device\Harddisk0\DR0\Partition2 - ok
17:12:16.0705 0x1320  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
17:12:16.0705 0x1320  \Device\Harddisk0\DR0\Partition3 - ok
17:12:16.0717 0x1320  [ B5035D7C94789A8C3D5F6DF8DC09D77A ] \Device\Harddisk0\DR0\Partition4
17:12:16.0775 0x1320  \Device\Harddisk0\DR0\Partition4 - ok
17:12:16.0799 0x1320  [ 813A5B5623EA381FA8E922520CB2ABE6 ] \Device\Harddisk0\DR0\Partition5
17:12:16.0808 0x1320  \Device\Harddisk0\DR0\Partition5 - ok
17:12:16.0810 0x1320  ================ Scan generic autorun ======================
17:12:17.0099 0x1320  [ 074B2C777090821E020B404AF5BF97AD, 26DF9B3A153B2BCB6ED4DBB66CC9429790854095439119A618B05ECEBFB31F12 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
17:12:17.0323 0x1320  RTHDVCPL - ok
17:12:17.0542 0x1320  [ C816DCF1FC09408479911B4474AF7934, 95ECBE44BDBD12273D9DF525F547474332A5DFA6513E251E94817E778F03D4B6 ] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
17:12:17.0661 0x1320  SimplePass - ok
17:12:17.0705 0x1320  [ CDC545E900FF17A62BD245ED2321F2B1, C0FD9C56E19C871ED596F404D835FC58C387D6AC0BEEFF0B1628CD25CAB7A260 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
17:12:17.0726 0x1320  OPBHOBroker - ok
17:12:17.0744 0x1320  [ A4CDDC0981126AC07600668C8F6CF993, D99D10A54FE555076A3B9BDD74C0C7DE3C79140C770BA7F61AEA3213DFE8D9BC ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
17:12:17.0765 0x1320  OPBHOBrokerDesktop - ok
17:12:17.0766 0x1320  SynTPEnh - ok
17:12:17.0812 0x1320  [ 690EB331346D7ADFDA18E50042DEA4B4, 0C219D7A5FCD4E0252C815373E67F843DBD7356FAE7AB836C451068B51438FE7 ] C:\Program Files\Classic Shell\ClassicStartMenu.exe
17:12:17.0842 0x1320  Classic Start Menu - detected UnsignedFile.Multi.Generic ( 1 )
17:12:17.0842 0x1320  Classic Start Menu ( UnsignedFile.Multi.Generic ) - warning
17:12:17.0900 0x1320  [ 223A96BAC91792E1A954BFEB49FBE02C, 56582B1E48EB9AAE8C3AA0BCFB3B8DCBBA6AE26138BBE801DA2404A527DF5636 ] C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe
17:12:17.0909 0x1320  LogMeIn GUI - ok
17:12:18.0382 0x1320  [ 19ECAAEA3CC248489FE987C10B688C0D, 967CB23A8176B3181EE2A55DFBB04A69988AB22105D4C450C5B5E729B91FAD5A ] C:\Program Files\Logitech Gaming Software\LCore.exe
17:12:18.0742 0x1320  Launch LCore - ok
17:12:18.0882 0x1320  [ 1E41BAC800ABEF1DA2C42EB843D0077D, FBD05FF7442E4880183E736E1D000011FD791EDDED796AC8234CF4D4A6905636 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:12:18.0913 0x1320  StartCCC - ok
17:12:18.0975 0x1320  [ 396A498982C926020B0D4429806FAD1E, 8BF3BB687E43DBC3AF8B2E7F1BBE429AD007E11C9C8E8A82B9ABC809A7DBE28F ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
17:12:18.0987 0x1320  AccelerometerSysTrayApplet - ok
17:12:19.0028 0x1320  [ 5190AEE2BF02180D8D0D661E90E712ED, E1B9C70A0E2F92C461CC409E14D9DCEAF3528E80A7743465810D4610A8F884C9 ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
17:12:19.0051 0x1320  HPMessageService - ok
17:12:19.0129 0x1320  [ 8913FE8D1CE9834A2422AC57F91DF782, DD4D04F839DCB2918166219D9793AC392AF0B8DB35C63154FE046E99B8E06406 ] C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
17:12:19.0146 0x1320  StatusAlerts - ok
17:12:19.0223 0x1320  [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
17:12:19.0252 0x1320  avgnt - ok
17:12:19.0448 0x1320  [ F4A755E3A99F4F2324FC2138D30F01B4, EFA955082404977B13754E0DA9CAFF304CA9B87C8B0F2C7166A55ECDF1482DB4 ] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
17:12:19.0606 0x1320  LogMeIn Hamachi Ui - ok
17:12:19.0641 0x1320  [ CB08561AB36857CCF74BF11475C9AEB2, 5F15F6868A719A0A84D3E0FE2BC4E76975C50FA99D642279DDA972269ADFDB8B ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
17:12:19.0654 0x1320  Avira Systray - ok
17:12:19.0686 0x1320  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
17:12:19.0715 0x1320  Pokki - ok
17:12:19.0724 0x1320  [ 6E0BDFBEEED65B017F2E4C2C910B0520, 54D798C2E2804DCDB84E9650EA4A032C669B10C586B396D5505F16235D83882C ] C:\Windows\system32\rundll32.exe
17:12:19.0751 0x1320  Pokki - ok
17:12:19.0772 0x1320  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x40000 ( disabled : updated )
17:12:19.0773 0x1320  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.6.305.0 ), 0x60100 ( disabled : updated )
17:12:19.0777 0x1320  Win FW state via NFP2: enabled
17:12:19.0777 0x1320  ============================================================
17:12:19.0777 0x1320  Scan finished
17:12:19.0777 0x1320  ============================================================
17:12:19.0790 0x11c4  Detected object count: 6
17:12:19.0791 0x11c4  Actual detected object count: 6
17:14:01.0494 0x11c4  BTDevManager ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0494 0x11c4  BTDevManager ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:14:01.0495 0x11c4  HP DS Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0495 0x11c4  HP DS Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:14:01.0497 0x11c4  HP LaserJet Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0497 0x11c4  HP LaserJet Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:14:01.0499 0x11c4  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0499 0x11c4  HP Support Assistant Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:14:01.0501 0x11c4  omniserv ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0501 0x11c4  omniserv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:14:01.0503 0x11c4  Classic Start Menu ( UnsignedFile.Multi.Generic ) - skipped by user
17:14:01.0503 0x11c4  Classic Start Menu ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:14:45.0216 0x0b38  Deinitialize success
         

Alt 14.05.2015, 22:02   #5
schrauber
/// the machine
/// TB-Ausbilder
 

audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 14.05.2015, 23:30   #6
Teron821
 
audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



ADW Cleaner:
Code:
ATTFilter
# AdwCleaner v4.204 - Bericht erstellt 14/05/2015 um 23:14:33
# Aktualisiert 12/05/2015 von Xplode
# Datenbank : 2015-05-12.2 [Server]
# Betriebssystem : Windows 8.1  (x64)
# Benutzername : MeinAdmin - BAERENFROSCH
# Gestarted von : C:\Users\Leo\Desktop\AdwCleaner_4.204.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Mama\AppData\Local\pokki
Ordner Gelöscht : C:\Users\peter\AppData\Local\pokki

***** [ Geplante Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Google Chrome v42.0.2311.152


*************************

AdwCleaner[R0].txt - [818 Bytes] - [21/03/2015 17:51:01]
AdwCleaner[R1].txt - [876 Bytes] - [21/03/2015 18:11:21]
AdwCleaner[R2].txt - [942 Bytes] - [21/03/2015 18:31:49]
AdwCleaner[R3].txt - [1000 Bytes] - [21/03/2015 18:37:11]
AdwCleaner[R4].txt - [1484 Bytes] - [22/03/2015 15:20:26]
AdwCleaner[R5].txt - [1344 Bytes] - [14/05/2015 23:12:57]
AdwCleaner[S0].txt - [936 Bytes] - [21/03/2015 18:19:12]
AdwCleaner[S1].txt - [1061 Bytes] - [21/03/2015 18:42:39]
AdwCleaner[S2].txt - [1545 Bytes] - [22/03/2015 15:34:24]
AdwCleaner[S3].txt - [1266 Bytes] - [14/05/2015 23:14:33]

########## EOF - \AdwCleaner\AdwCleaner[S3].txt - [1325  Bytes] ##########
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.7.1 (05.14.2015:1)
OS: Windows 8.1 x64
Ran by MeinAdmin on 14.05.2015 at 23:26:00,30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-1725350855-1927001909-1276192757-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-2881027173-1356110710-2079407161-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1002
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1006
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1008
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-500
Successfully deleted: [Task] C:\Windows\system32\tasks\Optimize Start Menu Cache Files-S-1-5-21-979327490-4025052932-4217923707-500



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.05.2015 at 23:28:24,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 15.05.2015, 19:52   #7
schrauber
/// the machine
/// TB-Ausbilder
 

audiodg.exe - Virus? - Standard

audiodg.exe - Virus?




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.05.2015, 23:06   #8
Teron821
 
audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=4da2362f5529fa4cab3f13d837903bec
# engine=23882
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-05-16 08:55:08
# local_time=2015-05-16 10:55:08 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 15836209 56691001 0 0
# scanned=351654
# found=0
# cleaned=0
# scan_time=7926
         
Code:
ATTFilter
 Results of screen317's Security Check version 1.001  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus    
Windows Defender   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java version 32-bit out of Date! 
 Adobe Flash Player 	17.0.0.188  
 Mozilla Firefox (37.0.2) 
 Google Chrome (42.0.2311.135) 
 Google Chrome (42.0.2311.152) 
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-05-2015 02
Ran by MeinAdmin at 2015-05-16 23:04:23
Running from C:\Users\Leo\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Admin (S-1-5-21-514103404-2733609734-414756415-1002 - Administrator - Enabled) => C:\Users\peter
Administrator (S-1-5-21-514103404-2733609734-414756415-500 - Administrator - Disabled)
Gast (S-1-5-21-514103404-2733609734-414756415-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-514103404-2733609734-414756415-1009 - Limited - Enabled)
Leo (S-1-5-21-514103404-2733609734-414756415-1006 - Limited - Enabled) => C:\Users\Leo
Mama (S-1-5-21-514103404-2733609734-414756415-1005 - Administrator - Enabled)
MeinAdmin (S-1-5-21-514103404-2733609734-414756415-1008 - Administrator - Enabled) => C:\Users\MeinAdmin
Robert (S-1-5-21-514103404-2733609734-414756415-1007 - Administrator - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
A.V.A - Alliance of Valiant Arms (HKLM-x32\...\Steam App 102700) (Version:  - RED DUCK Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{0B448829-3672-18EA-4117-C1240D4CF140}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.10.434 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot (x32 Version: 2.2.0.98 - WildTangent) Hidden
Building the Great Wall of China Collector's Edition (x32 Version: 3.0.2.48 - WildTangent) Hidden
CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - )
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Crazy Chicken Soccer (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.)
Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4.4824 - CyberLink Corp.)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.6.3821 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.6.3906 - CyberLink Corp.)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3.3709 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.3.3907 - CyberLink Corp.)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dragon Notes de-DE (HKLM-x32\...\{C438C1D0-A46C-4BFA-AF07-11261DE9CCE0}) (Version: 01.00.100.011 - Nuance Communications Inc.)
Energy Star (HKLM\...\{465CA2B6-98AF-4E77-BE22-A908C34BB9EC}) (Version: 1.0.9 - Hewlett-Packard Company)
Evernote v. 5.2 (HKLM-x32\...\{412F6426-A3C7-11E3-8A71-00163E98E7D6}) (Version: 5.2.0.2951 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Hours of Titanfall (HKLM-x32\...\Steam App 292060) (Version:  - Geoff Keighley)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
GeoGebra 5 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\GeoGebra 5) (Version: 5.0.67.0 - International GeoGebra Institute)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.152 - Google Inc.)
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Heroes & Generals (HKLM-x32\...\Steam App 227940) (Version:  - Reto-Moto)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HIT (HKLM-x32\...\Steam App 336670) (Version:  - Shifty Chair Games)
Hitman: Contracts (HKLM-x32\...\Steam App 247430) (Version:  - IO Interactive)
HP 3D DriveGuard (HKLM-x32\...\{F90A86C9-7779-47DD-AC06-8EE832C55F55}) (Version: 6.0.18.1 - Hewlett-Packard Company)
HP Color LaserJet Pro MFP M176 (HKLM-x32\...\{7ef5f914-a8e1-4f35-8b91-5f5a3ea16c55}) (Version: 8.0.13192.913 - Hewlett-Packard)
HP CoolSense (HKLM-x32\...\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C}) (Version: 2.20.31 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{082B1425-0F24-43FA-9B64-E8F617B0AD3B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.7493.4758 - Hewlett-Packard)
HP SimplePass (HKLM-x32\...\InstallShield_{314FAD12-F785-4471-BCE8-AB506642B9A1}) (Version: 8.01.08 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{8C696B4B-6AB1-44BC-9416-96EAC474CABE}) (Version: 7.5.2.12 - Hewlett-Packard Company)
HP System Event Utility (HKLM-x32\...\{E9FA2CA2-B7B2-43E6-8449-A1618B042EAE}) (Version: 1.1.3 - Hewlett-Packard Company)
HP Utility Center (HKLM\...\{B7B82520-8ECE-4743-BFD7-93B16C64B277}) (Version: 2.4.2 - Hewlett-Packard Company)
HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company)
hpbDSService (x32 Version: 002.002.07399 - Hewlett-Packard) Hidden
hpbM176DSService (x32 Version: 001.001.08254 - Hewlett-Packard) Hidden
hppLaserJetService (x32 Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM176LaserJetService (x32 Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (x32 Version: 080.040.00171 - Hewlett Packard) Hidden
hpStatusAlertsM176 (x32 Version: 080.046.00111 - Hewlett-Packard) Hidden
Inst5675 (Version: 8.01.08 - Softex Inc.) Hidden
Inst5676 (Version: 8.01.08 - Softex Inc.) Hidden
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version:  - Squad)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LibreOffice 4.3.2.2 (HKLM-x32\...\{9C13F99C-6E1A-4126-AE91-EAA2DADE08D6}) (Version: 4.3.2.2 - The Document Foundation)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{F93EE340-3735-4032-8B74-0A3E489017A0}) (Version: 4.1.4670 - LogMeIn, Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.328 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.328 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Firefox 37.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 37.0.2 (x86 de)) (Version: 37.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.1 - Mozilla)
OEM Application Profile (HKLM-x32\...\{315F1A48-D883-B234-7C79-15873574ACC1}) (Version: 1.00.0000 - Ihr Firmenname)
Paintball2 Alpha build 40 (HKLM-x32\...\Paintball2) (Version: Alpha build 40 - Digital Paint)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Plants vs. Zombies - Game of the Year (x32 Version: 3.0.2.51 - WildTangent) Hidden
Pokki (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\Pokki) (Version: 0.269.7.574 - Pokki)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Ranch Rush 2 - Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 1.0.0.6 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.29075 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7195 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.13.1216 - REALTEK Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.7.8 - Synaptics Incorporated)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
Toribash (HKLM-x32\...\Steam App 248570) (Version:  - Nabi Studios)
Trinklit Supreme (x32 Version: 2.2.0.98 - WildTangent) Hidden
Unity Web Player (HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App für HP (x32 Version: 4.0.11.2 - WildTangent) Hidden
WildTangent-Spiele (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.4.0 - WildTangent)
Youda Jewel Shop (x32 Version: 3.0.2.51 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

27-04-2015 13:57:36 Geplanter Prüfpunkt
05-05-2015 19:56:03 Geplanter Prüfpunkt
14-05-2015 14:56:07 Malwarebytes Anti-Rootkit Restore Point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {316007E6-D02E-481B-80AE-AAF221232C23} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {4DEC0FF5-02D7-4A5D-A92F-C760D3A73FEB} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {65FBCC2B-DA0F-4EF7-9565-308A73C8CBEA} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005 No Task File <==== ATTENTION
Task: {6657947E-2D48-4AE1-BF4E-CF4D6105712B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2015-04-14] (Hewlett-Packard)
Task: {8756A64C-A489-4B77-9DA1-402404CC1DD2} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1008 No Task File <==== ATTENTION
Task: {B284AD28-073B-4655-94C7-C0C257C067AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2014-01-13] (Hewlett-Packard Company)
Task: {B84A40CB-13A5-40E8-8476-DE10AB0D9D27} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2014-03-07] (CyberLink Corp.)
Task: {D3045CA2-FE90-4C31-B9DB-7B062034F6B9} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-500 No Task File <==== ATTENTION
Task: {D3CCAA93-6012-4DC7-8DD8-61855EC97C88} - System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/abandoninstall?page=tsProgressBar
Task: {DD3A2C72-2298-436B-848C-94FA11EE34ED} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {E0405F4E-B265-486A-94EE-48320F5A7984} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1002 No Task File <==== ATTENTION
Task: {E8BC3766-ADA2-4E7D-BC00-7201889A3FE5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {EF9A97A4-4FCB-4D9F-9B50-B63DAF391E2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-11-08] (Google Inc.)
Task: {F32F1211-375B-484F-8FE8-D44401E98193} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-11-01] (Hewlett-Packard Development Company, L.P.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2014-03-01 18:38 - 2014-03-01 18:38 - 02110464 _____ () C:\Program Files\Hewlett-Packard\SimplePass\autheng.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00021504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\cryptodll.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00035328 _____ () C:\Program Files\Hewlett-Packard\SimplePass\ssplogon.dll
2014-03-01 18:34 - 2014-03-01 18:34 - 00055296 _____ () C:\Program Files\Hewlett-Packard\SimplePass\RandomPass.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00367504 _____ () C:\Program Files\Hewlett-Packard\SimplePass\mstrpwd.dll
2014-03-01 18:52 - 2014-03-01 18:52 - 00712592 _____ () C:\Program Files\Hewlett-Packard\SimplePass\GraphicalPwd.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll
2014-10-07 22:33 - 2012-09-18 15:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2014-04-06 22:38 - 2014-04-06 22:38 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2014-06-10 21:21 - 2014-03-05 18:09 - 00088064 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-03-01 18:41 - 2014-03-01 18:41 - 00065024 _____ () C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
2014-09-18 09:23 - 2014-09-18 09:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 09:23 - 2014-09-18 09:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 20:51 - 2014-10-14 20:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00387984 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\fl_core.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01165712 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_asr.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00199056 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_base.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 01132944 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_pron.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00035216 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\vocon3200_platform.dll
2014-06-10 21:46 - 2013-02-01 11:16 - 00229264 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\sdxg.dll
2014-06-10 21:46 - 2013-02-01 11:15 - 00027136 _____ () C:\Program Files (x86)\Nuance\Dragon Notes\Core\WASAPIResamplingStreamCOMServer.dll
2015-04-06 18:37 - 2015-03-16 10:59 - 00023496 _____ () C:\Users\Leo\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\peter\OneDrive:ms-properties

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-514103404-2733609734-414756415-1006\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-514103404-2733609734-414756415-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Hewlett-Packard Backgrounds\backgroundDefault.jpg
DNS Servers: 192.168.178.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run: => "LogMeIn GUI"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{534EAE76-5BD5-4C7F-92A2-CF7BCD016932}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B8F5F911-67A9-499F-930D-2C04450BEE01}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1F43B38F-58AD-45A3-BB95-ACEF24BD7F10}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0EF8A23A-6CD0-47F1-811F-FCB12B5158DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2027DDBC-8D98-4416-82CA-5BA362FB91F9}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe
FirewallRules: [{AEDD7A15-184A-47B8-AE85-01C85E89A19E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
FirewallRules: [{300161F6-4599-49E6-867E-FA5F87FA4A15}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
FirewallRules: [{F73BD28F-DE8B-407A-B685-9410EF5E304A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe
FirewallRules: [{F5A63762-0D2A-40EE-8DF5-DDD7C2220ED6}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe
FirewallRules: [{3D08EED6-E6B8-4516-B6AA-DDC431911A64}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe
FirewallRules: [{F3F10151-8FA3-4127-BCDF-16E83B19A176}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{42AE9A0D-04AE-4AF6-83D5-84AEBBBC3DF2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3239697B-80F4-4047-AAA0-AF431D6F1A8D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{BB78B2B8-B7F5-49BF-99BB-AFA56D744B82}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5EEF03FE-3D0F-4C6C-A008-E1D850923B6A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{6BC94677-9600-4ECB-AC94-F1EB5E326F7D}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{80ED146F-F349-4B24-8BA7-FE231D5533E4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CB74F533-638D-49C4-81B3-73D94B16E39E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{8A0C432F-0477-4A51-8F15-8CA5A2457D18}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{C30E76F1-A545-4017-8629-FEBA58680BD1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{A8A82F7B-7232-4E8E-8A16-0FE738363E2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{B529881D-9A12-49A9-832B-F76932049145}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{95E50C90-5652-4602-B3B4-E44E2C38800D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{67BC7081-9238-4C08-9DB4-97D4CDB3B95A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{EFA5C98D-50A1-48EA-A3EE-60FB61771471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Kerbal Space Program\KSP.exe
FirewallRules: [{FFB45D2E-CA82-4940-ADF6-9A290167E293}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{65DC87C8-56B6-41F0-9F25-B1C2885C669A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{26476AE8-5B9A-47C2-BEBA-B12ED08B37ED}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{6E0137E5-4DA1-4AD9-95FE-B64C94FF40BF}] => (Allow) C:\Spiele\StarCraft II\StarCraft II.exe
FirewallRules: [{53D139FB-CBB7-4DF2-933A-8CF9F2F0102F}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{10C3AA12-62C8-411E-9D84-770DA4CE9B82}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BD59F42F-4452-4D6E-BE89-A0DFAC4BAA5B}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{AF0F5FFF-7703-4BBA-BE93-5AD784E8D25D}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{2D838EE3-8C8E-4750-8F85-1C57411D4D87}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [UDP Query User{2EB8CBBE-7691-4AA8-838B-4AF9CAFE8966}C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe] => (Allow) C:\spiele\starcraft ii\sc2-x.x.x.x-1.5.0.22342-enus-downloader.exe
FirewallRules: [{6E22E814-9FAD-4222-872D-F85DEC1CACE5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9777A85D-795E-4613-92FD-91458A068297}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{9115C681-FFBB-422D-8AFC-8020F5E4DC23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{D9F1C8C8-E9EC-4A2F-A26E-3081F55B1E5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe
FirewallRules: [{B143437E-45BC-4953-AFA2-2F9D8EA6863D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{E73E896C-BDAA-479B-B4F4-F5FEC79C8563}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Heroes & Generals\hngsteamlauncher.exe
FirewallRules: [{2F814522-A797-4090-B4F8-815A75FE6439}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{CC481BB3-3A1B-4AE4-BE30-E028FB09A3EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{AB41F4F6-C6C1-425E-8D07-8DA1A1926C2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{A1510135-637C-491A-A874-B4C30BA7E9C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Loadout\Loadout.exe
FirewallRules: [{49C50CDE-9068-43C7-9B8F-D0F614BDA5EB}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{76700D58-87E8-4E43-B368-9648DE627B9D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3507\Agent.exe
FirewallRules: [{23651672-6196-46B3-B0DA-4461B6B65B1F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{D3669514-03FE-401F-85A4-28AD41525A58}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{802C2036-075F-4EF8-A3CB-F210CCD239F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2FEB3C83-84E2-4C44-94BD-3EBBBA4A3366}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{2DB46667-8550-4783-825A-BD44B7C6717D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{B4685F03-ABF5-4743-A43A-396664AE607D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe
FirewallRules: [{411F0DEF-B8C9-430A-97E4-A03261456C5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{55354E14-020D-4709-B53B-6207752C3752}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\War Thunder\launcher.exe
FirewallRules: [{7C48D6EB-2424-432B-A4FD-F8B704EBD2DE}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{E64DE9C0-483E-4008-8D1B-159AE6F66073}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{F380107C-89F8-4F7D-B5DF-6FB6E2F67AF2}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{ADA98FF6-6983-4F58-B4CD-ED692B13CDED}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{F9EE632C-0BDB-4D1F-82EE-0DD12263FDF4}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{D7518C62-9CCC-43BB-8C03-DC8009AC0367}] => (Allow) C:\Spiele\Assassin´s Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{6177F14D-325E-4428-B288-96FFB9E705EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{C1495705-DA12-453E-865C-8E36F234E2A5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Toribash\toribash.exe
FirewallRules: [{B96B3B33-C234-413E-B10B-2698CD2F23F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{5406563B-E4E2-47F5-BAF4-B8787E44B574}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{9A8C5A42-AE0C-4996-8B0D-8187B3936A3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{28349028-CF09-4AD5-BAAF-EA459F7A8C2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\AVA\NWZLauncher.exe
FirewallRules: [{B3333E87-2FBF-420C-BFAD-0FC53EADA025}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{76DC9CF0-CD25-4F82-B0CF-D104FA72D607}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M176\bin\EWSProxy.exe
FirewallRules: [{840B0353-9EB2-444C-A67C-5D86C32D3D77}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{782E3D06-8A10-4DFA-9735-F0D8ED354141}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{76318C2B-F4C9-432D-AB62-EC0E5142013B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{04F2A747-B5E6-4D44-8F79-49A54479EA23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Final Hours of Titanfall\TheFinalHoursOfTitanfall.exe
FirewallRules: [{781D1462-76E4-4AAE-AF77-8B0C378BAA68}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{11493C8B-117C-40B5-8B29-582DE836E589}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{718043E5-F4FD-4585-B95C-215494BDA0BB}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{43DD6891-85C8-4456-B4BD-BD7E98E31D09}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A749BACB-ABC1-47A6-87CB-349878047E81}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [{83596A7B-A660-4FE0-9B48-D3B5EA138628}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Hitman Contracts\HitmanContracts.exe
FirewallRules: [TCP Query User{62B1F110-543C-461A-B205-9748228351C2}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [UDP Query User{122630AD-62E9-4F13-B88C-28D3F474E66D}C:\spiele\paintball2\paintball2.exe] => (Allow) C:\spiele\paintball2\paintball2.exe
FirewallRules: [TCP Query User{E1C170C0-D3ED-429D-A4AE-A907AE1B4108}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [UDP Query User{7120984A-0E64-430C-9D33-E3BE629729A4}C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{B466B9CB-E64F-46EE-8401-C776695B1D30}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [{7B258906-3465-4C3E-9AED-5C8A8C4AC136}] => (Block) C:\program files (x86)\steam\steamapps\common\war thunder\aces.exe
FirewallRules: [TCP Query User{8CF91F74-6DAC-42C3-8B38-78237C9C3CAA}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{69309EDB-A33C-40B2-ADEF-231A106A8EF7}C:\users\leo\appdata\local\mozilla firefox\firefox.exe] => (Allow) C:\users\leo\appdata\local\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{89BAF8BB-0CAF-4083-9313-237BCDB4FDE2}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{7B4D17E4-DB77-46C5-8C7C-6A0E0CB878D4}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{6D6AEBD2-0C3B-42A7-9B0B-F4D0686E2DDF}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{3B7A4431-4EA6-41DC-941D-EDAF205BB932}] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{5CCD112E-0826-41AC-A96F-C97BE372F16B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{795534E5-E479-497B-97E9-349C696885E6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{92B68362-3073-4FC2-8C78-D1C8A680A4B5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{5C9E5335-C5A2-44DE-9F54-0F2EBE66C014}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\HIT\Hit\Binaries\Win64\Hit.exe
FirewallRules: [{2164DE04-3D9C-4EEC-967C-524393BEE922}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{466E2B41-DCC0-4F96-9379-92A5E244425D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{01CB6B61-8B59-4C23-AEF4-50F5D0FE141A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{17283D23-0E99-46D3-BC0A-6FFA7B38B9A1}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{392D2C4C-3C12-48B8-BF5B-9D94C7C24FC4}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{67537A71-C1C9-46C4-9008-744818432D62}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{7A657FF2-F19C-446B-915C-A561E8B1F99C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/16/2015 10:58:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/16/2015 08:39:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/16/2015 08:39:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/14/2015 11:08:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Steam.exe, Version 2.75.80.38 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 318

Startzeit: 01d08e5a34d2aea4

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Steam\Steam.exe

Berichts-ID: 645f36e3-fa7d-11e4-82a8-6cc21761c6c8

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/14/2015 02:56:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "ConvertStringSidToSid(S-1-5-21-514103404-2733609734-414756415-1005.bak)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.
.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {2a68f54a-c96f-4354-8be4-5498a9591516}

Error: (05/14/2015 02:15:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/14/2015 02:15:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.


System errors:
=============
Error: (05/16/2015 10:58:25 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/15/2015 00:26:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\system32\Rtlihvs.dll

Error: (05/15/2015 00:26:12 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\system32\Rtlihvs.dll

Error: (05/15/2015 00:26:10 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\Windows\system32\Rtlihvs.dll

Error: (05/14/2015 11:55:11 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (05/14/2015 11:54:41 PM) (Source: DCOM) (EventID: 10010) (User: baerenfrosch)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (05/14/2015 11:26:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/14/2015 11:26:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/14/2015 11:26:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/14/2015 11:26:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (05/16/2015 10:58:46 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (05/16/2015 08:39:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe

Error: (05/16/2015 08:39:10 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe

Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe

Error: (05/16/2015 08:37:19 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe

Error: (05/14/2015 11:08:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Steam.exe2.75.80.3831801d08e5a34d2aea44294967295C:\Program Files (x86)\Steam\Steam.exe645f36e3-fa7d-11e4-82a8-6cc21761c6c8

Error: (05/14/2015 02:56:07 PM) (Source: VSS) (EventID: 8193) (User: )
Description: ConvertStringSidToSid(S-1-5-21-514103404-2733609734-414756415-1005.bak)0x80070539, Die Struktur der Sicherheitskennung ist unzulässig.


Vorgang:
   OnIdentify-Ereignis
   Generatordaten werden gesammelt

Kontext:
   Ausführungskontext: Shadow Copy Optimization Writer
   Generatorklassen-ID: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Generatorname: Shadow Copy Optimization Writer
   Generatorinstanz-ID: {2a68f54a-c96f-4354-8be4-5498a9591516}

Error: (05/14/2015 02:15:56 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu(1).exe

Error: (05/14/2015 02:15:55 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Leo\Downloads\esetsmartinstaller_deu.exe

Error: (05/14/2015 00:03:54 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister   26 baerenfrosch._arxcontrol._tcp.local. SRV 0 0 52255 baerenfrosch.local.


==================== Memory info =========================== 

Processor: AMD A10-5745M APU with Radeon(tm) HD Graphics 
Percentage of memory in use: 21%
Total physical RAM: 11461.2 MB
Available physical RAM: 9013.27 MB
Total Pagefile: 13189.2 MB
Available Pagefile: 10062.32 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:909.38 GB) (Free:685.41 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:21.12 GB) (Free:2.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6F653072)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
FRST:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-05-2015 02
Ran by MeinAdmin (administrator) on BAERENFROSCH on 16-05-2015 23:03:32
Running from C:\Users\Leo\Desktop
Loaded Profiles: Leo & MeinAdmin (Available profiles: Admin & Leo & MeinAdmin)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7546072 2014-03-10] (Realtek Semiconductor)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3957816 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-04-22] (Synaptics Incorporated)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [LogMeIn GUI] => C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe [57928 2014-10-31] (LogMeIn, Inc.)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-02-13] (Hewlett-Packard Company)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-04] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [313656 2013-04-18] (Hewlett-Packard Company)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3978600 2015-03-30] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-514103404-2733609734-414756415-1008\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[S3].txt [1403 2015-05-14] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT14/4
HKU\S-1-5-21-514103404-2733609734-414756415-1008\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT14/4
SearchScopes: HKLM -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1006 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-514103404-2733609734-414756415-1008 -> {9CBE1607-B466-40F4-AB15-F6965BEA20A1} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-02] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-02] (Oracle Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-03-04] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-13] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-02] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-13] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin HKU\S-1-5-21-514103404-2733609734-414756415-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Leo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)

Chrome: 
=======
CHR Profile: C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-03]
CHR Extension: (Google Drive) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-03]
CHR Extension: (YouTube) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-03]
CHR Extension: (Google Search) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-03]
CHR Extension: (Avira Browser Safety) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]
CHR Extension: (Gmail) - C:\Users\MeinAdmin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-06] (Advanced Micro Devices, Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [448384 2015-01-23] ()
R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [88064 2014-03-05] () [File not signed]
S3 celavimushost; C:\Program Files (x86)\Steam\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [124632 2015-04-14] (altPUG LLC)
R2 DACoreService; C:\Program Files (x86)\Nuance\Dragon Notes\Core\DACore.exe [411024 2013-02-01] (Nuance Communications, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-28] (WildTangent)
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2011-10-17] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-01-13] (Hewlett-Packard Company) [File not signed]
R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-04] (Hewlett-Packard Development Company, L.P.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-03-30] (LogMeIn, Inc.)
S4 LMIMaint; C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe [226152 2014-10-31] (LogMeIn, Inc.)
S4 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2014-10-31] (LogMeIn, Inc.)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-03-17] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-01] (Softex Inc.) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-04-22] (Synaptics Incorporated)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-02] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36608 2013-12-14] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-11-04] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-12-20] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-10] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2014-10-31] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-03-17] (Malwarebytes Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [291544 2014-01-04] (Realtek Semiconductor Corp.)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [558296 2014-01-06] (Realtek Semiconductor Corporation)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3379416 2014-03-22] (Realtek Semiconductor Corporation                           )
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver_AMDASF.sys [30448 2014-04-22] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2014-04-22] (Synaptics Incorporated)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Development Company, L.P.)
S3 GENERICDRV; \??\C:\Users\ADMINI~1\AppData\Local\Temp\pftDAE8.tmp\amifldrv64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 23:03 - 2015-05-16 23:03 - 00018985 _____ () C:\Users\Leo\Desktop\FRST.txt
2015-05-16 23:01 - 2015-05-16 23:01 - 00852630 _____ () C:\Users\Leo\Desktop\SecurityCheck.exe
2015-05-16 20:43 - 2015-05-16 20:43 - 00003594 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1006
2015-05-16 20:39 - 2015-05-16 20:39 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-05-16 20:36 - 2015-05-16 20:37 - 02347384 _____ (ESET) C:\Users\Leo\Downloads\esetsmartinstaller_deu(2).exe
2015-05-14 23:28 - 2015-05-14 23:28 - 00001660 _____ () C:\Users\MeinAdmin\Desktop\JRT.txt
2015-05-14 23:26 - 2015-05-14 23:26 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BAERENFROSCH-Windows-8.1-(64-bit).dat
2015-05-14 23:26 - 2015-05-14 23:26 - 00000000 ____D () C:\RegBackup
2015-05-14 23:24 - 2015-05-14 23:24 - 02721175 _____ (Thisisu) C:\Users\Leo\Desktop\JRT.exe
2015-05-14 23:12 - 2015-05-14 23:12 - 02209792 _____ () C:\Users\Leo\Desktop\AdwCleaner_4.204.exe
2015-05-14 16:26 - 2015-05-14 16:26 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Leo\Desktop\tdsskiller.exe
2015-05-14 15:25 - 2015-05-14 16:20 - 00000000 ____D () C:\Users\Leo\Desktop\mbar
2015-05-14 14:58 - 2015-05-14 14:58 - 00000380 _____ () C:\Users\Leo\Desktop\zfzf.txt
2015-05-14 14:12 - 2015-05-14 16:21 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-14 14:11 - 2015-05-14 15:21 - 00000000 ____D () C:\Users\Leo\Downloads\mbar
2015-05-14 14:09 - 2015-05-14 14:10 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Leo\Downloads\mbar-1.09.1.1004(1).exe
2015-05-14 14:08 - 2015-05-14 14:09 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Leo\Desktop\mbar-1.09.1.1004.exe
2015-05-14 00:27 - 2015-05-14 00:27 - 00000504 _____ () C:\Users\Leo\Documents\Events.txt
2015-05-14 00:25 - 2015-05-16 23:03 - 00000000 ____D () C:\Users\Leo\Desktop\FRST-OlderVersion
2015-05-06 19:22 - 2015-05-06 19:22 - 00000875 _____ () C:\Users\Leo\AppData\Local\recently-used.xbel
2015-04-28 07:43 - 2015-04-28 07:43 - 01253126 _____ () C:\Users\Leo\Downloads\Homo neandertalensis(1).odp
2015-04-28 07:43 - 2015-04-28 07:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis(1).odp#
2015-04-28 07:42 - 2015-04-28 07:42 - 00003080 _____ () C:\Windows\System32\Tasks\{09E7559C-8020-4F24-978E-3EC98CC6DAE0}
2015-04-27 15:43 - 2015-04-27 15:43 - 01203520 _____ () C:\Users\Leo\Downloads\Homo neandertalensis.odp
2015-04-27 15:43 - 2015-04-27 15:43 - 00000099 ____H () C:\Users\Leo\Downloads\.~lock.Homo neandertalensis.odp#
2015-04-26 17:04 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Packages
2015-04-26 17:03 - 2015-04-26 19:18 - 00000000 ____D () C:\Users\TEMP
2015-04-23 18:34 - 2015-04-23 18:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-05-16 23:03 - 2015-03-21 14:44 - 00000000 ____D () C:\FRST
2015-05-16 23:03 - 2015-03-21 14:42 - 02107392 _____ (Farbar) C:\Users\Leo\Desktop\FRST64.exe
2015-05-16 23:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-05-16 22:59 - 2014-10-01 20:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\ClassicShell
2015-05-16 22:45 - 2014-11-08 00:31 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-16 21:09 - 2014-10-01 19:18 - 01677404 _____ () C:\Windows\WindowsUpdate.log
2015-05-16 20:35 - 2014-10-01 20:23 - 00000000 ____D () C:\Users\Leo\Documents\Youcam
2015-05-16 20:33 - 2014-11-08 00:31 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-15 03:31 - 2014-10-02 15:43 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\TS3Client
2015-05-15 02:53 - 2014-10-01 20:14 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-05-15 00:27 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-15 00:26 - 2014-06-10 21:25 - 00065536 _____ () C:\Windows\system32\spu_storage.bin
2015-05-14 23:17 - 2014-03-18 11:44 - 00329334 _____ () C:\Windows\PFRO.log
2015-05-14 23:16 - 2015-03-21 17:50 - 00000000 ____D () C:\AdwCleaner
2015-05-14 23:16 - 2013-08-22 15:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2015-05-14 15:36 - 2015-03-29 23:08 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-14 15:31 - 2015-03-29 23:08 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-14 04:47 - 2014-11-08 00:33 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-14 02:15 - 2014-11-05 22:54 - 00328192 ___SH () C:\Users\Leo\Downloads\Thumbs.db
2015-05-14 00:29 - 2015-03-21 14:37 - 00000504 _____ () C:\Users\Leo\Desktop\Events.txt
2015-05-14 00:23 - 2014-11-01 16:04 - 00053760 ___SH () C:\Users\Leo\Desktop\Thumbs.db
2015-05-14 00:06 - 2014-11-08 00:38 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Roaming\ClassicShell
2015-05-13 15:25 - 2015-02-01 22:38 - 00000000 ____D () C:\Users\Leo\AppData\Local\Adobe
2015-05-13 15:23 - 2014-10-02 11:23 - 00000000 ____D () C:\Users\MeinAdmin\AppData\Local\Adobe
2015-05-09 03:50 - 2014-10-01 20:21 - 00000000 ____D () C:\Users\Leo
2015-05-06 19:22 - 2015-01-10 15:33 - 00000000 ____D () C:\Users\Leo\.gimp-2.8
2015-05-05 19:48 - 2015-02-07 14:58 - 00000000 ____D () C:\Users\Mama
2015-05-05 19:48 - 2014-10-01 19:36 - 00000000 ____D () C:\Users\peter
2015-05-05 15:04 - 2015-04-01 12:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-05-05 15:02 - 2015-03-01 21:05 - 00152744 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-05-05 15:02 - 2015-03-01 21:05 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-05-04 22:13 - 2014-10-02 08:30 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\vlc
2015-05-04 19:23 - 2014-11-11 18:44 - 00000000 ____D () C:\Users\Leo\AppData\Roaming\Skype
2015-04-28 07:39 - 2014-05-01 00:19 - 00800954 _____ () C:\Windows\system32\perfh007.dat
2015-04-28 07:39 - 2014-05-01 00:19 - 00174458 _____ () C:\Windows\system32\perfc007.dat
2015-04-28 07:39 - 2014-03-18 11:53 - 01921154 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-28 07:37 - 2013-08-22 16:46 - 00038026 _____ () C:\Windows\setupact.log
2015-04-27 14:47 - 2014-10-01 20:31 - 00000000 ____D () C:\Users\MeinAdmin
2015-04-27 13:45 - 2015-04-07 15:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-04-26 17:04 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-19 20:33 - 2015-01-10 16:48 - 00000000 ____D () C:\Users\Leo\Documents\MSA

==================== Files in the root of some directories =======

2014-12-18 15:05 - 2014-12-18 15:05 - 0007626 _____ () C:\Users\MeinAdmin\AppData\Local\Resmon.ResmonCfg

Some content of TEMP:
====================
C:\Users\Leo\AppData\Local\Temp\avgnt.exe
C:\Users\MeinAdmin\AppData\Local\Temp\avgnt.exe
C:\Users\MeinAdmin\AppData\Local\Temp\Quarantine.exe
C:\Users\MeinAdmin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-14 16:20

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 17.05.2015, 12:44   #9
schrauber
/// the machine
/// TB-Ausbilder
 

audiodg.exe - Virus? - Standard

audiodg.exe - Virus?



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: {65FBCC2B-DA0F-4EF7-9565-308A73C8CBEA} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1005 No Task File <==== ATTENTION

Task: {8756A64C-A489-4B77-9DA1-402404CC1DD2} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1008 No Task File <==== ATTENTION

Task: {D3045CA2-FE90-4C31-B9DB-7B062034F6B9} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-500 No Task File <==== ATTENTION

Task: {E0405F4E-B265-486A-94EE-48320F5A7984} - \Optimize Start Menu Cache Files-S-1-5-21-514103404-2733609734-414756415-1002 No Task File <==== ATTENTION
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.


Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu audiodg.exe - Virus?
admin, antivirus, avira, code, cpu, desktop, error, failed, files, free, information, interne, internet, laufen, namens, programm, system, teamspeak, transfer, update, update.exe, updaten, version, virus, virus?



Ähnliche Themen: audiodg.exe - Virus?


  1. audiodg.exe will (plötzlich) Netzverbindung - Keine Virusmeldung
    Log-Analyse und Auswertung - 14.03.2015 (7)
  2. Audiodg.exe von G Data erkannt und in Quarantäne verschoben, kein Ton mehr...
    Log-Analyse und Auswertung - 06.05.2013 (7)
  3. G Data schickt audiodg.exe in Quarantäne, Cacaoweb und ms0cfg32.exe
    Log-Analyse und Auswertung - 03.12.2012 (15)
  4. G Data schiebt Audiodg.exe in Quarantäne
    Antiviren-, Firewall- und andere Schutzprogramme - 24.10.2012 (1)
  5. Musste audiodg.exe wegen Virus entfernen, was nun?
    Plagegeister aller Art und deren Bekämpfung - 23.01.2012 (1)
  6. Virus versenden; virus angriff; virus schützen; rache;
    Log-Analyse und Auswertung - 06.12.2010 (10)
  7. AVG Anti Virus free meldet Virus PSW.Generic7.BWMP, Virus läßt sich nicht beseitigen
    Plagegeister aller Art und deren Bekämpfung - 30.10.2010 (21)
  8. audiodg.exe
    Plagegeister aller Art und deren Bekämpfung - 05.12.2009 (1)

Zum Thema audiodg.exe - Virus? - Hey und hallo ich galube ich habe mir mal wieder einen Virus zugezogen wenn ja dann einen ziemlich agressiven... glaube ich. Mir ist aufgefallen das in letzter Zeit immer wenn - audiodg.exe - Virus?...
Archiv
Du betrachtest: audiodg.exe - Virus? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.