Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: PC stürzt regemäßig ab

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 25.05.2015, 11:52   #1
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Hallo zusammen,

ich brauche Hilfe. Mein PC hängt sich seit ein paar Tagen regelmäßig nach ca. 5-15 Minuten auf. Alle Programme hören auf zu laufen, ich kann die Fenster nicht mehr schließen, die Windowstaste reagiert nicht mehr und ich kann nicht mal mehr den Task Manager öffnen. Ich kann nur noch den Cursor bewegen.

Dies passiert aber nur, wenn ich einen Browser benutze (habe Chrome und Firefox ausprobiert). Wenn ich nicht surfe, bleibt alles in Ordnung.

Kann mir jemand helfen?

Habe in letzter Zeit keine Veränderungen vorgenommen, außer alle Wiederherstellungspunkte zu löschen, da Laufwerk c: voll war.

Bin für jeden Tipp dankbar!

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 25.05.2015
Suchlauf-Zeit: 09:50:27
Logdatei: malware.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.05.25.02
Rootkit Datenbank: v2015.05.24.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Bene

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 415143
Verstrichene Zeit: 32 Min, 39 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 0
(Keine schädliche Elemente gefunden)

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 0
(Keine schädliche Elemente gefunden)

Dateien: 0
(Keine schädliche Elemente gefunden)

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
         
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:02 on 25/05/2015 

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Already disabled


-=E.O.F=-
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-05-2015 01
Ran by Bene (administrator) on BENE-PC on 25-05-2015 12:03:16
Running from C:\Users\Bene\Desktop\Neuer Ordner (2)
Loaded Profiles: Bene (Available Profiles: Bene & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Windows\SysWOW64\XSrvSetup.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(SMART Technologies) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(WDC) C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
() C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-10-21] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-09-25] (NEC Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [307200 2009-06-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\MountPoints2: {4fe03738-51fc-11e4-b408-6cf0490ead50} - F:\autorun.exe
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\MountPoints2: {86906f86-6c32-11e0-814c-6cf0490ead50} - H:\LaunchU3.exe -a
Startup: C:\Users\Bene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk [2010-08-05]
ShortcutTarget: Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
URLSearchHook: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001 - SearchHook Class - {BC86E1AB-EDA5-4059-938F-CE307B0C6F0A} - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\AddressBarSearch.dll No File
SearchScopes: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001 -> {09FC4750-61E6-4F45-9B4F-75C3678F7BB0} URL = hxxp://dict.leo.org/ende?lp=ende&lang=de&searchLoc=0&cmpType=relaxed&sectHdr=on&spellToler=on&chinese=both&pinyin=diacritic&search={searchTerms}&relink=on
SearchScopes: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001 -> {1ED84690-DA20-4bab-9546-D050FFB40251} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBD
SearchScopes: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001 -> {B831271B-F1DD-4d5c-8FAB-5788F642F73C} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=1975384696&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001 -> {E0C19C7C-D92A-403D-BE2B-E4A22BBF8E3B} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll [2013-08-22] (SMART Technologies ULC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll [2007-02-16] (IDM)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Bene\AppData\Roaming\Mozilla\Firefox\Profiles\6l2jv7sk.default-1431878520975
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [2010-04-23] (TVU networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll [2010-03-23] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetleCorePlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\plugins\npVeetle.dll [2011-07-28] (Veetle Inc)
FF Plugin-x32: @veetle.com/veetlePlayerPlugin,version=0.9.18 -> C:\Program Files (x86)\Veetle\Player\npvlc.dll [2010-09-21] (Veetle Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2058888408-2479665750-2358759828-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Bene\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Extension: Adblock Plus - C:\Users\Bene\AppData\Roaming\Mozilla\Firefox\Profiles\6l2jv7sk.default-1431878520975\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-05-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-18]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [5814392 2012-11-06] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1254400 2015-04-27] (Microsoft Corporation)
R2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [65536 2009-08-06] () []
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [539952 2013-10-18] (SMART Technologies)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) []
R2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288256 2010-09-08] (WDC) []
R2 WDFME; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] () []
R2 WDSC; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [485376 2010-09-08] () []
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-12] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [47632 2010-01-27] (CACE Technologies, Inc.)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-17] (Duplex Secure Ltd.)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 09:17 - 2015-05-25 09:19 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-05-25 09:17 - 2015-05-25 09:17 - 00003882 _____ () C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-05-25 09:15 - 2015-05-25 09:15 - 00017231 _____ () C:\Users\Bene\Desktop\Opera 12 Notes.html
2015-05-25 09:14 - 2015-05-25 09:27 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1432538089
2015-05-25 09:14 - 2015-05-25 09:14 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 29.lnk
2015-05-25 09:14 - 2015-05-25 09:14 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\Opera Software
2015-05-25 09:14 - 2015-05-25 09:14 - 00000000 ____D () C:\Users\Bene\AppData\Local\Opera Software
2015-05-24 17:40 - 2015-05-25 12:03 - 00000000 ____D () C:\Users\Bene\Desktop\Neuer Ordner (2)
2015-05-23 09:35 - 2015-05-23 09:35 - 00000995 _____ () C:\Users\Administrator\Desktop\SopCast.lnk
2015-05-20 20:07 - 2015-05-21 15:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-05-19 20:34 - 2015-05-19 20:34 - 00000000 ____D () C:\7368bc0b271974332c0a6287
2015-05-18 17:01 - 2015-05-18 17:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-17 10:14 - 2015-05-17 10:14 - 00000000 ____D () C:\Program Files (x86)\JAM Software
2015-05-17 09:44 - 2015-05-17 09:45 - 04898288 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-16 17:56 - 2015-05-16 17:56 - 00082792 _____ () C:\Users\Bene\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-16 17:54 - 2015-05-25 11:59 - 00004592 _____ () C:\Windows\setupact.log
2015-05-16 17:54 - 2015-05-16 17:54 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-12 20:33 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:33 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:32 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 20:32 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 20:32 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 20:32 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 20:32 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 20:32 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 20:32 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 20:32 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 20:32 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 20:32 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 20:32 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 20:32 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 20:32 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 20:32 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 20:32 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 20:32 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 20:32 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 20:32 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 20:32 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 20:32 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 20:32 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 20:32 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 20:32 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 20:32 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 20:32 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 20:32 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 20:32 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 20:32 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 20:32 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 20:32 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 20:32 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 20:32 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 20:32 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 20:32 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 20:32 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 20:32 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 20:32 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 20:32 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 20:32 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 20:32 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 20:32 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 20:32 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 20:32 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 20:32 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 20:32 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 20:32 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 20:32 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 20:32 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 20:32 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 20:32 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 20:32 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 20:32 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 20:32 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 20:32 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 20:32 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 20:32 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 20:32 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 20:32 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 20:32 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 20:32 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 20:32 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 20:32 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 20:32 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 20:32 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 20:32 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 20:31 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 20:31 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 20:31 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 20:31 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-12 20:31 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 20:31 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 20:31 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 20:31 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 20:31 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 20:31 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-12 20:31 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-12 20:31 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 20:31 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 20:31 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-12 20:31 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-12 20:31 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 20:31 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 20:31 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-12 20:31 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-12 20:31 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 20:31 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 20:31 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 20:31 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 20:31 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 20:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 20:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 20:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 20:30 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 20:30 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 20:30 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 20:30 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 20:30 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-12 20:30 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-12 20:30 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 20:30 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 20:30 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-12 20:30 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 20:30 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 12:03 - 2015-02-28 12:53 - 00000000 ___DC () C:\FRST
2015-05-25 11:56 - 2010-04-21 17:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-25 11:40 - 2012-07-25 17:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-25 11:15 - 2010-04-15 21:01 - 01190910 _____ () C:\Windows\WindowsUpdate.log
2015-05-25 10:22 - 2012-01-07 18:27 - 00001134 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001UA.job
2015-05-25 10:22 - 2012-01-07 18:27 - 00001112 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001Core.job
2015-05-25 09:56 - 2010-04-21 17:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 09:50 - 2015-02-28 13:32 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-25 09:35 - 2010-04-15 22:27 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\uTorrent
2015-05-25 09:28 - 2009-07-14 06:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-25 09:28 - 2009-07-14 06:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-25 09:27 - 2010-04-15 21:44 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-25 09:20 - 2012-07-25 17:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-25 09:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 09:17 - 2012-07-25 17:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-25 09:17 - 2011-05-25 07:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-25 09:16 - 2010-04-17 13:45 - 00000000 ____D () C:\Users\Bene\AppData\Local\Adobe
2015-05-24 10:25 - 2009-07-14 19:58 - 28654976 _____ () C:\Windows\system32\perfh007.dat
2015-05-24 10:25 - 2009-07-14 19:58 - 08998272 _____ () C:\Windows\system32\perfc007.dat
2015-05-24 10:25 - 2009-07-14 07:13 - 00006308 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-24 09:41 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-23 11:58 - 2011-11-12 15:33 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\vlc
2015-05-23 10:11 - 2012-04-30 10:11 - 00000000 ____D () C:\Users\Bene\Documents\Körperstolz
2015-05-23 10:08 - 2010-04-15 21:42 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2015-05-23 09:35 - 2010-05-08 11:56 - 00000000 ____D () C:\Program Files (x86)\SopCast
2015-05-22 09:11 - 2010-05-18 13:09 - 00000432 _____ () C:\Windows\BRWMARK.INI
2015-05-21 18:18 - 2012-05-03 21:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-20 08:16 - 2015-04-05 21:28 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 08:16 - 2015-04-05 21:28 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-19 19:41 - 2012-09-16 14:26 - 00000000 ____D () C:\ProgramData\LAT 2.0 Deutsch
2015-05-18 20:32 - 2010-02-25 22:41 - 00000000 ____D () C:\Users\Bene\Documents\Verschiedenes
2015-05-18 08:04 - 2015-02-28 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-18 08:04 - 2015-02-28 13:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-17 10:14 - 2013-12-19 13:49 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\JAM Software
2015-05-17 09:51 - 2010-04-21 17:31 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 09:51 - 2010-04-21 17:31 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 17:42 - 2010-04-15 22:19 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\DAEMON Tools Lite
2015-05-16 17:40 - 2014-10-19 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-16 17:40 - 2014-10-13 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Rosetta Stone
2015-05-16 17:40 - 2012-09-23 16:51 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
2015-05-16 16:15 - 2013-01-02 20:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 21:47 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-12 20:44 - 2011-01-25 21:06 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-12 20:44 - 2010-04-15 22:16 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-12 20:43 - 2011-01-25 21:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-12 20:43 - 2011-01-25 21:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-12 20:42 - 2013-07-23 09:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-12 20:36 - 2010-04-17 09:08 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 15:12 - 2012-05-20 00:46 - 00000000 ____D () C:\Users\Bene\Documents\Deutsche Kreditbank DKB

==================== Files in the root of some directories =======

2010-03-25 18:42 - 2010-03-25 18:42 - 0388096 _____ (Trend Micro Inc.) C:\Program Files (x86)\HiJackThis.exe
2011-12-17 13:34 - 2011-12-17 13:34 - 0000288 _____ () C:\Users\Bene\AppData\Roaming\.backup.dm
2013-08-10 13:14 - 2013-08-10 13:14 - 0000132 _____ () C:\Users\Bene\AppData\Roaming\Adobe BMP Format CS5 Prefs
2010-08-31 16:54 - 2010-08-31 16:54 - 0109248 _____ (Microsoft Corporation) C:\Users\Bene\AppData\Roaming\MSWINSCK.OCX
2011-09-24 22:29 - 2011-09-24 22:29 - 0001456 _____ () C:\Users\Bene\AppData\Local\Adobe Save for Web 12.0 Prefs
2011-06-28 20:27 - 2012-06-30 20:36 - 0019968 _____ () C:\Users\Bene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-03 12:13 - 2011-08-06 13:46 - 0007631 _____ () C:\Users\Bene\AppData\Local\Resmon.ResmonCfg
2010-04-17 11:47 - 2010-04-17 11:47 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-25 11:41

==================== End of log ============================
         

Alt 25.05.2015, 11:53   #2
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2015 01
Ran by at 2015-05-25 12:04:01
Running from C:\Users\Bene\Desktop\Neuer Ordner (2)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2058888408-2479665750-2358759828-500 - Administrator - Enabled) => C:\Users\Administrator
Bene (S-1-5-21-2058888408-2479665750-2358759828-1001 - Administrator - Enabled) => C:\Users\Bene
Gast (S-1-5-21-2058888408-2479665750-2358759828-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2058888408-2479665750-2358759828-1014 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
AbiWord 2.8.6 (HKLM-x32\...\AbiWord2) (Version: 2.8.6 - AbiSource Developers)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Allway Sync version 10.5.8 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
At the Cutting Edge (HKLM-x32\...\At the Cutting Edge_is1) (Version:  - )
ATI AVIVO64 Codecs (Version: 10.10.0.40918 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{857A474F-2485-BC1B-168C-BD396012C30E}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 2.01.0000 - ATI Technologies Inc.) Hidden
AVG 2012 (Version: 12.0.1913 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2178 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2180 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2193 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2195 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2197 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2221 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.2805 - AVG Technologies)
AVG 2013 (Version: 13.0.2742 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.2793 - AVG Technologies) Hidden
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Browser Configuration Utility (HKLM-x32\...\{5B363E1D-8C36-4458-BAE4-D5081999E094}) (Version: 1.1.11.0 - DeviceVM) <==== ATTENTION
calibre (HKLM-x32\...\{62B6B7C3-E75B-49E6-A351-6CDD99C39A61}) (Version: 0.9.19 - Kovid Goyal)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0202.2335.42270 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
ComunioCalci 1.5.1 (HKLM-x32\...\{FDA3AF83-4C36-4D9C-89C4-A5C71E2CF997}_is1) (Version:  - shagyou)
Convert AVI to MP4 1.3 (HKLM-x32\...\{9ECE13D2-C028-44CB-8A96-A65196E7BBE7}_is1) (Version:  - convertavitomp3.com)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Digitale Schulbücher (HKLM-x32\...\{DE24A5DA-8CE2-4BF8-AE5E-125FBC70BE9B}) (Version: 1.1.0.65 - VBM Service GmbH)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Free YouTube Download 2.9 (HKLM-x32\...\Free YouTube Download_is1) (Version:  - DVDVideoSoft Limited.)
Gigabyte Raid Cinfigurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
GooReader (HKLM-x32\...\{FF357FB1-41AA-4C8A-BAC3-0B309E9798D2}) (Version: 2.0 - GooReader)
HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Klett Software Sicher ins Abitur (HKLM-x32\...\Klett Software Sicher ins Abitur) (Version:  - )
Lehrer-Software Notting Hill Gate 3B (HKLM-x32\...\Lehrer-Software Notting Hill Gate 3B) (Version:  - )
Lyrics Plugin for Winamp (HKLM-x32\...\{75E9A522-65D2-4200-A95F-C3EF89703263}) (Version: 0.4 - Lyrics Plugin)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyScript HWR (German) (HKLM-x32\...\{415CD877-0970-4CB6-B178-1E72F7DC60E7}) (Version: 4.4.5.1 - SMART Technologies ULC)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.14.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.14.0 - NEC Electronics Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
PDFZilla V1.2.11 (HKLM-x32\...\PDFZilla_is1) (Version:  - PDFZilla, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SMART Common Files (HKLM-x32\...\{BBA07B40-F7C6-44F7-BF08-767F8835685F}) (Version: 11.4.194.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM-x32\...\{603E8F13-20D9-4367-81F2-CF6E22D05DA9}) (Version: 11.3.29.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.723.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{E57F6C8B-E159-477E-93BF-764759747BC4}) (Version: 11.3.857.0 - SMART Technologies ULC)
SMART Product Update (HKLM-x32\...\{8D4B716A-0ABE-4238-9090-D208E5F57A5E}) (Version: 5.0.108.0 - SMART Technologies ULC)
SMART Produkttreiber (HKLM-x32\...\{589B09F5-0768-4BE9-B8C0-DD253E6B3643}) (Version: 11.3.550.0 - SMART Technologies ULC)
SopCast 3.9.6 (HKLM-x32\...\SopCast) (Version: 3.9.6 - www.sopcast.com)
SoulSeek 157 NS 13e (HKLM-x32\...\Soulseek2) (Version:  - )
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: 1.4.3.21029 - Blizzard Entertainment)
Streamripper (Remove only) (HKLM-x32\...\Streamripper) (Version:  - )
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Tesseract-OCR - open source OCR engine (HKLM-x32\...\Tesseract-OCR) (Version: 3.02.02 - Tesseract-OCR community)
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
The Rosetta Stone (HKLM-x32\...\The Rosetta Stone) (Version:  - )
TreeSize Free V3.3.2 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.3.2 - JAM Software)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
TVUPlayer 2.5.3.1 (HKLM-x32\...\TVUPlayer) (Version: 2.5.3.1 - TVU networks)
vDownloader Packages (HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\vDownloader Packages) (Version:  - ) <==== ATTENTION
Veetle TV (HKLM-x32\...\Veetle TV) (Version: 0.9.18 - Veetle, Inc)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
WD SmartWare (HKLM\...\{6F482C75-174D-42EB-A2CF-B00A1F354F7B}) (Version: 1.4.1.1 - Western Digital)
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinPcap 4.1.1 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.1753 - CACE Technologies)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
WinX Free AVI to MP4 Converter 4.0.6 (HKLM-x32\...\WinX Free AVI to MP4 Converter_is1) (Version:  - Digiarty Software,Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

23-05-2015 21:39:44 Windows Update
24-05-2015 21:07:03 Wiederherstellungsvorgang


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01FB23D4-0705-4D28-BEC8-4C0FC0FDFEEB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2058888408-2479665750-2358759828-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {113A608B-2F17-4125-9B88-991F7DED31F2} - System32\Tasks\{8B1D292D-2914-4AA3-BCBC-9FE908B6FA97} => pcalua.exe -a "C:\Program Files (x86)\StreamTorrent 1.0\uninstall.exe"
Task: {13A015D2-E736-47CF-98C2-29E3B290DBA2} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {29BB99AA-BFDF-4F7F-B675-A1E89142B939} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {35BCE82B-89C7-401D-9A0D-EC36EA2155C8} - System32\Tasks\FrontLine Registry Cleaner Scheduled Scan - Bene => C:\Program Files (x86)\Frontline Registry Cleaner\REGCLEANER.exe
Task: {39AE87D7-3AE6-4311-89CA-85E8CDAF1831} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001Core => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {46ED0861-2531-458B-8BE3-F19272A99F94} - System32\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} => C:\Windows\Szucia.exe
Task: {517E3F93-F287-4CFA-B353-75843DBF4365} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {5951FCD3-A3A7-40ED-A42F-25256B80229D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {60F5DBFC-77F6-4A86-A579-86FAFF72FEB9} - System32\Tasks\Bene NBAgent 15 0 => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe
Task: {6AF0D6C0-DEDB-40C3-B2A4-790D8227F473} - System32\Tasks\{A09F4D61-F3DA-4CAE-9D42-1A230292C43C} => pcalua.exe -a C:\Users\Bene\Desktop\template_italien.exe -d C:\Users\Bene\Desktop
Task: {8BD55A68-0FF4-4417-8ACF-A0B6B81C65BA} - System32\Tasks\{B7E44C94-1876-437B-8A2E-E746911C8E79} => pcalua.exe -a D:\Downloads\irfanview_plugins_430_setup.exe -d D:\Downloads
Task: {99C9EB3C-D579-4ACA-9F3B-0AC31A7B411D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001UA => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {9A06DA48-887A-4EA4-9939-DE2421B9F645} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {A4DEBC80-80B3-4C62-8C3F-F5EDB03A4F7A} - System32\Tasks\Opera scheduled Autoupdate 1432538089 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {B2813C45-2182-438B-8847-21F07446211D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {B55F1077-438F-47DB-A40F-C21738F2869D} - System32\Tasks\{FF9EE5E2-1D95-4F78-9EC0-2DFECC036871} => pcalua.exe -a F:\setup.exe -d F:\
Task: {C0FF2D93-882C-4367-AD2D-16D741A30142} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {CD0E08A7-1647-4472-8F08-6F3D33AE7C78} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2058888408-2479665750-2358759828-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DA3545A3-021B-4E04-9C48-B38C72F60F2E} - System32\Tasks\{0A436A0A-962C-461C-8033-6CF892A2762D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {F5E9D5F9-50C0-44C5-9B12-8284F8CF8D7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001Core.job => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001UA.job => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FrontLine Registry Cleaner Scheduled Scan - Bene.job => C:\Program Files (x86)\Frontline Registry Cleaner\REGCLEANER.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2011-05-22 12:14 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2010-06-19 21:29 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2010-04-15 21:24 - 2009-08-06 07:51 - 00065536 ____R () C:\Windows\SysWOW64\XSrvSetup.exe
2009-11-24 13:36 - 2009-11-24 13:36 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-04-15 21:37 - 2010-04-15 21:37 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-09-08 11:45 - 2010-09-08 11:45 - 01034752 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
2010-09-08 11:44 - 2010-09-08 11:44 - 00485376 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files (x86)\CCleaner\lang\lang-1031.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 20:06 - 2012-05-30 20:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-03-05 11:24 - 2010-03-05 11:24 - 00886272 _____ () C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\System.Data.SQLite.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\Software\Classes\.exe:  =>  <===== ATTENTION!

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5773 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bene\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\Windows\pss\WDDMStatus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Bene^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Bene^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Bene\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: lollipop => "c:\users\bene\appdata\local\lollipop\lollipop.exe" lollipop
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: sbsdk-server => "C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
MSCONFIG\startupreg: SMART Board Service => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" -d
MSCONFIG\startupreg: SMART Board Tools => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
MSCONFIG\startupreg: SMART Floating Tools => "C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe"
MSCONFIG\startupreg: SMART Ink => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe" -a
MSCONFIG\startupreg: SMART SNMP Agent => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e
MSCONFIG\startupreg: SMART Tray Tools => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe"
MSCONFIG\startupreg: SMARTNotification => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Bene\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Bene\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: VDownloader => "C:\Program Files\VDownloader\VDownloader.exe" /silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D843B4D3-5F51-4723-A7C7-E5E2E994191E}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{01D36DD1-840C-4670-9D93-14408D1CC43C}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [{2FEFC434-44D6-48BA-B664-A4459CC4D6CC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{29A76C6C-F87D-4498-8707-C4780CF004A7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{1BE2B5C4-B2C3-4C52-A81C-A8AF13244F35}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{14EA8528-3238-4C41-8C52-2284D5F98A5D}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{2D64331F-6D0F-4841-8584-E081E9E8D5AF}] => (Block) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{63A31D00-D2F6-4B94-80DD-99B57FC208CB}] => (Block) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [TCP Query User{4922841C-3EFB-4FB8-9335-A26ED83E281A}C:\program files (x86)\soulseekns\slsk.exe] => (Allow) C:\program files (x86)\soulseekns\slsk.exe
FirewallRules: [UDP Query User{9626D592-5861-4D8B-9439-40154A53F146}C:\program files (x86)\soulseekns\slsk.exe] => (Allow) C:\program files (x86)\soulseekns\slsk.exe
FirewallRules: [{8C029300-CE15-4036-8EE6-81E0AF9975E4}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{3817DCE6-EC3D-4AA6-B717-2769E87AF47D}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{D174D1D8-D6F8-423A-AA7E-AAF6450C1204}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [UDP Query User{F5844998-EA19-41BF-A22E-DEE0D0F377F4}C:\program files (x86)\sopcast\adv\sopadver.exe] => (Allow) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [TCP Query User{95B24415-5638-4119-9245-89B1FD6642F2}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [UDP Query User{DADB59C9-D4F1-4712-81BB-1018094B74F6}C:\program files (x86)\sopcast\sopcast.exe] => (Allow) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{A3E7187E-B034-4E7E-8342-915FF2177883}] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{8489A0D4-593B-48E4-AC48-FD5C7CFC6E96}] => (Block) C:\program files (x86)\sopcast\sopcast.exe
FirewallRules: [{9C66A541-8884-45B7-9DE2-3215162B98AC}] => (Block) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [{D37085D8-0D25-4D0E-8BF6-42BE12F7CE4B}] => (Block) C:\program files (x86)\sopcast\adv\sopadver.exe
FirewallRules: [{85D39ED4-6BDF-4350-9775-BF8211C293AF}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{1F000C96-11C6-4E33-9EE0-6420EC9779D4}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [TCP Query User{A98A3B5D-1C68-4EF9-A9ED-4C0BBED70AD6}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [UDP Query User{A29DC7C5-9654-4F44-9705-6A3F2FFBAD02}C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [{EB7F6FEC-36B2-48D2-A0A4-1A659283F71C}] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [{F2D3D916-734C-43EE-BD25-4CFC26D43495}] => (Allow) C:\program files (x86)\starcraft ii\versions\base15405\sc2.exe
FirewallRules: [TCP Query User{4DF31695-C7C2-4401-B5C9-670FFC8445F1}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [UDP Query User{F37C5C6E-C590-4593-8E91-036A3EB73AF2}C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe] => (Allow) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [{19A1A3A8-6DEE-4A28-9168-9D44851FDCB0}] => (Block) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [{6C5711FC-0ECF-4B23-A7AA-AF0413BA7410}] => (Block) C:\program files (x86)\starcraft ii\support\blizzarddownloader.exe
FirewallRules: [TCP Query User{EC4725F9-CDEE-43E8-8CAB-573E08DEBE0A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9C366134-E842-4D7F-8C98-745915390798}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C27C9CD9-B086-470A-8BCA-6D4BCAAA0066}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{51E6E2A5-3E21-4F93-9828-152E2EA4F36C}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{556628F7-71F9-4339-B0C3-6D73591869B1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{3E5EDDF5-4EAA-41D6-8412-A73C48B130C2}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{6C5A3C64-1033-4362-9985-97CD370F748F}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{6B452E67-C11A-4D06-A818-C0411A01C48B}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [TCP Query User{11137FE6-063B-44C2-A3B4-BFE0FB7F4300}C:\program files (x86)\starcraft ii\starcraft ii.exe] => (Allow) C:\program files (x86)\starcraft ii\starcraft ii.exe
FirewallRules: [UDP Query User{A1DF2D92-3327-469E-BEC6-F09B8E3D12ED}C:\program files (x86)\starcraft ii\starcraft ii.exe] => (Allow) C:\program files (x86)\starcraft ii\starcraft ii.exe
FirewallRules: [TCP Query User{3929C904-04E6-481D-85C0-245FA7DDD957}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe
FirewallRules: [UDP Query User{7F9C1879-020B-4DD6-AE99-2D3CA651BE64}C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base16939\sc2.exe
FirewallRules: [{743DE810-FC17-43FF-9069-1A1E4BA33C57}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3E4CC361-3137-41AE-86CF-17677E3B8DAA}] => (Allow) LPort=2869
FirewallRules: [{A3A2434C-B3E7-4AA3-A4A7-7FE5216EAD7F}] => (Allow) LPort=1900
FirewallRules: [{3CBA40EF-BAB9-4F9A-8740-7A0A1153279C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{F85D8056-0EA6-4C5E-B4EB-9DC5E4887EBF}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{F501DBDC-1876-4447-8B1F-E9058EF39C0E}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [TCP Query User{91B23A24-FB2C-4C3D-A435-E0AE5F6458B3}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{41343117-962E-41DE-B993-08EA151B4049}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{A5084ECD-78BD-4509-80CA-53DE1D61C7E7}C:\program files (x86)\tvuplayer\tvuplayer.exe] => (Allow) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [UDP Query User{79118D6C-885B-449F-A77E-EC3679BBCF34}C:\program files (x86)\tvuplayer\tvuplayer.exe] => (Allow) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [{7B213084-906C-4050-A612-84E7140E0648}] => (Block) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [{90A5074C-DF15-444B-9868-C56B237B1A16}] => (Block) C:\program files (x86)\tvuplayer\tvuplayer.exe
FirewallRules: [TCP Query User{1FA3BEF2-3619-4728-B624-E650CBFABF54}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{6C1647F5-3662-4A5D-99D9-1D2DEFCE15A0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{33E0AEF5-A4E9-40BD-910F-56310A869485}] => (Allow) E:\AliceSetup.exe
FirewallRules: [{FBA11FAE-AF1E-4240-BB7B-1D4A6D306721}] => (Allow) E:\AliceSetup.exe
FirewallRules: [TCP Query User{9F9AD9E6-84C6-4910-885C-D3A0B1BF0F38}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{02194056-7F43-4526-BD6A-E57BE743211D}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{DBA582D7-776A-4D0F-893F-459703E13CF9}] => (Block) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{18BD4D54-1BF4-4EFF-A2CB-3998FCFE1BAB}] => (Block) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{2296147F-C3F7-447A-931B-503E0504C28B}] => (Allow) C:\Program Files (x86)\Veetle\Player\VeetleNet.exe
FirewallRules: [TCP Query User{555C3EA9-BD0D-4BC1-8F44-2FF02121472D}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe
FirewallRules: [UDP Query User{CD4287EB-0910-4F35-93BA-9876854B1DC8}C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe
FirewallRules: [{AB0639C6-D4D2-4782-A7E6-F82559AB305D}] => (Allow) C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe
FirewallRules: [{0154113F-98CA-4C3C-A952-09FA731050DD}] => (Allow) C:\program files (x86)\starcraft ii\versions\base19679\sc2.exe
FirewallRules: [TCP Query User{9DFDAA12-2210-4C48-8631-9854B17EB237}C:\users\bene\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\bene\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{D240C1C8-09A4-4435-AC89-B19C1328684F}C:\users\bene\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\bene\appdata\local\akamai\netsession_win.exe
FirewallRules: [{37A5E771-C8D2-4B40-9C9B-2C707C1E35D6}] => (Block) C:\users\bene\appdata\local\akamai\netsession_win.exe
FirewallRules: [{C6C3660E-A22A-4562-B4B6-1172A5689E8E}] => (Block) C:\users\bene\appdata\local\akamai\netsession_win.exe
FirewallRules: [{A8E28D94-D18A-4AA6-9C8A-F8D3EB30B0A0}] => (Allow) C:\Users\Bene\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [TCP Query User{1AD82EC3-FE0D-4B8E-A999-7662994A1499}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [UDP Query User{C1C4D5D5-CE9E-42EA-90A5-17F60B762A66}C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base21029\sc2.exe
FirewallRules: [{70315441-4063-45CD-9C0C-A3F187EA6185}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{55DF8F9F-2DD3-425B-8164-F35B95BEC065}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FB6492E0-AB67-48D8-8B10-1B92E881E96F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{8C64E472-A5E4-4F46-9AF2-329A91340E69}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{BF486187-EC9A-4B9D-A961-0F2410B16EB4}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{2BA211D1-6493-4872-9ED0-D0E1055EE180}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{BA1D4679-9F58-4E31-A677-CE40B6A84885}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{99BC6303-8D41-4520-B0C4-ED8606E60375}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{51003424-229C-4664-9B5A-6237322D9BD0}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{473D03B8-6E6D-46FD-970F-2A2B39AAC50D}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{41E8CB64-1CB8-4A3E-94B7-72A972EA8951}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{2D093579-5CF6-4371-8466-BEC1AAAB13DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{60B106CC-60BD-43E4-9705-6C4C308B924D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CBEB99C9-0906-40AE-AF62-370CB48C2418}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1BA72F6F-70E8-4BFB-ACDE-6B967A0E0CD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{A4221A6F-EED6-429E-B36A-7D477C017D6B}C:\users\bene\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4E83E4B9-6B0F-4B54-9F90-FB9E674A1B11}C:\users\bene\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B295299D-1FE1-4386-82DB-D00EF015177C}] => (Block) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C84B547A-8217-432E-88E6-65D255CDCB82}] => (Block) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [{18840E1A-DA1E-4FA7-B12C-716A4614C787}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{1E042D43-FA70-4029-90B2-46FE9B1F1909}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9159569B-FC06-4D88-9DC3-8D6E9532DE13}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{C4D8AC87-8A6C-459D-8415-DB23D0DFD369}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{54A947F0-795B-4234-98FE-6D196DD758DB}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{C681084F-F226-4CC7-A7A2-15BA3C189345}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{AA17F77C-C65A-46EC-8FCE-404E98B2C64C}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{831331E4-8EF3-40FC-9B2B-C07DB52AAA51}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{71969024-C6F0-4F62-8632-5941D4D651E6}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{D1DE3663-1907-4421-98F7-3FFCE678ED95}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{D74F1BA6-7A5B-42EA-9E91-579DE5F0A504}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{72AE8C43-3F63-474B-98CB-8DD5BB20D3EB}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{14822A7D-7524-4FD0-B7DA-E736757EF09A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{6362272A-DC91-47DB-98A4-220F19FE8EF1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\BackItUp.exe
FirewallRules: [{A73EA5E3-58C3-4C90-BDA9-DD2942652DAA}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\BackItUp.exe
FirewallRules: [{21FB9A72-A014-4FFD-B037-20D9B1A5909E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5C125B9C-5EEB-4E54-9FEC-E708DD126769}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{66A4650F-74CB-4EB1-B4B1-A60C18DD723D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8722310E-6001-4F48-8C74-6D22605BD8DD}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5B6D9EE0-2E47-4AD8-951F-B0FBC084998F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{162E11F7-E1A9-412B-B6FF-475F7AA75F41}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5EE5C28F-CD60-4688-9C01-962BB426A169}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{9CE6BD1F-95A1-472D-9930-ED77B8225C5E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{71C41DB2-0947-4A1A-9B66-35AF8C20154F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4A7B3664-5759-44C2-88D4-194609F64A6A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{803A2851-D1B9-4410-99E2-DC8317AAA380}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AEE15BFC-0C24-4E7D-AF6C-B92F9A878EF8}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1162FD64-0784-4C77-8223-0776089A28C4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E350985C-7F06-4905-B988-A886156F98A7}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B91D171A-B528-4510-A050-E24F3A245C4B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{25144524-EDFE-4DA1-8979-2020CF8CE843}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2DB5963A-D981-4BB3-8B97-9716B298DF70}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1B6E5399-1304-44F5-827B-57BE3B80A087}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{21AA41C3-1091-49A6-A3FE-A27ED736A76A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{93EBD48D-5862-4A6E-B080-13FD7FD8D84B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{84BEE9EC-2160-4927-BCE0-901E1D5C4475}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AC3B6AB4-5CDA-4591-B9D7-E1104C80D682}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{DF9F5BD2-C461-4C97-9757-8F4E1B5177B9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B3AFA6C0-FB2F-4559-AD13-2C63160B216E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A2C8F448-5B52-4C56-A00C-16A6ED1DF324}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3971F6FB-CE5F-40D9-9690-9AC62F49F6C9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CFB9EE1D-B9BC-4E3B-B8EB-B95AF7F4C8DB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{00965370-B8C7-432A-ACE7-39CF7D5AD4CC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ADB7FD5D-A5B0-4318-8526-FDC6497A86EF}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4CF4F8AE-E51B-41FD-A677-1AFE18573FC9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{618B9538-7D57-46C1-A755-5AB6BD7C29BF}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3D613248-91B6-4256-B0C4-9DC88A714796}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{89B3F129-D75F-4726-A6A0-BB7C9EF9A88F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{0E87771A-832E-4EA3-9159-78BCB1CCA2B6}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5A5E9EE8-2B80-4DC3-8C5A-B0329E13A1D3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{15FC5AF6-3811-42CE-9C3A-9AE3763EF22A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F21A4CC8-8BDC-438F-A242-0CD1B38B487A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E97C50CF-4580-410F-8475-CC1CF14A0A64}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{423D723C-9BAC-44DD-A28E-B4D294C471F1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D70982F5-80DA-411F-8B34-22F19EA2338A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8E7A13F3-4B02-42D0-BC96-45989F4A4F41}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{505EAC42-7424-4BF3-9112-70BCF17A94BD}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D70E861A-3872-4B23-B5BD-683A2C794685}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C36790A2-2EE2-4394-981A-4BA5A2F461EA}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8CE952FC-6E0B-471C-9467-2913669E053E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CC64DEB9-9F94-4C7A-8133-651BE39FED53}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E3CE0D92-53F2-4392-AE79-988B99C2C3E4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1F4348A6-31B5-4FD4-AC32-079A9526989C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D91A78E7-08D4-461E-B905-10501C29E3B5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{FBBD0627-5E9D-4121-A6FA-8843BB62B517}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F1FC2B33-9EDE-459F-BF4F-8D80F885426E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{6F17FAC0-4093-4835-A704-3CE2DAD24335}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A43C5DB4-42E0-41ED-BB9F-7CBF17A5B16B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{078500A1-B717-4773-B96E-3788DB42C22A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1A2654DB-1D87-4F3B-8F04-3F1C49CB4AE1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2077D459-3348-4A02-ACED-F2C936B54775}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8FDD40B6-0B28-4A18-8E18-AB8149CBF829}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ECE39D3C-4E27-49D3-9869-ADD0EB252C1C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B0CE7E59-AA63-4520-99C5-209027AC8D5F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{FFF31E17-DC3B-4A4F-B9AB-54F0EBF09EAB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4066FF01-D83F-487E-BBF2-5437925DFCA3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{61FA4CF5-FC7D-4AC1-84F8-BC87EE0319FF}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{DB15DF42-3274-44C5-BC0B-E1EA778BA307}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{335E19B5-292B-4024-8A51-6E57C56B7829}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CD52912C-ABFC-474F-92DD-0ECED37F8F4A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A8FD1575-33E1-4820-9597-DC4FE344D34E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AEDA11C0-5AB3-4B05-81E0-60844DFBBCDB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{436F3EE7-CB26-4602-B077-349A854E7156}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2619F447-B6DF-442F-9B96-1F69B3EA7F3B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3CE3A11B-3E2F-41A2-9217-BF6FC1F901C2}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{923655CB-2DFE-4A69-883E-0E5264A47C21}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3E147A1D-931F-402E-A583-8D99720AA23F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E83C0344-B78C-47B9-AFE4-8204830A78A9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ECADE6E3-0529-4DAE-B635-6FBB05D27A9C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C7EB8302-53D8-42E2-99B8-A600C1C62377}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2075A672-FDEE-4A64-8900-F808199D5F43}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B10F1986-8F4E-4ABC-8D7B-FE7C7C875536}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{7A028AE3-7A0B-4228-86B8-AD1C2D903A17}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5E4AC8F1-F145-4FDB-9267-E9AB14A45432}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4EF2F9DC-70CA-4271-99F8-E90183B16C36}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E33C8EFD-DE24-4F51-9BDF-F84EC2B13800}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{147F18DD-893E-46AE-A963-3A07BE0A5062}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CFE79706-AE93-4EC3-A104-ED9B8F440A18}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2DB846ED-7DA4-4AFF-8671-098D8352AF97}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{FA6F9E88-165F-41FD-B62A-C45014E8063F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{9A6CDEFD-D2CB-44EE-89FE-E84C8AD0F3AC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4426E50C-8DC6-4F05-ACBF-250AE2FD2D01}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4BD47A97-A350-49E9-8665-AD024FA52B0D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1B781CE9-B763-498D-93A7-D68153CB45D4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B0E1BA6E-C11B-447F-BC9A-943ACBE4371D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{82A8627C-63D5-422D-B80E-0242BE31012B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1FA50F55-1377-4146-AEDE-F844C5B76434}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AD02F91B-E284-4D93-B138-D0202E15F4CE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F128269C-A541-492D-81A5-BE0D5E1608D9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{51E45F65-4276-4630-A60E-9C3830A67793}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1E6DC3C4-74A1-4C99-8D93-DBE511F06BCE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D7901FD4-79DB-47CC-A4DD-A672EDD77C38}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ED54139C-1DD4-4BAC-845D-FF15BA178E57}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5D909E09-76D7-40E0-9681-3ED2EE4BD668}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A5C2F50C-51D4-49E5-BECD-E02E8BEDCCAA}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4AD2D853-EFC4-4DCA-A538-17289290B1D1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{963CC360-606A-4A84-9794-E9302FF33CF4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5D28F85D-2550-453C-80B2-EADBCCEE6290}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{443C10B5-C1E4-41BA-B259-C8EDB36FD088}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{7334F4C3-C112-4AE9-AF7D-80ABD06B2626}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{0F57633A-6353-4BE2-AEF0-A37D1086DDB5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E80B998E-C65D-433A-A68F-8ABD78EC1F1F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C532F21B-D608-46F9-8177-B711AE8FAE8D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8639BDBE-12BD-43FE-B585-80C0E9741BA8}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{01DE4C5F-103A-43EF-A9E0-0F5A92746773}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{7C150231-2DCC-40E5-836D-DCAFDA579E10}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CB787287-32D7-42A0-B575-C283BC606B7D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F6C14CA0-7E1C-4516-B7A9-EB42E6A1BD4E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CFE70C50-F9F3-48F7-88D3-8BEDFB73E44E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E4C9FBBA-5638-4AE6-A736-5748D8CA5DF6}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8898AED8-41D4-4351-AB17-1E302517B85D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{0E6DA300-FC29-48EF-B200-477D2D78C30E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C41C51CA-B658-488A-BF13-3668F1FAF448}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8427F0FF-9607-4DAE-B67A-762372919566}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3AAEA944-77F5-48E4-9FDA-A6B11F4674A0}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3F07A7CB-F74F-4306-B6A5-11C4E8770EF5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{09163CEE-BB05-49F5-806A-B7A67D1C7E3C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8919816D-1746-4C4F-A9D7-0466C9CD2D33}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [TCP Query User{8B36116D-B853-4FE1-80A1-F9E305395FC6}D:\downloads\ratiomaster.net.exe] => (Allow) D:\downloads\ratiomaster.net.exe
FirewallRules: [UDP Query User{5F6F94A9-06FD-4CAC-AE57-4B4B6F1362B4}D:\downloads\ratiomaster.net.exe] => (Allow) D:\downloads\ratiomaster.net.exe
FirewallRules: [TCP Query User{32171C11-C0E9-4F02-9E7A-C2FAEE77CF11}D:\downloads\mratio.exe] => (Allow) D:\downloads\mratio.exe
FirewallRules: [UDP Query User{662BB4CE-4360-4590-8748-BEA1EF2C4A8C}D:\downloads\mratio.exe] => (Allow) D:\downloads\mratio.exe
FirewallRules: [{48E0A8E8-3645-4610-B759-5EC100BA017B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62C75188-603C-49B4-8730-98A3C842D165}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe] => Designer.exe

==================== Faulty Device Manager Devices =============

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/25/2015 11:44:06 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/24/2015 09:12:34 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: Die Systemwiederherstellung wurde nicht ausgeführt, da das System neu gestartet wurde, ein Stromausfall aufgetreten ist oder das System nicht mehr reagiert. Zusätzliche Informationen: (Windows Update).

Error: (05/24/2015 09:10:00 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: Die Systemwiederherstellung wurde nicht ausgeführt, da das System neu gestartet wurde, ein Stromausfall aufgetreten ist oder das System nicht mehr reagiert. Zusätzliche Informationen: (Windows Update).

Error: (05/24/2015 08:45:20 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "I:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (05/24/2015 05:44:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/24/2015 10:25:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/24/2015 10:25:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/24/2015 10:25:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/23/2015 09:33:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm uTorrent.exe, Version 2.2.1.25302 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 5d8

Startzeit: 01d0958f0583b089

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\uTorrent\uTorrent.exe

Berichts-ID: 8c4063e9-0182-11e5-b9c4-6cf0490ead50

Error: (05/23/2015 09:31:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm uTorrent.exe, Version 2.2.1.25302 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 9b0

Startzeit: 01d0958ee0481f08

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\uTorrent\uTorrent.exe

Berichts-ID: 3f7a2084-0182-11e5-b9c4-6cf0490ead50


System errors:
=============
Error: (05/25/2015 09:20:26 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "AVG WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805315.

Error: (05/25/2015 09:19:55 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "AVGIDSAgent" ist von folgendem Dienst abhängig: AVGIDSDriver. Dieser Dienst ist eventuell nicht installiert.

Error: (05/25/2015 09:19:45 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎05.‎2015 um 09:17:21 unerwartet heruntergefahren.

Error: (05/25/2015 09:08:28 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "AVG WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805315.

Error: (05/25/2015 09:08:24 AM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "AVGIDSAgent" ist von folgendem Dienst abhängig: AVGIDSDriver. Dieser Dienst ist eventuell nicht installiert.

Error: (05/24/2015 09:12:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/24/2015 09:12:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/24/2015 09:12:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/24/2015 09:12:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068

Error: (05/24/2015 09:12:45 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1068


Microsoft Office:
=========================
Error: (05/25/2015 11:44:06 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (05/24/2015 09:12:34 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: Windows Update

Error: (05/24/2015 09:10:00 PM) (Source: System Restore) (EventID: 8209) (User: )
Description: Windows Update

Error: (05/24/2015 08:45:20 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: I:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)

Error: (05/24/2015 05:44:57 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestD:\Downloads\esetsmartinstaller_deu.exe

Error: (05/24/2015 10:25:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/24/2015 10:25:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (05/24/2015 10:25:07 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (05/23/2015 09:33:14 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: uTorrent.exe2.2.1.253025d801d0958f0583b0890C:\Program Files (x86)\uTorrent\uTorrent.exe8c4063e9-0182-11e5-b9c4-6cf0490ead50

Error: (05/23/2015 09:31:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: uTorrent.exe2.2.1.253029b001d0958ee0481f080C:\Program Files (x86)\uTorrent\uTorrent.exe3f7a2084-0182-11e5-b9c4-6cf0490ead50


CodeIntegrity Errors:
===================================
  Date: 2010-05-06 18:02:49.131
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Bene\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-06 18:02:49.124
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Bene\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-06 18:02:48.003
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-06 18:02:47.996
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 35%
Total physical RAM: 4094.49 MB
Available physical RAM: 2628.65 MB
Total Pagefile: 10092.7 MB
Available Pagefile: 8047.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:127.99 GB) (Free:2.16 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:337.77 GB) (Free:13.22 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=337.8 GB) - (Type=07 NTFS)

==================== End of log ============================
         
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-05-25 12:20:22
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-2 ST3500418AS rev.CC38 465,76GB
Running: y3pt39iz.exe; Driver: C:\Users\Bene\AppData\Local\Temp\kxldqpow.sys


---- User code sections - GMER 2.1 ----

.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                           00000000758b1401 2 bytes JMP 755eb21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                             00000000758b1419 2 bytes JMP 755eb346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                           00000000758b1431 2 bytes JMP 75668f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                           00000000758b144a 2 bytes CALL 755c489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                 * 9
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                              00000000758b14dd 2 bytes JMP 75668822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                       00000000758b14f5 2 bytes JMP 756689f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                              00000000758b150d 2 bytes JMP 75668718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                       00000000758b1525 2 bytes JMP 75668ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                             00000000758b153d 2 bytes JMP 755dfca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                  00000000758b1555 2 bytes JMP 755e68ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                           00000000758b156d 2 bytes JMP 75668fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                             00000000758b1585 2 bytes JMP 75668b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                00000000758b159d 2 bytes JMP 756686dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                             00000000758b15b5 2 bytes JMP 755dfd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                           00000000758b15cd 2 bytes JMP 755eb2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                       00000000758b16b2 2 bytes JMP 75668ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\PSIA.exe[2964] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                       00000000758b16bd 2 bytes JMP 75668671 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17      00000000758b1401 2 bytes JMP 755eb21b C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17        00000000758b1419 2 bytes JMP 755eb346 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17      00000000758b1431 2 bytes JMP 75668f29 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42      00000000758b144a 2 bytes CALL 755c489d C:\Windows\syswow64\KERNEL32.dll
.text  ...                                                                                                                                                 * 9
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17         00000000758b14dd 2 bytes JMP 75668822 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17  00000000758b14f5 2 bytes JMP 756689f8 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17         00000000758b150d 2 bytes JMP 75668718 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17  00000000758b1525 2 bytes JMP 75668ae2 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17        00000000758b153d 2 bytes JMP 755dfca8 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17             00000000758b1555 2 bytes JMP 755e68ef C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17      00000000758b156d 2 bytes JMP 75668fe3 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17        00000000758b1585 2 bytes JMP 75668b42 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17           00000000758b159d 2 bytes JMP 756686dc C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17        00000000758b15b5 2 bytes JMP 755dfd41 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17      00000000758b15cd 2 bytes JMP 755eb2dc C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20  00000000758b16b2 2 bytes JMP 75668ea4 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe[2760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31  00000000758b16bd 2 bytes JMP 75668671 C:\Windows\syswow64\KERNEL32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                            00000000758b1401 2 bytes JMP 755eb21b C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                              00000000758b1419 2 bytes JMP 755eb346 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                            00000000758b1431 2 bytes JMP 75668f29 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                            00000000758b144a 2 bytes CALL 755c489d C:\Windows\syswow64\kernel32.dll
.text  ...                                                                                                                                                 * 9
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                               00000000758b14dd 2 bytes JMP 75668822 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                        00000000758b14f5 2 bytes JMP 756689f8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                               00000000758b150d 2 bytes JMP 75668718 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                        00000000758b1525 2 bytes JMP 75668ae2 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                              00000000758b153d 2 bytes JMP 755dfca8 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                   00000000758b1555 2 bytes JMP 755e68ef C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                            00000000758b156d 2 bytes JMP 75668fe3 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                              00000000758b1585 2 bytes JMP 75668b42 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                 00000000758b159d 2 bytes JMP 756686dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                              00000000758b15b5 2 bytes JMP 755dfd41 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                            00000000758b15cd 2 bytes JMP 755eb2dc C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                        00000000758b16b2 2 bytes JMP 75668ea4 C:\Windows\syswow64\kernel32.dll
.text  C:\Program Files (x86)\Secunia\PSI\sua.exe[3896] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                        00000000758b16bd 2 bytes JMP 75668671 C:\Windows\syswow64\kernel32.dll

---- Registry - GMER 2.1 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC                                                                    
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                                 C:\Program Files (x86)\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                 0xD4 0xC3 0x97 0x02 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                 0
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                              0xBC 0xE6 0xAD 0x15 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001                                                           
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                        0x20 0x01 0x00 0x00 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                     0x99 0x35 0x93 0xC1 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0                                                      
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                                0xBD 0x4B 0xD6 0x37 ...
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1                                                      
Reg    HKLM\SYSTEM\CurrentControlSet\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                                                0xF8 0x35 0x81 0x34 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)                                                
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0                                                                     C:\Program Files (x86)\DAEMON Tools Lite\
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0                                                                     0xD4 0xC3 0x97 0x02 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0                                                                     0
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12                                                                  0xBC 0xE6 0xAD 0x15 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)                                       
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0                                                            0x20 0x01 0x00 0x00 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12                                                         0x99 0x35 0x93 0xC1 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)                                  
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12                                                    0xBD 0x4B 0xD6 0x37 ...
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1 (not active ControlSet)                                  
Reg    HKLM\SYSTEM\ControlSet002\services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1@hdf12                                                    0xF8 0x35 0x81 0x34 ...

---- EOF - GMER 2.1 ----
         
__________________


Alt 26.05.2015, 11:56   #3
schrauber
/// the machine
/// TB-Ausbilder
 

PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



hi,

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    Browser Configuration Utility

    vDownloader Packages

  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 27.05.2015, 18:31   #4
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Vielen, vielen Dank für die Hilfe. Ich habe was gefunden. Freue mich auf weitere Anweisungen:

Code:
ATTFilter
19:12:07.0969 0x0d70  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:12:16.0799 0x0d70  ============================================================
19:12:16.0799 0x0d70  Current date / time: 2015/05/27 19:12:16.0799
19:12:16.0799 0x0d70  SystemInfo:
19:12:16.0799 0x0d70  
19:12:16.0799 0x0d70  OS Version: 6.1.7601 ServicePack: 1.0
19:12:16.0799 0x0d70  Product type: Workstation
19:12:16.0799 0x0d70  ComputerName: BENE-PC
19:12:16.0799 0x0d70  UserName: Bene
19:12:16.0799 0x0d70  Windows directory: C:\Windows
19:12:16.0799 0x0d70  System windows directory: C:\Windows
19:12:16.0799 0x0d70  Running under WOW64
19:12:16.0799 0x0d70  Processor architecture: Intel x64
19:12:16.0799 0x0d70  Number of processors: 4
19:12:16.0799 0x0d70  Page size: 0x1000
19:12:16.0799 0x0d70  Boot type: Normal boot
19:12:16.0799 0x0d70  ============================================================
19:12:18.0952 0x0d70  KLMD registered as C:\Windows\system32\drivers\50995943.sys
19:12:19.0420 0x0d70  System UUID: {A71AE4F3-3B6F-9E23-5156-864346EA4010}
19:12:20.0122 0x0d70  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
19:12:20.0122 0x0d70  ============================================================
19:12:20.0122 0x0d70  \Device\Harddisk0\DR0:
19:12:20.0122 0x0d70  MBR partitions:
19:12:20.0122 0x0d70  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0xFFF9D41
19:12:20.0122 0x0d70  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFFF9D80, BlocksNum 0x2A38AB10
19:12:20.0122 0x0d70  ============================================================
19:12:20.0137 0x0d70  C: <-> \Device\Harddisk0\DR0\Partition1
19:12:20.0200 0x0d70  D: <-> \Device\Harddisk0\DR0\Partition2
19:12:20.0200 0x0d70  ============================================================
19:12:20.0200 0x0d70  Initialize success
19:12:20.0200 0x0d70  ============================================================
19:13:51.0421 0x0d78  ============================================================
19:13:51.0421 0x0d78  Scan started
19:13:51.0421 0x0d78  Mode: Manual; SigCheck; TDLFS; 
19:13:51.0421 0x0d78  ============================================================
19:13:51.0421 0x0d78  KSN ping started
19:14:02.0742 0x0d78  KSN ping finished: true
19:14:05.0930 0x0d78  ================ Scan system memory ========================
19:14:05.0930 0x0d78  System memory - ok
19:14:05.0930 0x0d78  ================ Scan services =============================
19:14:06.0417 0x0d78  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:14:06.0657 0x0d78  1394ohci - ok
19:14:06.0717 0x0d78  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:14:06.0742 0x0d78  ACPI - ok
19:14:06.0787 0x0d78  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:14:06.0932 0x0d78  AcpiPmi - ok
19:14:06.0984 0x0d78  [ 2F0683FD2DF1D92E891CACA14B45A8C1, B4A8D6A183FA0B7D642FAD6B51C19FEC998481E1C49480D2B391E5D8B55F5BBD ] adfs            C:\Windows\system32\drivers\adfs.sys
19:14:07.0028 0x0d78  adfs - ok
19:14:07.0242 0x0d78  [ FC5B75CA6A1DA31EDD4F8D53F5540B98, CDC445F2790ADFC4C5568C40D4DA8BB95CD71991665B38AEC3D84571C99C3520 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:14:07.0269 0x0d78  AdobeARMservice - ok
19:14:07.0736 0x0d78  [ 7CACE2FDB10EADF21EDFBA7BF7238076, AB4A9CAF8866DBE24520272613F7727360FC7CBE27A43C4E50185B5C18E2E333 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:14:07.0758 0x0d78  AdobeFlashPlayerUpdateSvc - ok
19:14:07.0834 0x0d78  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
19:14:07.0864 0x0d78  adp94xx - ok
19:14:07.0955 0x0d78  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
19:14:08.0024 0x0d78  adpahci - ok
19:14:08.0067 0x0d78  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
19:14:08.0111 0x0d78  adpu320 - ok
19:14:08.0187 0x0d78  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:14:08.0287 0x0d78  AeLookupSvc - ok
19:14:08.0389 0x0d78  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
19:14:08.0501 0x0d78  AFD - ok
19:14:08.0537 0x0d78  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
19:14:08.0582 0x0d78  agp440 - ok
19:14:08.0628 0x0d78  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
19:14:08.0835 0x0d78  ALG - ok
19:14:08.0883 0x0d78  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:14:08.0906 0x0d78  aliide - ok
19:14:08.0970 0x0d78  [ 0D3E12216D6F956F05B0B555D53D7ABB, B640E50E96E709B2413A71A72ECAF7A7420F27FF1264E335187342D75EDF3700 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:14:09.0333 0x0d78  AMD External Events Utility - ok
19:14:09.0392 0x0d78  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:14:09.0426 0x0d78  amdide - ok
19:14:09.0480 0x0d78  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
19:14:09.0541 0x0d78  AmdK8 - ok
19:14:09.0565 0x0d78  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:14:09.0587 0x0d78  AmdPPM - ok
19:14:09.0625 0x0d78  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:14:09.0667 0x0d78  amdsata - ok
19:14:09.0724 0x0d78  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
19:14:09.0765 0x0d78  amdsbs - ok
19:14:09.0782 0x0d78  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:14:09.0802 0x0d78  amdxata - ok
19:14:09.0832 0x0d78  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
19:14:09.0923 0x0d78  AppID - ok
19:14:09.0968 0x0d78  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:14:10.0026 0x0d78  AppIDSvc - ok
19:14:10.0068 0x0d78  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
19:14:10.0158 0x0d78  Appinfo - ok
19:14:10.0245 0x0d78  [ F401929EE0CC92BFE7F15161CA535383, 61E1C0630B8BBC65C51121D5DC7F095C59B475F39BB7B0DC68133EF7D9D0A29D ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:14:10.0257 0x0d78  Apple Mobile Device - ok
19:14:10.0312 0x0d78  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:14:10.0384 0x0d78  AppMgmt - ok
19:14:10.0431 0x0d78  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
19:14:10.0455 0x0d78  arc - ok
19:14:10.0477 0x0d78  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
19:14:10.0502 0x0d78  arcsas - ok
19:14:10.0713 0x0d78  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
19:14:10.0753 0x0d78  aspnet_state - ok
19:14:10.0783 0x0d78  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:14:11.0330 0x0d78  AsyncMac - ok
19:14:11.0374 0x0d78  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
19:14:11.0405 0x0d78  atapi - ok
19:14:11.0478 0x0d78  [ 506934DF94E3197F4A1BBE8FBEAB0CCD, 678E16DED6767565DFA03397AA49061029351863904712DAED1862F4A606B41B ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
19:14:11.0511 0x0d78  AtiHdmiService - ok
19:14:12.0007 0x0d78  [ 79CEB8D4F25CABE69F3762C90F5B06B8, 6E34F1F44A851097EA292FA864AB275226850F92B9C259DC5B89E089223CC15B ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:14:12.0318 0x0d78  atikmdag - ok
19:14:12.0418 0x0d78  [ FC0E8778C000291CAF60EB88C011E931, 09BCCA3DE01021AEF76DFB46F01D21BA6FF409E816FA7547E5C3DFBF3A615ED2 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
19:14:12.0468 0x0d78  atksgt - ok
19:14:12.0698 0x0d78  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:14:12.0755 0x0d78  AudioEndpointBuilder - ok
19:14:12.0902 0x0d78  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
19:14:12.0934 0x0d78  AudioSrv - ok
19:14:13.0745 0x0d78  [ 56C73C5BC1656656CAC38A23B4310466, 70A9F39D49DE477EE035BDB8BB3555F418019F84DFEEE4F15EB87140F6E01731 ] AVGIDSAgent     C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
19:14:13.0958 0x0d78  AVGIDSAgent - ok
19:14:14.0141 0x0d78  [ 6B72E1E329C4E98C6B6FDD2D265E3BA3, CE726A3D0BE6B287AB32488D377EB10D5C3EB612263D577BD695A9AA5C45E594 ] avgwd           C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
19:14:14.0197 0x0d78  avgwd - ok
19:14:14.0250 0x0d78  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:14:14.0631 0x0d78  AxInstSV - ok
19:14:14.0751 0x0d78  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
19:14:14.0857 0x0d78  b06bdrv - ok
19:14:14.0922 0x0d78  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
19:14:15.0057 0x0d78  b57nd60a - ok
19:14:15.0093 0x0d78  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:14:15.0133 0x0d78  BDESVC - ok
19:14:15.0156 0x0d78  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:14:15.0257 0x0d78  Beep - ok
19:14:15.0373 0x0d78  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
19:14:15.0441 0x0d78  BFE - ok
19:14:15.0516 0x0d78  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
19:14:16.0237 0x0d78  BITS - ok
19:14:16.0286 0x0d78  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:14:16.0348 0x0d78  blbdrive - ok
19:14:16.0375 0x0d78  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:14:16.0458 0x0d78  bowser - ok
19:14:16.0502 0x0d78  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
19:14:16.0567 0x0d78  BrFiltLo - ok
19:14:16.0587 0x0d78  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
19:14:16.0640 0x0d78  BrFiltUp - ok
19:14:16.0719 0x0d78  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
19:14:16.0772 0x0d78  Browser - ok
19:14:17.0035 0x0d78  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
19:14:17.0114 0x0d78  Brserid - ok
19:14:17.0174 0x0d78  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:14:17.0248 0x0d78  BrSerWdm - ok
19:14:17.0270 0x0d78  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:14:17.0316 0x0d78  BrUsbMdm - ok
19:14:17.0354 0x0d78  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
19:14:17.0403 0x0d78  BrUsbSer - ok
19:14:17.0425 0x0d78  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
19:14:17.0487 0x0d78  BTHMODEM - ok
19:14:17.0539 0x0d78  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
19:14:17.0631 0x0d78  bthserv - ok
19:14:17.0656 0x0d78  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:14:17.0714 0x0d78  cdfs - ok
19:14:17.0783 0x0d78  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:14:17.0841 0x0d78  cdrom - ok
19:14:17.0891 0x0d78  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
19:14:17.0932 0x0d78  CertPropSvc - ok
19:14:17.0960 0x0d78  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
19:14:17.0990 0x0d78  circlass - ok
19:14:18.0034 0x0d78  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
19:14:18.0051 0x0d78  CLFS - ok
19:14:18.0099 0x0d78  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:14:18.0110 0x0d78  clr_optimization_v2.0.50727_32 - ok
19:14:18.0186 0x0d78  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:14:18.0219 0x0d78  clr_optimization_v2.0.50727_64 - ok
19:14:18.0320 0x0d78  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:14:18.0347 0x0d78  clr_optimization_v4.0.30319_32 - ok
19:14:18.0366 0x0d78  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:14:18.0398 0x0d78  clr_optimization_v4.0.30319_64 - ok
19:14:18.0435 0x0d78  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:14:18.0477 0x0d78  CmBatt - ok
19:14:18.0489 0x0d78  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:14:18.0507 0x0d78  cmdide - ok
19:14:18.0602 0x0d78  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
19:14:18.0698 0x0d78  CNG - ok
19:14:18.0734 0x0d78  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:14:18.0753 0x0d78  Compbatt - ok
19:14:18.0784 0x0d78  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
19:14:18.0820 0x0d78  CompositeBus - ok
19:14:18.0824 0x0d78  COMSysApp - ok
19:14:18.0843 0x0d78  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
19:14:18.0866 0x0d78  crcdisk - ok
19:14:18.0928 0x0d78  [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:14:19.0040 0x0d78  CryptSvc - ok
19:14:19.0117 0x0d78  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
19:14:19.0203 0x0d78  CSC - ok
19:14:19.0259 0x0d78  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
19:14:19.0391 0x0d78  CscService - ok
19:14:19.0535 0x0d78  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:14:19.0687 0x0d78  DcomLaunch - ok
19:14:19.0764 0x0d78  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:14:20.0029 0x0d78  defragsvc - ok
19:14:20.0094 0x0d78  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:14:20.0212 0x0d78  DfsC - ok
19:14:20.0289 0x0d78  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:14:20.0394 0x0d78  Dhcp - ok
19:14:20.0785 0x0d78  [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack       C:\Windows\system32\diagtrack.dll
19:14:20.0931 0x0d78  DiagTrack - ok
19:14:20.0986 0x0d78  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
19:14:21.0105 0x0d78  discache - ok
19:14:21.0128 0x0d78  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
19:14:21.0187 0x0d78  Disk - ok
19:14:21.0257 0x0d78  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:14:21.0347 0x0d78  Dnscache - ok
19:14:21.0439 0x0d78  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:14:21.0505 0x0d78  dot3svc - ok
19:14:21.0595 0x0d78  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
19:14:21.0644 0x0d78  DPS - ok
19:14:21.0717 0x0d78  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:14:21.0785 0x0d78  drmkaud - ok
19:14:21.0905 0x0d78  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
19:14:21.0942 0x0d78  dtsoftbus01 - ok
19:14:22.0098 0x0d78  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:14:22.0157 0x0d78  DXGKrnl - ok
19:14:22.0192 0x0d78  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
19:14:22.0313 0x0d78  EapHost - ok
19:14:22.0674 0x0d78  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
19:14:22.0802 0x0d78  ebdrv - ok
19:14:22.0857 0x0d78  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS             C:\Windows\System32\lsass.exe
19:14:22.0935 0x0d78  EFS - ok
19:14:23.0165 0x0d78  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:14:23.0350 0x0d78  ehRecvr - ok
19:14:23.0430 0x0d78  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
19:14:23.0489 0x0d78  ehSched - ok
19:14:23.0559 0x0d78  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
19:14:23.0587 0x0d78  elxstor - ok
19:14:23.0664 0x0d78  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:14:23.0725 0x0d78  ErrDev - ok
19:14:23.0925 0x0d78  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
19:14:24.0070 0x0d78  EventSystem - ok
19:14:24.0110 0x0d78  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
19:14:24.0158 0x0d78  exfat - ok
19:14:24.0199 0x0d78  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:14:24.0269 0x0d78  fastfat - ok
19:14:24.0434 0x0d78  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
19:14:24.0575 0x0d78  Fax - ok
19:14:24.0596 0x0d78  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
19:14:24.0630 0x0d78  fdc - ok
19:14:24.0673 0x0d78  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
19:14:24.0768 0x0d78  fdPHost - ok
19:14:24.0778 0x0d78  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
19:14:24.0832 0x0d78  FDResPub - ok
19:14:24.0888 0x0d78  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:14:24.0928 0x0d78  FileInfo - ok
19:14:24.0957 0x0d78  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:14:25.0013 0x0d78  Filetrace - ok
19:14:25.0276 0x0d78  [ DFADECE1B66095F3F247ACC0EBDC5F8D, 65D8CCCE382554A4DD197AFC323D591B3D0B1C4BF13134ED6A09C9CB843E061F ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:14:26.0222 0x0d78  FLEXnet Licensing Service - ok
19:14:26.0267 0x0d78  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
19:14:26.0307 0x0d78  flpydisk - ok
19:14:26.0403 0x0d78  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:14:26.0425 0x0d78  FltMgr - ok
19:14:26.0601 0x0d78  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
19:14:26.0726 0x0d78  FontCache - ok
19:14:26.0806 0x0d78  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:14:26.0847 0x0d78  FontCache3.0.0.0 - ok
19:14:26.0903 0x0d78  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:14:26.0944 0x0d78  FsDepends - ok
19:14:26.0985 0x0d78  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:14:27.0023 0x0d78  Fs_Rec - ok
19:14:27.0103 0x0d78  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:14:27.0134 0x0d78  fvevol - ok
19:14:27.0242 0x0d78  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
19:14:27.0276 0x0d78  gagp30kx - ok
19:14:27.0303 0x0d78  [ 7907E14F9BCF3A4689C9A74A1A873CB6, 17927B93B2D6AB4271C158F039CAE2D60591D6A14458F5A5690AEC86F5D54229 ] gdrv            C:\Windows\gdrv.sys
19:14:27.0447 0x0d78  gdrv - ok
19:14:27.0615 0x0d78  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:14:27.0682 0x0d78  gpsvc - ok
19:14:27.0794 0x0d78  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:14:27.0820 0x0d78  gupdate - ok
19:14:27.0873 0x0d78  [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:14:27.0882 0x0d78  gupdatem - ok
19:14:28.0048 0x0d78  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
19:14:28.0063 0x0d78  gusvc - ok
19:14:28.0102 0x0d78  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:14:28.0177 0x0d78  hcw85cir - ok
19:14:28.0295 0x0d78  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:14:28.0321 0x0d78  HdAudAddService - ok
19:14:28.0347 0x0d78  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
19:14:28.0438 0x0d78  HDAudBus - ok
19:14:28.0495 0x0d78  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
19:14:28.0554 0x0d78  HidBatt - ok
19:14:28.0576 0x0d78  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
19:14:28.0597 0x0d78  HidBth - ok
19:14:28.0612 0x0d78  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
19:14:28.0645 0x0d78  HidIr - ok
19:14:28.0700 0x0d78  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
19:14:28.0766 0x0d78  hidserv - ok
19:14:28.0798 0x0d78  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:14:28.0842 0x0d78  HidUsb - ok
19:14:28.0896 0x0d78  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:14:28.0973 0x0d78  hkmsvc - ok
19:14:29.0054 0x0d78  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:14:29.0136 0x0d78  HomeGroupListener - ok
19:14:29.0178 0x0d78  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:14:29.0272 0x0d78  HomeGroupProvider - ok
19:14:29.0325 0x0d78  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:14:29.0351 0x0d78  HpSAMD - ok
19:14:29.0473 0x0d78  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:14:29.0584 0x0d78  HTTP - ok
19:14:29.0622 0x0d78  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:14:29.0635 0x0d78  hwpolicy - ok
19:14:29.0666 0x0d78  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
19:14:29.0709 0x0d78  i8042prt - ok
19:14:29.0852 0x0d78  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:14:29.0898 0x0d78  iaStorV - ok
19:14:30.0046 0x0d78  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:14:30.0103 0x0d78  idsvc - ok
19:14:30.0206 0x0d78  IEEtwCollectorService - ok
19:14:30.0263 0x0d78  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
19:14:30.0302 0x0d78  iirsp - ok
19:14:30.0498 0x0d78  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
19:14:30.0574 0x0d78  IKEEXT - ok
19:14:30.0908 0x0d78  [ 59B0BBA422F04467E8C89B7CE6AE95E1, 6C5252A11FDF0B880570A780B7011160893D5D4279A15F3820F7D806B3E089A7 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:14:31.0014 0x0d78  IntcAzAudAddService - ok
19:14:31.0062 0x0d78  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:14:31.0103 0x0d78  intelide - ok
19:14:31.0151 0x0d78  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
19:14:31.0215 0x0d78  intelppm - ok
19:14:31.0253 0x0d78  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:14:31.0406 0x0d78  IPBusEnum - ok
19:14:31.0445 0x0d78  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:14:31.0484 0x0d78  IpFilterDriver - ok
19:14:31.0625 0x0d78  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:14:31.0749 0x0d78  iphlpsvc - ok
19:14:31.0828 0x0d78  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:14:31.0865 0x0d78  IPMIDRV - ok
19:14:31.0916 0x0d78  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:14:31.0975 0x0d78  IPNAT - ok
19:14:31.0992 0x0d78  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:14:32.0052 0x0d78  IRENUM - ok
19:14:32.0090 0x0d78  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:14:32.0103 0x0d78  isapnp - ok
19:14:32.0192 0x0d78  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:14:32.0214 0x0d78  iScsiPrt - ok
19:14:32.0459 0x0d78  [ B4CDA1B4263B53D249AC27A4892DA634, D50CCB5E9C38031B30D0E9734287A3BC128BF422A1C4EAC76485BEFE567E604C ] JMB36X          C:\Windows\SysWOW64\XSrvSetup.exe
19:14:32.0520 0x0d78  JMB36X - detected UnsignedFile.Multi.Generic ( 1 )
19:14:32.0954 0x0d78  Detect skipped due to KSN trusted
19:14:32.0954 0x0d78  JMB36X - ok
19:14:33.0001 0x0d78  [ 6EBE4832B1A7C063FDF87035AFC1E3DC, 8BF8C0C2253832EBB183CF24052769E7984EC4DEBE595471749ECCEB52B29EEC ] JRAID           C:\Windows\system32\DRIVERS\jraid.sys
19:14:33.0017 0x0d78  JRAID - ok
19:14:33.0032 0x0d78  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:14:33.0063 0x0d78  kbdclass - ok
19:14:33.0110 0x0d78  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
19:14:33.0141 0x0d78  kbdhid - ok
19:14:33.0157 0x0d78  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso          C:\Windows\system32\lsass.exe
19:14:33.0173 0x0d78  KeyIso - ok
19:14:33.0235 0x0d78  [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:14:33.0297 0x0d78  KSecDD - ok
19:14:33.0344 0x0d78  [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:14:33.0391 0x0d78  KSecPkg - ok
19:14:33.0453 0x0d78  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
19:14:33.0500 0x0d78  ksthunk - ok
19:14:33.0594 0x0d78  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:14:33.0687 0x0d78  KtmRm - ok
19:14:33.0765 0x0d78  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
19:14:33.0859 0x0d78  LanmanServer - ok
19:14:33.0921 0x0d78  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:14:33.0999 0x0d78  LanmanWorkstation - ok
19:14:34.0062 0x0d78  [ 156AB2E56DC3CA0B582E3362E07CDED7, 7B03929273861690DC42E4C686E655BE5A1C60136AE5E739D7E62306AFD4AB9A ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
19:14:34.0093 0x0d78  lirsgt - ok
19:14:34.0109 0x0d78  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:14:34.0155 0x0d78  lltdio - ok
19:14:34.0233 0x0d78  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:14:34.0280 0x0d78  lltdsvc - ok
19:14:34.0311 0x0d78  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:14:34.0405 0x0d78  lmhosts - ok
19:14:34.0436 0x0d78  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
19:14:34.0483 0x0d78  LSI_FC - ok
19:14:34.0514 0x0d78  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
19:14:34.0530 0x0d78  LSI_SAS - ok
19:14:34.0561 0x0d78  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
19:14:34.0577 0x0d78  LSI_SAS2 - ok
19:14:34.0608 0x0d78  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
19:14:34.0623 0x0d78  LSI_SCSI - ok
19:14:34.0655 0x0d78  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
19:14:34.0701 0x0d78  luafv - ok
19:14:34.0842 0x0d78  [ 1E9E32AEC3E1EB1B31B8169F33168B56, 39114585E1FDBBA31E1F781C6A627281907183F94626EB347B08D1F78992ED2A ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
19:14:34.0857 0x0d78  MBAMProtector - ok
19:14:35.0029 0x0d78  [ 2B983F067AEE3F9EB4DF5E97F45D21D1, 0B9ED0E91FF01A5445927650113E320C3C0EA16F1401AA55A509DDBF704DF22F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
19:14:35.0154 0x0d78  MBAMService - ok
19:14:35.0201 0x0d78  [ F49FB3C88E263AE9A246593B0BB29294, FB53D6FA4A98B98334DCFF81E40712265256D31A9E9FF36022887BABD50F39EB ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
19:14:35.0232 0x0d78  MBAMWebAccessControl - ok
19:14:35.0263 0x0d78  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:14:35.0310 0x0d78  Mcx2Svc - ok
19:14:35.0357 0x0d78  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
19:14:35.0388 0x0d78  megasas - ok
19:14:35.0450 0x0d78  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
19:14:35.0497 0x0d78  MegaSR - ok
19:14:35.0544 0x0d78  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
19:14:35.0606 0x0d78  MMCSS - ok
19:14:35.0637 0x0d78  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
19:14:35.0669 0x0d78  Modem - ok
19:14:35.0700 0x0d78  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:14:35.0700 0x0d78  monitor - ok
19:14:35.0747 0x0d78  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:14:35.0762 0x0d78  mouclass - ok
19:14:35.0778 0x0d78  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:14:35.0793 0x0d78  mouhid - ok
19:14:35.0840 0x0d78  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:14:35.0856 0x0d78  mountmgr - ok
19:14:36.0059 0x0d78  [ DD370A8148862150BA81A3F5C56A1E40, F56B84297BDC32266CB69D10FB2D66B8B332D60CAB7E64E4E3AC2BB749BBD31B ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:14:36.0059 0x0d78  MozillaMaintenance - ok
19:14:36.0168 0x0d78  [ 73150F67D20270FF95A021A22E64F28A, A8878DEFBE437FB453F8E9243FB5C787D07AC7415A4475388D479C10417C524F ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
19:14:36.0199 0x0d78  MpFilter - ok
19:14:36.0261 0x0d78  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:14:36.0277 0x0d78  mpio - ok
19:14:36.0324 0x0d78  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:14:36.0355 0x0d78  mpsdrv - ok
19:14:36.0495 0x0d78  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:14:36.0589 0x0d78  MpsSvc - ok
19:14:36.0636 0x0d78  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:14:36.0729 0x0d78  MRxDAV - ok
19:14:36.0792 0x0d78  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:14:36.0963 0x0d78  mrxsmb - ok
19:14:37.0104 0x0d78  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:14:37.0166 0x0d78  mrxsmb10 - ok
19:14:37.0229 0x0d78  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:14:37.0275 0x0d78  mrxsmb20 - ok
19:14:37.0307 0x0d78  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
19:14:37.0322 0x0d78  msahci - ok
19:14:37.0385 0x0d78  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:14:37.0416 0x0d78  msdsm - ok
19:14:37.0447 0x0d78  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
19:14:37.0494 0x0d78  MSDTC - ok
19:14:37.0572 0x0d78  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:14:37.0650 0x0d78  Msfs - ok
19:14:37.0681 0x0d78  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:14:37.0728 0x0d78  mshidkmdf - ok
19:14:37.0775 0x0d78  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:14:37.0790 0x0d78  msisadrv - ok
19:14:37.0884 0x0d78  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:14:37.0977 0x0d78  MSiSCSI - ok
19:14:37.0977 0x0d78  msiserver - ok
19:14:38.0024 0x0d78  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:14:38.0071 0x0d78  MSKSSRV - ok
19:14:38.0258 0x0d78  [ CE996C1821021ADF8E28E80A54E846A8, 99042E895B6C2EA80F3BA65563A12C8EBA882E3AD6A21DD8E799B0112C75DDD2 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
19:14:38.0305 0x0d78  MsMpSvc - ok
19:14:38.0336 0x0d78  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:14:38.0414 0x0d78  MSPCLOCK - ok
19:14:38.0430 0x0d78  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:14:38.0477 0x0d78  MSPQM - ok
19:14:38.0555 0x0d78  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:14:38.0586 0x0d78  MsRPC - ok
19:14:38.0617 0x0d78  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
19:14:38.0648 0x0d78  mssmbios - ok
19:14:38.0679 0x0d78  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:14:38.0757 0x0d78  MSTEE - ok
19:14:38.0773 0x0d78  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
19:14:38.0804 0x0d78  MTConfig - ok
19:14:38.0804 0x0d78  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
19:14:38.0835 0x0d78  Mup - ok
19:14:38.0929 0x0d78  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
19:14:38.0991 0x0d78  napagent - ok
19:14:39.0101 0x0d78  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:14:39.0163 0x0d78  NativeWifiP - ok
19:14:39.0319 0x0d78  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:14:39.0366 0x0d78  NDIS - ok
19:14:39.0397 0x0d78  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:14:39.0428 0x0d78  NdisCap - ok
19:14:39.0459 0x0d78  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:14:39.0522 0x0d78  NdisTapi - ok
19:14:39.0600 0x0d78  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:14:39.0662 0x0d78  Ndisuio - ok
19:14:39.0709 0x0d78  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:14:39.0756 0x0d78  NdisWan - ok
19:14:39.0818 0x0d78  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:14:39.0896 0x0d78  NDProxy - ok
19:14:39.0927 0x0d78  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:14:39.0959 0x0d78  NetBIOS - ok
19:14:40.0037 0x0d78  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:14:40.0099 0x0d78  NetBT - ok
19:14:40.0146 0x0d78  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon        C:\Windows\system32\lsass.exe
19:14:40.0177 0x0d78  Netlogon - ok
19:14:40.0271 0x0d78  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
19:14:40.0395 0x0d78  Netman - ok
19:14:40.0520 0x0d78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:40.0551 0x0d78  NetMsmqActivator - ok
19:14:40.0614 0x0d78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:40.0661 0x0d78  NetPipeActivator - ok
19:14:40.0723 0x0d78  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
19:14:40.0801 0x0d78  netprofm - ok
19:14:40.0941 0x0d78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:40.0957 0x0d78  NetTcpActivator - ok
19:14:40.0973 0x0d78  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:14:40.0988 0x0d78  NetTcpPortSharing - ok
19:14:41.0035 0x0d78  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
19:14:41.0082 0x0d78  nfrd960 - ok
19:14:41.0175 0x0d78  [ 4774AD83C650001B337B92E5E5DA337B, 138ECC7F556D8A12AE58B78B68F6515BE4C00F9F062596B48B6CA6C010F13035 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:14:41.0207 0x0d78  NisDrv - ok
19:14:41.0331 0x0d78  [ 96B7D15161A778B359E707796CCEA646, 9E4A25D9848FAECC517474EAD548E7975CBE3F41AAA964E5245E78F2A723925E ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
19:14:41.0363 0x0d78  NisSrv - ok
19:14:41.0441 0x0d78  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:14:41.0519 0x0d78  NlaSvc - ok
19:14:41.0675 0x0d78  [ C31FA031335EFF434B2D94278E74BCCE, F5DFD40C16E4013CBAD0E4FB8EF2B4419702B9C215218F69C4A2DD7C4C4C1E2B ] npf             C:\Windows\system32\drivers\npf.sys
19:14:41.0721 0x0d78  npf - ok
19:14:41.0768 0x0d78  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:14:41.0815 0x0d78  Npfs - ok
19:14:41.0862 0x0d78  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
19:14:41.0971 0x0d78  nsi - ok
19:14:41.0987 0x0d78  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:14:42.0065 0x0d78  nsiproxy - ok
19:14:42.0361 0x0d78  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:14:42.0470 0x0d78  Ntfs - ok
19:14:42.0517 0x0d78  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
19:14:42.0595 0x0d78  Null - ok
19:14:42.0626 0x0d78  [ A61B0AF4D6B934928CFD1140DEEA5C8D, AC0911AAB01FAB450FFFBBF04A61D810E681DE4FCA5C0FEA1A5A6B9020393A32 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
19:14:42.0673 0x0d78  nusb3hub - ok
19:14:42.0735 0x0d78  [ FA4B2F20561BDBCC6B9AC3E3BDCD7E3F, 1E35AF81E31CEC433C6DDB9842323832FB1746FC9993F27333EA751643DF0899 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
19:14:42.0782 0x0d78  nusb3xhc - ok
19:14:42.0813 0x0d78  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:14:42.0845 0x0d78  nvraid - ok
19:14:42.0923 0x0d78  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:14:42.0938 0x0d78  nvstor - ok
19:14:42.0985 0x0d78  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:14:43.0001 0x0d78  nv_agp - ok
19:14:43.0047 0x0d78  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:14:43.0079 0x0d78  ohci1394 - ok
19:14:43.0250 0x0d78  [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:14:43.0281 0x0d78  ose - ok
19:14:43.0391 0x0d78  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:14:43.0515 0x0d78  p2pimsvc - ok
19:14:43.0640 0x0d78  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
19:14:43.0734 0x0d78  p2psvc - ok
19:14:43.0781 0x0d78  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
19:14:43.0843 0x0d78  Parport - ok
19:14:43.0874 0x0d78  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:14:43.0905 0x0d78  partmgr - ok
19:14:43.0952 0x0d78  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:14:44.0030 0x0d78  PcaSvc - ok
19:14:44.0093 0x0d78  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
19:14:44.0139 0x0d78  pci - ok
19:14:44.0186 0x0d78  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
19:14:44.0233 0x0d78  pciide - ok
19:14:44.0295 0x0d78  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
19:14:44.0327 0x0d78  pcmcia - ok
19:14:44.0358 0x0d78  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
19:14:44.0373 0x0d78  pcw - ok
19:14:44.0498 0x0d78  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:14:44.0529 0x0d78  PEAUTH - ok
19:14:44.0763 0x0d78  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:14:44.0873 0x0d78  PeerDistSvc - ok
19:14:44.0919 0x0d78  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
19:14:44.0935 0x0d78  PerfHost - ok
19:14:45.0247 0x0d78  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
19:14:45.0341 0x0d78  pla - ok
19:14:45.0497 0x0d78  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:14:45.0590 0x0d78  PlugPlay - ok
19:14:45.0621 0x0d78  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:14:45.0653 0x0d78  PNRPAutoReg - ok
19:14:45.0684 0x0d78  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:14:45.0715 0x0d78  PNRPsvc - ok
19:14:45.0840 0x0d78  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:14:45.0902 0x0d78  PolicyAgent - ok
19:14:45.0965 0x0d78  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
19:14:45.0996 0x0d78  Power - ok
19:14:46.0058 0x0d78  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:14:46.0136 0x0d78  PptpMiniport - ok
19:14:46.0152 0x0d78  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
19:14:46.0230 0x0d78  Processor - ok
19:14:46.0308 0x0d78  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
19:14:46.0355 0x0d78  ProfSvc - ok
19:14:46.0370 0x0d78  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:14:46.0386 0x0d78  ProtectedStorage - ok
19:14:46.0464 0x0d78  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:14:46.0526 0x0d78  Psched - ok
19:14:46.0620 0x0d78  [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI             C:\Windows\system32\DRIVERS\psi_mf_amd64.sys
19:14:46.0667 0x0d78  PSI - ok
19:14:46.0885 0x0d78  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
19:14:46.0994 0x0d78  ql2300 - ok
19:14:47.0010 0x0d78  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
19:14:47.0041 0x0d78  ql40xx - ok
19:14:47.0088 0x0d78  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
19:14:47.0135 0x0d78  QWAVE - ok
19:14:47.0181 0x0d78  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:14:47.0259 0x0d78  QWAVEdrv - ok
19:14:47.0291 0x0d78  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:14:47.0369 0x0d78  RasAcd - ok
19:14:47.0431 0x0d78  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:14:47.0634 0x0d78  RasAgileVpn - ok
19:14:47.0696 0x0d78  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
19:14:47.0868 0x0d78  RasAuto - ok
19:14:47.0899 0x0d78  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:14:47.0961 0x0d78  Rasl2tp - ok
19:14:48.0055 0x0d78  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
19:14:48.0102 0x0d78  RasMan - ok
19:14:48.0164 0x0d78  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:14:48.0242 0x0d78  RasPppoe - ok
19:14:48.0258 0x0d78  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:14:48.0305 0x0d78  RasSstp - ok
19:14:48.0383 0x0d78  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:14:48.0445 0x0d78  rdbss - ok
19:14:48.0476 0x0d78  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:14:48.0539 0x0d78  rdpbus - ok
19:14:48.0570 0x0d78  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:14:48.0585 0x0d78  RDPCDD - ok
19:14:48.0648 0x0d78  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:14:48.0679 0x0d78  RDPDR - ok
19:14:48.0695 0x0d78  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:14:48.0773 0x0d78  RDPENCDD - ok
19:14:48.0804 0x0d78  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:14:48.0866 0x0d78  RDPREFMP - ok
19:14:48.0976 0x0d78  [ 76D8CC526512ECAE2AEF63B1A6D018A1, 7281AFEBA5455BB879D4BA2DBADDCF6DAC87C1040605907CC907142609985B17 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
19:14:49.0069 0x0d78  RdpVideoMiniport - ok
19:14:49.0132 0x0d78  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:14:49.0256 0x0d78  RDPWD - ok
19:14:49.0350 0x0d78  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:14:49.0397 0x0d78  rdyboost - ok
19:14:49.0475 0x0d78  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
19:14:49.0568 0x0d78  RemoteAccess - ok
19:14:49.0646 0x0d78  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:14:49.0709 0x0d78  RemoteRegistry - ok
19:14:49.0740 0x0d78  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:14:49.0834 0x0d78  RpcEptMapper - ok
19:14:49.0880 0x0d78  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
19:14:49.0927 0x0d78  RpcLocator - ok
19:14:50.0083 0x0d78  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
19:14:50.0114 0x0d78  RpcSs - ok
19:14:50.0161 0x0d78  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:14:50.0224 0x0d78  rspndr - ok
19:14:50.0286 0x0d78  [ 34F05C417F038FFA3BEF69B798D7D7DD, C9B0CB2B62B1C8DF8F68758945C5C627D9BDECFB60FA7AECCF8048C6538E30E7 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
19:14:50.0395 0x0d78  RTHDMIAzAudService - ok
19:14:50.0442 0x0d78  [ 3B01789EE4EAEE97F5EB46B711387D5E, 154D6D409E02AAEA8CC34FA70F71630D67A31F033F65EE854448112C45F164B4 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
19:14:50.0504 0x0d78  RTL8167 - ok
19:14:50.0551 0x0d78  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:14:50.0582 0x0d78  s3cap - ok
19:14:50.0598 0x0d78  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs           C:\Windows\system32\lsass.exe
19:14:50.0598 0x0d78  SamSs - ok
19:14:50.0614 0x0d78  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:14:50.0629 0x0d78  sbp2port - ok
19:14:50.0707 0x0d78  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:14:50.0754 0x0d78  SCardSvr - ok
19:14:50.0801 0x0d78  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:14:50.0894 0x0d78  scfilter - ok
19:14:51.0128 0x0d78  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
19:14:51.0222 0x0d78  Schedule - ok
19:14:51.0269 0x0d78  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:14:51.0284 0x0d78  SCPolicySvc - ok
19:14:51.0331 0x0d78  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:14:51.0394 0x0d78  SDRSVC - ok
19:14:51.0440 0x0d78  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:14:51.0503 0x0d78  secdrv - ok
19:14:51.0534 0x0d78  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
19:14:51.0628 0x0d78  seclogon - ok
19:14:51.0877 0x0d78  [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
19:14:51.0924 0x0d78  Secunia PSI Agent - ok
19:14:52.0096 0x0d78  [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
19:14:52.0127 0x0d78  Secunia Update Agent - ok
19:14:52.0158 0x0d78  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
19:14:52.0220 0x0d78  SENS - ok
19:14:52.0236 0x0d78  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:14:52.0298 0x0d78  SensrSvc - ok
19:14:52.0314 0x0d78  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
19:14:52.0330 0x0d78  Serenum - ok
19:14:52.0376 0x0d78  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
19:14:52.0439 0x0d78  Serial - ok
19:14:52.0486 0x0d78  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
19:14:52.0548 0x0d78  sermouse - ok
19:14:52.0610 0x0d78  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
19:14:52.0704 0x0d78  SessionEnv - ok
19:14:52.0735 0x0d78  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:14:52.0798 0x0d78  sffdisk - ok
19:14:52.0829 0x0d78  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:14:52.0922 0x0d78  sffp_mmc - ok
19:14:52.0969 0x0d78  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:14:52.0985 0x0d78  sffp_sd - ok
19:14:53.0016 0x0d78  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
19:14:53.0047 0x0d78  sfloppy - ok
19:14:53.0203 0x0d78  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:14:53.0281 0x0d78  SharedAccess - ok
19:14:53.0375 0x0d78  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:14:53.0500 0x0d78  ShellHWDetection - ok
19:14:53.0593 0x0d78  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
19:14:53.0609 0x0d78  SiSRaid2 - ok
19:14:53.0624 0x0d78  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
19:14:53.0656 0x0d78  SiSRaid4 - ok
19:14:53.0952 0x0d78  [ 8CBD520381A4B139598084BA89B79481, 0D62611C7B77B361F7BC5B5C40346062F4E113060D051D5AC5DA5A2015DB6F40 ] SMARTHelperService C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe
19:14:53.0999 0x0d78  SMARTHelperService - ok
19:14:54.0030 0x0d78  [ BCE703FE67976C57B789F19A77C4C7D1, 6D249386924AA443B3237BF71D9EFDB8C6D2CEE6E40823519694554224FB1538 ] SMARTMouseFilterx64 C:\Windows\system32\DRIVERS\SMARTMouseFilterx64.sys
19:14:54.0108 0x0d78  SMARTMouseFilterx64 - ok
19:14:54.0124 0x0d78  [ C02C2D6EBC48A52C0C2922BD86CCEEDE, 07FB67B4EFEF315E071671884FFCCE5B39B486C8901BF9C8D62AEBF3CACF6937 ] SMARTVHidMiniVistaAmd64 C:\Windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys
19:14:54.0186 0x0d78  SMARTVHidMiniVistaAmd64 - ok
19:14:54.0202 0x0d78  [ 8588412F05C55E397374F97588CC7381, BF8A6AAA4FD0A2208EDE92294095A38337785EA3D5961DD069F2596344772ADD ] SMARTVTabletPCx64 C:\Windows\system32\DRIVERS\SMARTVTabletPCx64.sys
19:14:54.0248 0x0d78  SMARTVTabletPCx64 - ok
19:14:54.0311 0x0d78  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:14:54.0373 0x0d78  Smb - ok
19:14:54.0404 0x0d78  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:14:54.0451 0x0d78  SNMPTRAP - ok
19:14:54.0592 0x0d78  [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan        C:\Windows\syswow64\speedfan.sys
19:14:54.0607 0x0d78  speedfan - ok
19:14:54.0670 0x0d78  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:14:54.0701 0x0d78  spldr - ok
19:14:54.0794 0x0d78  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
19:14:54.0904 0x0d78  Spooler - ok
19:14:55.0309 0x0d78  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
19:14:55.0481 0x0d78  sppsvc - ok
19:14:55.0559 0x0d78  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:14:55.0621 0x0d78  sppuinotify - ok
19:14:55.0637 0x0d78  sptd - ok
19:14:55.0715 0x0d78  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:14:55.0762 0x0d78  srv - ok
19:14:55.0886 0x0d78  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:14:55.0949 0x0d78  srv2 - ok
19:14:56.0027 0x0d78  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:14:56.0074 0x0d78  srvnet - ok
19:14:56.0152 0x0d78  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:14:56.0230 0x0d78  SSDPSRV - ok
19:14:56.0276 0x0d78  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:14:56.0339 0x0d78  SstpSvc - ok
19:14:56.0401 0x0d78  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
19:14:56.0432 0x0d78  stexstor - ok
19:14:56.0510 0x0d78  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
19:14:56.0557 0x0d78  stisvc - ok
19:14:56.0604 0x0d78  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:14:56.0604 0x0d78  storflt - ok
19:14:56.0635 0x0d78  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:14:56.0682 0x0d78  storvsc - ok
19:14:56.0729 0x0d78  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
19:14:56.0760 0x0d78  swenum - ok
19:14:56.0963 0x0d78  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
19:14:56.0994 0x0d78  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
19:14:57.0415 0x0d78  Detect skipped due to KSN trusted
19:14:57.0415 0x0d78  SwitchBoard - ok
19:14:57.0556 0x0d78  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
19:14:57.0665 0x0d78  swprv - ok
19:14:57.0727 0x0d78  Synth3dVsc - ok
19:14:57.0961 0x0d78  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
19:14:58.0086 0x0d78  SysMain - ok
19:14:58.0148 0x0d78  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:14:58.0211 0x0d78  TabletInputService - ok
19:14:58.0258 0x0d78  [ BCD6A90D6FD757CE9C29DDC850F7F231, 8E736A42B28BE11EC524C40DFA1C7A88BBE10CBC97320F128BCBE44051BBCC81 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
19:14:58.0320 0x0d78  tap0901 - ok
19:14:58.0460 0x0d78  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:14:58.0507 0x0d78  TapiSrv - ok
19:14:58.0601 0x0d78  [ 4430E9B4C60AAB672D16E801BAD0555E, 9D9208FD66CF23BE03484C3C335E927D6914A405FED6A8D5B2878BA4F59203DE ] tbhsd           C:\Windows\system32\drivers\tbhsd.sys
19:14:58.0632 0x0d78  tbhsd - ok
19:14:58.0694 0x0d78  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
19:14:58.0788 0x0d78  TBS - ok
19:14:59.0178 0x0d78  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:14:59.0287 0x0d78  Tcpip - ok
19:14:59.0412 0x0d78  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:14:59.0459 0x0d78  TCPIP6 - ok
19:14:59.0521 0x0d78  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:14:59.0568 0x0d78  tcpipreg - ok
19:14:59.0630 0x0d78  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:14:59.0693 0x0d78  TDPIPE - ok
19:14:59.0740 0x0d78  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:14:59.0786 0x0d78  TDTCP - ok
19:14:59.0833 0x0d78  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:14:59.0911 0x0d78  tdx - ok
19:14:59.0974 0x0d78  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
19:15:00.0005 0x0d78  TermDD - ok
19:15:00.0161 0x0d78  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
19:15:00.0254 0x0d78  TermService - ok
19:15:00.0301 0x0d78  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
19:15:00.0379 0x0d78  Themes - ok
19:15:00.0410 0x0d78  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
19:15:00.0473 0x0d78  THREADORDER - ok
19:15:00.0504 0x0d78  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
19:15:00.0520 0x0d78  TrkWks - ok
19:15:00.0598 0x0d78  [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
19:15:00.0629 0x0d78  truecrypt - ok
19:15:00.0722 0x0d78  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:15:00.0800 0x0d78  TrustedInstaller - ok
19:15:00.0863 0x0d78  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:15:00.0894 0x0d78  tssecsrv - ok
19:15:01.0034 0x0d78  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:15:01.0097 0x0d78  TsUsbFlt - ok
19:15:01.0097 0x0d78  tsusbhub - ok
19:15:01.0144 0x0d78  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:15:01.0206 0x0d78  tunnel - ok
19:15:01.0237 0x0d78  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
19:15:01.0253 0x0d78  uagp35 - ok
19:15:01.0331 0x0d78  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:15:01.0393 0x0d78  udfs - ok
19:15:01.0424 0x0d78  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:15:01.0487 0x0d78  UI0Detect - ok
19:15:01.0518 0x0d78  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:15:01.0549 0x0d78  uliagpkx - ok
19:15:01.0580 0x0d78  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\drivers\umbus.sys
19:15:01.0627 0x0d78  umbus - ok
19:15:01.0658 0x0d78  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
19:15:01.0690 0x0d78  UmPass - ok
19:15:01.0768 0x0d78  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:15:01.0799 0x0d78  UmRdpService - ok
19:15:01.0877 0x0d78  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
19:15:01.0939 0x0d78  upnphost - ok
19:15:02.0080 0x0d78  [ FB251567F41BC61988B26731DEC19E4B, 6A535F5A18EB43DD2E18AF0A05301630A1D1484B7D85DA79A7CD122DA4D018E2 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
19:15:02.0142 0x0d78  USBAAPL64 - ok
19:15:02.0204 0x0d78  [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
19:15:02.0267 0x0d78  usbaudio - ok
19:15:02.0329 0x0d78  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:15:02.0392 0x0d78  usbccgp - ok
19:15:02.0423 0x0d78  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:15:02.0454 0x0d78  usbcir - ok
19:15:02.0485 0x0d78  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:15:02.0532 0x0d78  usbehci - ok
19:15:02.0563 0x0d78  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:15:02.0610 0x0d78  usbhub - ok
19:15:02.0610 0x0d78  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:15:02.0626 0x0d78  usbohci - ok
19:15:02.0672 0x0d78  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:15:02.0735 0x0d78  usbprint - ok
19:15:02.0782 0x0d78  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:15:02.0860 0x0d78  usbscan - ok
19:15:02.0906 0x0d78  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:15:02.0969 0x0d78  USBSTOR - ok
19:15:03.0000 0x0d78  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:15:03.0047 0x0d78  usbuhci - ok
19:15:03.0125 0x0d78  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
19:15:03.0140 0x0d78  usbvideo - ok
19:15:03.0172 0x0d78  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
19:15:03.0265 0x0d78  UxSms - ok
19:15:03.0296 0x0d78  [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc        C:\Windows\system32\lsass.exe
19:15:03.0312 0x0d78  VaultSvc - ok
19:15:03.0343 0x0d78  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:15:03.0359 0x0d78  vdrvroot - ok
19:15:03.0421 0x0d78  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
19:15:03.0484 0x0d78  vds - ok
19:15:03.0546 0x0d78  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:15:03.0593 0x0d78  vga - ok
19:15:03.0624 0x0d78  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:15:03.0718 0x0d78  VgaSave - ok
19:15:03.0718 0x0d78  VGPU - ok
19:15:03.0780 0x0d78  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:15:03.0827 0x0d78  vhdmp - ok
19:15:03.0874 0x0d78  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
19:15:03.0905 0x0d78  viaide - ok
19:15:03.0983 0x0d78  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:15:04.0014 0x0d78  vmbus - ok
19:15:04.0030 0x0d78  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:15:04.0045 0x0d78  VMBusHID - ok
19:15:04.0123 0x0d78  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:15:04.0154 0x0d78  volmgr - ok
19:15:04.0264 0x0d78  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:15:04.0295 0x0d78  volmgrx - ok
19:15:04.0326 0x0d78  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:15:04.0357 0x0d78  volsnap - ok
19:15:04.0420 0x0d78  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
19:15:04.0466 0x0d78  vsmraid - ok
19:15:04.0685 0x0d78  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
19:15:04.0825 0x0d78  VSS - ok
19:15:04.0872 0x0d78  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
19:15:04.0934 0x0d78  vwifibus - ok
19:15:05.0028 0x0d78  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
19:15:05.0090 0x0d78  W32Time - ok
19:15:05.0137 0x0d78  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
19:15:05.0200 0x0d78  WacomPen - ok
19:15:05.0262 0x0d78  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:15:05.0340 0x0d78  WANARP - ok
19:15:05.0356 0x0d78  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:15:05.0371 0x0d78  Wanarpv6 - ok
19:15:05.0590 0x0d78  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
19:15:05.0652 0x0d78  WatAdminSvc - ok
19:15:05.0886 0x0d78  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
19:15:05.0995 0x0d78  wbengine - ok
19:15:06.0104 0x0d78  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:15:06.0167 0x0d78  WbioSrvc - ok
19:15:06.0260 0x0d78  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:15:06.0323 0x0d78  wcncsvc - ok
19:15:06.0370 0x0d78  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:15:06.0401 0x0d78  WcsPlugInService - ok
19:15:06.0416 0x0d78  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
19:15:06.0432 0x0d78  Wd - ok
19:15:06.0479 0x0d78  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
19:15:06.0541 0x0d78  WDC_SAM - ok
19:15:06.0635 0x0d78  [ 6209C98EAA7D003DBEA3EB3245211342, 7AE1B6CBEE5871BB58C3351DC4C772A2BA5AAE26EB69FE4D8F74C473059A1956 ] WDDMService     C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
19:15:06.0650 0x0d78  WDDMService - detected UnsignedFile.Multi.Generic ( 1 )
19:15:16.0744 0x0d78  WDDMService ( UnsignedFile.Multi.Generic ) - warning
19:15:19.0037 0x0d78  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:15:19.0052 0x0d78  Wdf01000 - ok
19:15:19.0302 0x0d78  [ A787A567B3470C91C487ECE90CF7509C, FC76F77B7493E525AA7CDEA9011052A813DDF104E3314757D830129352593CB0 ] WDFME           C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe
19:15:19.0396 0x0d78  WDFME - detected UnsignedFile.Multi.Generic ( 1 )
19:15:19.0536 0x0d78  Detect skipped due to KSN trusted
19:15:19.0552 0x0d78  WDFME - ok
19:15:19.0598 0x0d78  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:15:19.0676 0x0d78  WdiServiceHost - ok
19:15:19.0754 0x0d78  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:15:19.0786 0x0d78  WdiSystemHost - ok
19:15:19.0957 0x0d78  [ 3E2B446BFD98EE3AB236FE9E84F35489, 828C072F0A438EB48784F23E56BD3F42494906403E66802D1AAAFFB3429D14B1 ] WDSC            C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe
19:15:19.0988 0x0d78  WDSC - detected UnsignedFile.Multi.Generic ( 1 )
19:15:20.0176 0x0d78  Detect skipped due to KSN trusted
19:15:20.0176 0x0d78  WDSC - ok
19:15:20.0238 0x0d78  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
19:15:20.0316 0x0d78  WebClient - ok
19:15:20.0363 0x0d78  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:15:20.0410 0x0d78  Wecsvc - ok
19:15:20.0425 0x0d78  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:15:20.0472 0x0d78  wercplsupport - ok
19:15:20.0503 0x0d78  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:15:20.0534 0x0d78  WerSvc - ok
19:15:20.0566 0x0d78  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:15:20.0628 0x0d78  WfpLwf - ok
19:15:20.0659 0x0d78  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:15:20.0690 0x0d78  WIMMount - ok
19:15:20.0737 0x0d78  WinDefend - ok
19:15:20.0753 0x0d78  WinHttpAutoProxySvc - ok
19:15:20.0924 0x0d78  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:15:21.0065 0x0d78  Winmgmt - ok
19:15:21.0455 0x0d78  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
19:15:21.0611 0x0d78  WinRM - ok
19:15:21.0704 0x0d78  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
19:15:21.0736 0x0d78  WinUsb - ok
19:15:21.0907 0x0d78  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:15:21.0970 0x0d78  Wlansvc - ok
19:15:22.0032 0x0d78  [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:15:22.0063 0x0d78  wlcrasvc - ok
19:15:22.0484 0x0d78  [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:15:22.0531 0x0d78  wlidsvc - ok
19:15:22.0562 0x0d78  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
19:15:22.0625 0x0d78  WmiAcpi - ok
19:15:22.0687 0x0d78  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:15:22.0734 0x0d78  wmiApSrv - ok
19:15:22.0781 0x0d78  WMPNetworkSvc - ok
19:15:22.0828 0x0d78  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:15:22.0890 0x0d78  WPCSvc - ok
19:15:22.0921 0x0d78  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:15:22.0952 0x0d78  WPDBusEnum - ok
19:15:22.0999 0x0d78  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:15:23.0093 0x0d78  ws2ifsl - ok
19:15:23.0140 0x0d78  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
19:15:23.0171 0x0d78  wscsvc - ok
19:15:23.0186 0x0d78  WSearch - ok
19:15:23.0545 0x0d78  [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv        C:\Windows\system32\wuaueng.dll
19:15:23.0701 0x0d78  wuauserv - ok
19:15:23.0732 0x0d78  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:15:23.0795 0x0d78  WudfPf - ok
19:15:23.0842 0x0d78  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
19:15:23.0873 0x0d78  WUDFRd - ok
19:15:23.0904 0x0d78  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:15:23.0935 0x0d78  wudfsvc - ok
19:15:23.0998 0x0d78  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:15:24.0060 0x0d78  WwanSvc - ok
19:15:24.0076 0x0d78  ================ Scan global ===============================
19:15:24.0185 0x0d78  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
19:15:24.0263 0x0d78  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
19:15:24.0294 0x0d78  [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
19:15:24.0372 0x0d78  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
19:15:24.0419 0x0d78  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
19:15:24.0450 0x0d78  [ Global ] - ok
19:15:24.0450 0x0d78  ================ Scan MBR ==================================
19:15:24.0466 0x0d78  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:15:25.0339 0x0d78  \Device\Harddisk0\DR0 - ok
19:15:25.0339 0x0d78  ================ Scan VBR ==================================
19:15:25.0355 0x0d78  [ BD4F8F2574A9829DD70C8612E8962FC9 ] \Device\Harddisk0\DR0\Partition1
19:15:25.0386 0x0d78  \Device\Harddisk0\DR0\Partition1 - ok
19:15:25.0402 0x0d78  [ D92F2BE22016A4193595938AC869BDA2 ] \Device\Harddisk0\DR0\Partition2
19:15:25.0402 0x0d78  \Device\Harddisk0\DR0\Partition2 - ok
19:15:25.0402 0x0d78  ================ Scan generic autorun ======================
19:15:26.0119 0x0d78  [ D31E3530A549B3BE3529773643A8FB75, 6E0B978562815739618D96CFEA7F193DEFEB5A362419F69720590C0AC176BE48 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
19:15:26.0275 0x0d78  RtHDVCpl - ok
19:15:26.0369 0x0d78  [ 35BA4E6632BA690EA6421C1E03537D0E, 99D6B4DB12ABE3A7F44AB1B2D626978E85231185AE280D9516986027BC8385CB ] C:\Program Files\Microsoft Security Client\msseces.exe
19:15:26.0416 0x0d78  MSC - ok
19:15:26.0462 0x0d78  [ DB4E2D9C09A5762CB2551222B5E443B2, 318AD09D1821E38B7D7ACC0A06965057B494A752C9E34FD1CA41247DC703F985 ] C:\Windows\RaidTool\xInsIDE.exe
19:15:26.0478 0x0d78  JMB36X IDE Setup - detected UnsignedFile.Multi.Generic ( 1 )
19:15:26.0930 0x0d78  Detect skipped due to KSN trusted
19:15:26.0930 0x0d78  JMB36X IDE Setup - ok
19:15:26.0993 0x0d78  [ 1A5024838562999647A7E1B6B62F91F4, 7E9FD5D6C3D807280339A4D7F53B69D9208DAFFA102467350E2BB95D288C5E3B ] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
19:15:27.0008 0x0d78  NUSB3MON - detected UnsignedFile.Multi.Generic ( 1 )
19:15:27.0445 0x0d78  Detect skipped due to KSN trusted
19:15:27.0445 0x0d78  NUSB3MON - ok
19:15:27.0570 0x0d78  [ 52B642B30BAD0E7C4D56C5D3EAC76B97, 2DEBACF593826F638EE4FC7743ED981870277376B6742872E79F6FD5D694ADF2 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
19:15:27.0617 0x0d78  StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
19:15:28.0069 0x0d78  Detect skipped due to KSN trusted
19:15:28.0069 0x0d78  StartCCC - ok
19:15:28.0132 0x0d78  [ C7C5264BAA313E4CC7BDD2955D410302, 31F8211269C8D4644C3077E13484D3E4CE7FB8F5CA6B2272E48E3EAEFE344544 ] C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe
19:15:28.0147 0x0d78  ATICustomerCare - detected UnsignedFile.Multi.Generic ( 1 )
19:15:28.0568 0x0d78  Detect skipped due to KSN trusted
19:15:28.0568 0x0d78  ATICustomerCare - ok
19:15:28.0724 0x0d78  [ 3E04F1E482357B1FC8B088197C3D9FF8, 85524ADDC27ADC831EBBD24E079B412CFDC69E5F594BD153319087665A28D546 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
19:15:28.0756 0x0d78  Adobe ARM - ok
19:15:28.0896 0x0d78  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:15:28.0990 0x0d78  Sidebar - ok
19:15:29.0021 0x0d78  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:15:29.0052 0x0d78  mctadmin - ok
19:15:29.0099 0x0d78  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
19:15:29.0130 0x0d78  Sidebar - ok
19:15:29.0130 0x0d78  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
19:15:29.0146 0x0d78  mctadmin - ok
19:15:29.0302 0x0d78  [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
19:15:29.0364 0x0d78  Sidebar - ok
19:15:29.0692 0x0d78  [ C81F59B7D524FB462F73B27757084618, 6C7DF7257ED0D9C69A53B98F15EAF1B42D302659791EE80F48D06BCA11EA09D8 ] C:\Program Files (x86)\CCleaner\CCleaner64.exe
19:15:29.0848 0x0d78  CCleaner Monitoring - ok
19:15:29.0848 0x0d78  Waiting for KSN requests completion. In queue: 35
19:15:30.0862 0x0d78  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.8.204.0 ), 0x61000 ( enabled : updated )
19:15:30.0877 0x0d78  Win FW state via NFP2: enabled
19:15:31.0158 0x0d78  ============================================================
19:15:31.0158 0x0d78  Scan finished
19:15:31.0158 0x0d78  ============================================================
19:15:31.0158 0x0708  Detected object count: 1
19:15:31.0158 0x0708  Actual detected object count: 1
19:28:14.0659 0x0708  WDDMService ( UnsignedFile.Multi.Generic ) - skipped by user
19:28:14.0659 0x0708  WDDMService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.05.27.03
  rootkit: v2015.05.24.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
Bene :: BENE-PC [administrator]

27.05.2015 17:04:49
mbar-log-2015-05-27 (17-04-49).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 416918
Time elapsed: 1 hour(s), 10 minute(s), 2 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 28.05.2015, 12:21   #5
schrauber
/// the machine
/// TB-Ausbilder
 

PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



hi,


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.05.2015, 08:28   #6
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Combofix hat gemeckert, weil Microsoft Security Essentials angeblich noch aktiv war. Hatte es aber eigentlich über den Taskmanager ausgeschaltet.

Hier das Logfile:

Code:
ATTFilter
ComboFix 15-05-28.01 - Bene 29.05.2015   9:01.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.4094.2190 [GMT 2:00]
ausgeführt von:: d:\downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
SP: Microsoft Security Essentials *Enabled/Updated* {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Bene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Firefox.lnk
c:\users\Public\sdelevURL.tmp
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NPF
.
.
(((((((((((((((((((((((   Dateien erstellt von 2015-04-28 bis 2015-05-29  ))))))))))))))))))))))))))))))
.
.
2015-05-28 11:50 . 2015-05-28 11:50	--------	d-----w-	C:\found.000
2015-05-27 18:00 . 2015-05-27 18:00	--------	d-sh--w-	c:\users\Bene\AppData\Local\EmieUserList
2015-05-27 18:00 . 2015-05-27 18:00	--------	d-sh--w-	c:\users\Bene\AppData\Local\EmieSiteList
2015-05-27 18:00 . 2015-05-27 18:00	--------	d-sh--w-	c:\users\Bene\AppData\Local\EmieBrowserModeList
2015-05-26 21:06 . 2015-05-27 17:11	--------	d-----w-	c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-05-26 19:54 . 2015-05-26 19:54	--------	d-----w-	c:\program files (x86)\VS Revo Group
2015-05-25 07:14 . 2015-05-25 07:14	--------	d-----w-	c:\users\Bene\AppData\Local\Opera Software
2015-05-25 07:14 . 2015-05-25 07:14	--------	d-----w-	c:\users\Bene\AppData\Roaming\Opera Software
2015-05-20 18:07 . 2015-05-21 13:20	--------	d-----w-	c:\program files (x86)\Mozilla Thunderbird
2015-05-19 18:34 . 2015-05-19 18:34	--------	d-----w-	C:\7368bc0b271974332c0a6287
2015-05-12 18:33 . 2015-05-01 13:17	124112	----a-w-	c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 18:33 . 2015-05-01 13:16	102608	----a-w-	c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 18:31 . 2015-04-27 19:23	1254400	----a-w-	c:\windows\system32\diagtrack.dll
2015-05-12 18:30 . 2015-04-08 03:29	1736192	----a-w-	c:\program files\Windows Journal\NBDoc.DLL
2015-05-01 18:10 . 2015-05-01 18:10	229608	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-05-27 15:04 . 2015-02-28 11:32	136408	----a-w-	c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-05-27 15:03 . 2015-02-28 11:32	107736	----a-w-	c:\windows\system32\drivers\mbamchameleon.sys
2015-05-25 07:17 . 2012-07-25 15:06	778416	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2015-05-25 07:17 . 2011-05-25 05:21	142512	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-12 18:36 . 2010-04-17 07:08	140425016	----a-w-	c:\windows\system32\MRT.exe
2015-05-03 03:16 . 2015-05-27 15:23	12214312	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3C2C91AE-2B14-4324-AC84-9DBEC337FD2C}\mpengine.dll
2015-05-03 03:16 . 2015-05-26 14:06	12214312	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2015-04-27 19:04 . 2015-05-12 18:31	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2015-04-24 10:49 . 2014-10-19 10:25	98216	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-04-14 07:37 . 2015-02-28 11:32	63704	----a-w-	c:\windows\system32\drivers\mwac.sys
2015-04-14 07:37 . 2015-02-28 11:32	25816	----a-w-	c:\windows\system32\drivers\mbam.sys
2015-03-27 08:20 . 2015-05-23 19:41	1187344	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{628D11D7-670D-467F-9FDC-35ADBD400F35}\gapaengine.dll
2015-03-27 08:20 . 2011-03-25 17:10	1187344	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2015-03-25 03:24 . 2015-04-15 05:52	98304	----a-w-	c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 05:52	37376	----a-w-	c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 05:52	35328	----a-w-	c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 05:52	3298816	----a-w-	c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 05:52	191488	----a-w-	c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 05:52	2553856	----a-w-	c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 05:52	696320	----a-w-	c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 05:52	60416	----a-w-	c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 05:52	12288	----a-w-	c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 05:52	36864	----a-w-	c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 05:52	135168	----a-w-	c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 05:52	92672	----a-w-	c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 05:52	566784	----a-w-	c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 05:52	29696	----a-w-	c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 05:52	173056	----a-w-	c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 05:52	33792	----a-w-	c:\windows\SysWow64\wuapp.exe
2015-03-23 03:25 . 2015-04-15 05:51	726528	----a-w-	c:\windows\system32\generaltel.dll
2015-03-23 03:25 . 2015-04-15 05:51	769536	----a-w-	c:\windows\system32\invagent.dll
2015-03-23 03:24 . 2015-04-15 05:51	419840	----a-w-	c:\windows\system32\devinv.dll
2015-03-23 03:24 . 2015-04-15 05:51	957952	----a-w-	c:\windows\system32\appraiser.dll
2015-03-23 03:24 . 2015-04-15 05:51	30720	----a-w-	c:\windows\system32\acmigration.dll
2015-03-23 03:24 . 2015-04-15 05:51	192000	----a-w-	c:\windows\system32\aepic.dll
2015-03-23 03:24 . 2015-04-15 05:51	227328	----a-w-	c:\windows\system32\aepdu.dll
2015-03-23 03:17 . 2015-04-15 05:51	1111552	----a-w-	c:\windows\system32\aeinv.dll
2015-03-10 03:25 . 2015-04-15 05:51	1882624	----a-w-	c:\windows\system32\msxml3.dll
2015-03-10 03:21 . 2015-04-15 05:51	2048	----a-w-	c:\windows\system32\msxml3r.dll
2015-03-10 03:08 . 2015-04-15 05:51	1237504	----a-w-	c:\windows\SysWow64\msxml3.dll
2015-03-10 03:05 . 2015-04-15 05:51	2048	----a-w-	c:\windows\SysWow64\msxml3r.dll
2015-03-05 05:12 . 2015-04-15 05:51	404480	----a-w-	c:\windows\system32\gdi32.dll
2015-03-05 04:05 . 2015-04-15 05:51	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2015-03-04 17:34 . 2015-03-04 17:34	280376	----a-w-	c:\windows\system32\drivers\MpFilter.sys
2015-03-04 17:34 . 2010-10-24 20:25	124568	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2015-03-04 04:55 . 2015-04-15 05:48	367552	----a-w-	c:\windows\system32\clfs.sys
2015-03-04 04:41 . 2015-04-15 05:48	79360	----a-w-	c:\windows\system32\clfsw32.dll
2015-03-04 04:41 . 2015-05-12 18:30	309248	----a-w-	c:\windows\apppatch\AppPatch64\AcGenral.dll
2015-03-04 04:41 . 2015-05-12 18:30	103424	----a-w-	c:\windows\apppatch\AppPatch64\acspecfc.dll
2015-03-04 04:10 . 2015-04-15 05:48	58880	----a-w-	c:\windows\SysWow64\clfsw32.dll
2015-03-04 04:10 . 2015-05-12 18:30	470528	----a-w-	c:\windows\apppatch\AcSpecfc.dll
2015-03-04 04:10 . 2015-05-12 18:30	2178560	----a-w-	c:\windows\apppatch\AcGenral.dll
2015-03-04 04:06 . 2015-05-12 18:30	2560	----a-w-	c:\windows\apppatch\AcRes.dll
2015-03-03 13:17 . 2010-04-15 20:19	295552	------w-	c:\windows\system32\MpSigStub.exe
2010-03-25 16:42 . 2010-03-25 16:42	388096	----a-w-	c:\program files (x86)\HiJackThis.exe
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"CCleaner Monitoring"="c:\program files (x86)\CCleaner\CCleaner64.exe" [2015-04-23 8204056]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"JMB36X IDE Setup"="c:\windows\RaidTool\xInsIDE.exe" [2007-03-20 36864]
"NUSB3MON"="c:\program files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" [2009-09-25 106496]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-02-02 98304]
"ATICustomerCare"="c:\program files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" [2009-06-14 307200]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-12-19 1022152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux6"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [x]
R2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe;c:\program files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SMARTVTabletPCx64;SMART Virtual TabletPC;c:\windows\system32\DRIVERS\SMARTVTabletPCx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVTabletPCx64.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 sptd;sptd;c:\windows\\SystemRoot\System32\Drivers\sptd.sys;c:\windows\\SystemRoot\System32\Drivers\sptd.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 JMB36X;JMB36X;c:\windows\SysWOW64\XSrvSetup.exe;c:\windows\SysWOW64\XSrvSetup.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 Secunia PSI Agent;Secunia PSI Agent;c:\program files (x86)\Secunia\PSI\PSIA.exe;c:\program files (x86)\Secunia\PSI\PSIA.exe [x]
S2 Secunia Update Agent;Secunia Update Agent;c:\program files (x86)\Secunia\PSI\sua.exe;c:\program files (x86)\Secunia\PSI\sua.exe [x]
S2 SMARTHelperService;SMART Helper Service;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe;c:\program files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [x]
S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [x]
S2 WDFME;WD File Management Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [x]
S2 WDSC;WD File Management Shadow Engine;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe;c:\program files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
S3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 PSI;PSI;c:\windows\system32\DRIVERS\psi_mf_amd64.sys;c:\windows\SYSNATIVE\DRIVERS\psi_mf_amd64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SMARTMouseFilterx64;HID-compliant mouse;c:\windows\system32\DRIVERS\SMARTMouseFilterx64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTMouseFilterx64.sys [x]
S3 SMARTVHidMiniVistaAmd64;SMART HID Device;c:\windows\system32\DRIVERS\SMARTVHidMiniVistaAmd64.sys;c:\windows\SYSNATIVE\DRIVERS\SMARTVHidMiniVistaAmd64.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2015-05-25 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
- c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-25 07:17]
.
2015-05-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-25 07:17]
.
2015-05-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001Core.job
- c:\users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-07 08:17]
.
2015-05-28 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001UA.job
- c:\users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-01-07 08:17]
.
2015-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-21 10:14]
.
2015-05-29 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-04-21 10:14]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-10-21 8306208]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2015-04-29 1337000]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Free YouTube to MP3 Converter - c:\users\Bene\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Bene\AppData\Roaming\Mozilla\Firefox\Profiles\6l2jv7sk.default-1431878520975\
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} - (no file)
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2058888408-2479665750-2358759828-1001\Software\SecuROM\License information*]
"datasecu"=hex:21,69,e6,ac,ca,08,a4,fa,75,2e,d7,ef,39,1b,f7,b8,f0,bc,b1,d1,22,
   8e,0c,13,54,21,2c,b4,57,b4,8c,91,f6,d8,86,50,3d,86,5f,a3,1f,e2,20,01,cb,41,\
"rkeysecu"=hex:44,c8,b9,9f,32,57,3b,cb,d1,4b,2e,c3,b7,6d,88,b1
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_169_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_169.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-05-29  09:23:40 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2015-05-29 07:23
.
Vor Suchlauf: 20 Verzeichnis(se), 11.259.678.720 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 10.592.264.192 Bytes frei
.
- - End Of File - - 6043523F24E3B462F629CA1802FFE46F
A36C5E4F47E84449FF07ED3517B43A31
         

Alt 30.05.2015, 08:27   #7
schrauber
/// the machine
/// TB-Ausbilder
 

PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.05.2015, 12:28   #8
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Error, 30.05.2015 09:34:18, SYSTEM, BENE-PC, Protection, IsLicensed, 13, 
Protection, 30.05.2015 09:34:18, SYSTEM, BENE-PC, Protection, Malware Protection, Stopping, 
Protection, 30.05.2015 09:34:18, SYSTEM, BENE-PC, Protection, Malware Protection, Stopped, 
Update, 30.05.2015 09:49:47, SYSTEM, BENE-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.5.24.1, 
Update, 30.05.2015 09:49:48, SYSTEM, BENE-PC, Manual, Remediation Database, 2015.3.9.1, 2015.5.13.1, 
Update, 30.05.2015 09:49:56, SYSTEM, BENE-PC, Manual, Malware Database, 2015.3.9.5, 2015.5.29.7, 
Error, 30.05.2015 09:56:19, SYSTEM, BENE-PC, Protection, IsLicensed, 13, 
Protection, 30.05.2015 09:56:19, SYSTEM, BENE-PC, Protection, Malware Protection, Stopping, 
Protection, 30.05.2015 09:56:19, SYSTEM, BENE-PC, Protection, Malware Protection, Stopped, 
Error, 30.05.2015 10:04:24, SYSTEM, BENE-PC, Protection, IsLicensed, 13, 
Protection, 30.05.2015 10:04:25, SYSTEM, BENE-PC, Protection, Malware Protection, Stopping, 
Protection, 30.05.2015 10:04:25, SYSTEM, BENE-PC, Protection, Malware Protection, Stopped, 
Error, 30.05.2015 10:20:42, SYSTEM, BENE-PC, Protection, IsLicensed, 13, 
Protection, 30.05.2015 10:20:42, SYSTEM, BENE-PC, Protection, Malware Protection, Stopping, 
Protection, 30.05.2015 10:20:42, SYSTEM, BENE-PC, Protection, Malware Protection, Stopped, 
Protection, 30.05.2015 10:23:56, SYSTEM, BENE-PC, Protection, Malware Protection, Starting, 
Protection, 30.05.2015 10:23:56, SYSTEM, BENE-PC, Protection, Malware Protection, Started, 
Protection, 30.05.2015 10:23:56, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Starting, 
Protection, 30.05.2015 10:23:56, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Started, 
Update, 30.05.2015 10:24:09, SYSTEM, BENE-PC, Manual, Rootkit Database, 2015.2.25.1, 2015.5.24.1, 
Update, 30.05.2015 10:24:09, SYSTEM, BENE-PC, Manual, Remediation Database, 2015.3.9.1, 2015.5.13.1, 
Update, 30.05.2015 10:24:19, SYSTEM, BENE-PC, Manual, Malware Database, 2015.3.9.5, 2015.5.29.7, 
Protection, 30.05.2015 10:24:19, SYSTEM, BENE-PC, Protection, Refresh, Starting, 
Protection, 30.05.2015 10:24:19, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 30.05.2015 10:24:19, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 30.05.2015 10:24:25, SYSTEM, BENE-PC, Protection, Refresh, Success, 
Protection, 30.05.2015 10:24:25, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Starting, 
Protection, 30.05.2015 10:24:25, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Started, 
Scan, 30.05.2015 11:16:37, SYSTEM, BENE-PC, Manual, Start: 30.05.2015 10:24:37, Dauer: 51 Minuten 59 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "0" nicht-Malwareerkennung, 
Update, 30.05.2015 11:37:53, SYSTEM, BENE-PC, Scheduler, Malware Database, 2015.5.29.7, 2015.5.30.1, 
Protection, 30.05.2015 11:37:53, SYSTEM, BENE-PC, Protection, Refresh, Starting, 
Protection, 30.05.2015 11:37:53, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Stopping, 
Protection, 30.05.2015 11:37:53, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Stopped, 
Protection, 30.05.2015 11:38:01, SYSTEM, BENE-PC, Protection, Refresh, Success, 
Protection, 30.05.2015 11:38:01, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Starting, 
Protection, 30.05.2015 11:38:01, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Started, 
Protection, 30.05.2015 12:49:07, SYSTEM, BENE-PC, Protection, Malware Protection, Starting, 
Protection, 30.05.2015 12:49:07, SYSTEM, BENE-PC, Protection, Malware Protection, Started, 
Protection, 30.05.2015 12:49:07, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Starting, 
Protection, 30.05.2015 12:49:33, SYSTEM, BENE-PC, Protection, Malicious Website Protection, Started, 

(end)
         
AdwCleaner Logfile:
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v4.205 - Bericht erstellt 30/05/2015 um 12:57:03
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Bene - BENE-PC
# Gestarted von : C:\Users\Bene\Desktop\j\AdwCleaner_4.205.exe
# Option : Lˆschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelˆscht : C:\Program Files (x86)\foxydeal
Ordner Gelˆscht : C:\Users\Bene\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FLV Player
Datei Gelˆscht : C:\Users\Bene\AppData\Roaming\MSWINSCK.OCX

***** [ Geplante Tasks ] *****


***** [ Verkn¸pfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schl¸ssel Gelˆscht : HKCU\Software\OCS
Schl¸ssel Gelˆscht : HKCU\Software\foxydeal
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\foxydeal
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Daten Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 de)


-\\ Opera v29.0.1795.60

# AdwCleaner v4.205 - Bericht erstellt 30/05/2015 um 13:07:53
# Aktualisiert 21/05/2015 von Xplode
# Datenbank : 2015-05-25.3 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Bene - BENE-PC
# Gestarted von : D:\Downloads\AdwCleaner_4.205.exe
# Option : Lˆschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Geplante Tasks ] *****


***** [ Verkn¸pfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schl¸ssel Gelˆscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schl¸ssel Gelˆscht : HKCU\Software\OCS
Schl¸ssel Gelˆscht : HKCU\Software\foxydeal
Schl¸ssel Gelˆscht : HKCU\Software\AppDataLow\foxydeal
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F754C503375A13344B22388E18DFE87E
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4340C4778499EED41AE496DC3D613EC6
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
Schl¸ssel Gelˆscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
Daten Gelˆscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Internetbrowser ] *****

-\\ Internet Explorer v11.0.9600.17801


-\\ Mozilla Firefox v38.0.1 (x86 de)


-\\ Opera v29.0.1795.60


*************************

AdwCleaner[R0].txt - [1861 Bytes] - [06/08/2014 12:21:29]
AdwCleaner[R1].txt - [21457 Bytes] - [30/05/2015 12:52:15]
AdwCleaner[S0].txt - [1876 Bytes] - [06/08/2014 12:26:12]
AdwCleaner[S1].txt - [20328 Bytes] - [30/05/2015 12:57:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [20388  Bytes] ##########
         
[/CODE]
--- --- ---
--- --- ---


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.8.4 (05.29.2015:1)
OS: Windows 7 Ultimate x64
Ran by Bene on 30.05.2015 at 13:11:11,26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Bene\appdata\local\{36ECF4C7-FAAB-4E79-95B0-E2100E0CCA52}
Successfully deleted: [Folder] C:\Users\Bene\appdata\local\crashrpt



~~~ FireFox

Emptied folder: C:\Users\Bene\AppData\Roaming\mozilla\firefox\profiles\6l2jv7sk.default-1431878520975\minidumps [1 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 30.05.2015 at 13:13:21,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Bene (administrator) on BENE-PC on 30-05-2015 13:15:19
Running from C:\Users\Bene\Desktop\Neuer Ordner (2)
Loaded Profiles: Bene (Available Profiles: Bene & Administrator)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Piriform Ltd) C:\Program Files (x86)\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8306208 2009-10-21] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2007-03-20] ()
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-09-25] (NEC Electronics Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ATICustomerCare] => C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [307200 2009-06-14] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\Run: [CCleaner Monitoring] => C:\Program Files (x86)\CCleaner\CCleaner64.exe [8204056 2015-04-23] (Piriform Ltd)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001 -> {09FC4750-61E6-4F45-9B4F-75C3678F7BB0} URL = hxxp://dict.leo.org/ende?lp=ende&lang=de&searchLoc=0&cmpType=relaxed&sectHdr=on&spellToler=on&chinese=both&pinyin=diacritic&search={searchTerms}&relink=on
SearchScopes: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001 -> {E0C19C7C-D92A-403D-BE2B-E4A22BBF8E3B} URL = hxxp://rover.ebay.com/rover/1/707-37276-23097-0/4?satitle={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: SMART Notebook Download Utility -> {67BCF957-85FC-4036-8DC4-D4D80E00A77B} -> C:\Program Files (x86)\SMART Technologies\Education Software\NotebookPlugin.dll [2013-08-22] (SMART Technologies ULC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-24] (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-24] (Oracle Corporation)
DPF: HKLM-x32 {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} hxxp://download.gigabyte.com.tw/object/Dldrv.ocx
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Bene\AppData\Roaming\Mozilla\Firefox\Profiles\6l2jv7sk.default-1431878520975
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-16] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-16] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/MycameraPlugin -> C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll [2008-10-15] (CANON INC.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-24] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation)
FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @veetle.com/vbp;version=0.9.17 -> C:\Program Files (x86)\Veetle\VLCBroadcast\npvbp.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2058888408-2479665750-2358759828-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Bene\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-12-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-12-28] (Apple Inc.)
FF Extension: Adblock Plus - C:\Users\Bene\AppData\Roaming\Mozilla\Firefox\Profiles\6l2jv7sk.default-1431878520975\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-05-17]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0034-ABCDEFFEDCBA} [2015-05-18]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2015-05-18]
FF HKLM-x32\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files (x86)\AVG\AVG2012\Firefox4
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG\AVG2012\Firefox\DoNotTrack
FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - No Path Or update_url value

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [5814392 2012-11-06] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [196664 2012-10-22] (AVG Technologies CZ, s.r.o.)
S2 JMB36X; C:\Windows\SysWOW64\XSrvSetup.exe [65536 2009-08-06] () [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
S2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 SMARTHelperService; C:\Program Files (x86)\SMART Technologies\Education Software\SMARTHelperService.exe [539952 2013-10-18] (SMART Technologies)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S2 WDDMService; C:\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [288256 2010-09-08] (WDC) [File not signed]
S2 WDFME; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDFME\WDFME.exe [1034752 2010-09-08] () [File not signed]
S2 WDSC; C:\Program Files (x86)\Western Digital\WD Smartware\Front Parlor\WDSC.exe [485376 2010-09-08] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2010-12-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-12] (Disc Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2010-12-04] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-05-30] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
R3 SMARTMouseFilterx64; C:\Windows\System32\DRIVERS\SMARTMouseFilterx64.sys [10240 2013-10-18] (SMART Technologies)
R3 SMARTVHidMiniVistaAmd64; C:\Windows\System32\DRIVERS\SMARTVHidMiniVistaAmd64.sys [9216 2013-10-18] (SMART Technologies)
S3 SMARTVTabletPCx64; C:\Windows\System32\DRIVERS\SMARTVTabletPCx64.sys [22184 2013-10-18] (SMART Technologies ULC)
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [564824 2013-04-17] (Duplex Secure Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 13:13 - 2015-05-30 13:14 - 00000915 _____ () C:\Users\Bene\Desktop\JRT.txt
2015-05-30 13:11 - 2015-05-30 13:11 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-BENE-PC-Windows-7-Ultimate-(64-bit).dat
2015-05-30 13:11 - 2015-05-30 13:11 - 00000000 ____D () C:\RegBackup
2015-05-30 13:10 - 2015-05-30 13:10 - 00020973 _____ () C:\Users\Bene\Desktop\AdwCleaner[S1].txt
2015-05-30 12:51 - 2015-05-30 12:51 - 00003958 _____ () C:\Users\Bene\Desktop\mbam.txt
2015-05-30 10:21 - 2015-05-30 10:21 - 00000000 ____D () C:\Users\Bene\Desktop\j
2015-05-29 20:17 - 2015-05-29 20:17 - 00000000 ____D () C:\Users\Bene\Desktop\Bloodline.S01E08.WEBRip.x264-2HD
2015-05-29 15:54 - 2015-05-30 10:07 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2015-05-29 15:51 - 2015-05-29 15:51 - 00000000 ____D () C:\ProgramData\QuickTime
2015-05-29 09:23 - 2015-05-29 09:23 - 00022802 _____ () C:\ComboFix.txt
2015-05-29 09:16 - 2015-05-29 09:16 - 00000546 _____ () C:\Windows\PFRO.log
2015-05-29 08:59 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-29 08:59 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-29 08:59 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-29 08:59 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-29 08:59 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-29 08:59 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-29 08:59 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-29 08:59 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-29 08:58 - 2015-05-29 09:23 - 00000000 ____D () C:\Qoobox
2015-05-29 08:57 - 2015-05-29 09:22 - 00000000 ____D () C:\Windows\erdnt
2015-05-28 13:57 - 2015-05-28 13:58 - 04898240 _____ () C:\Windows\system32\FNTCACHE.DAT
2015-05-28 13:56 - 2015-05-28 13:56 - 00003272 ____N () C:\bootsqm.dat
2015-05-28 13:50 - 2015-05-28 13:50 - 00000000 ____D () C:\found.000
2015-05-28 09:20 - 2015-05-30 13:09 - 00001400 _____ () C:\Windows\setupact.log
2015-05-28 09:20 - 2015-05-28 09:20 - 00000000 _____ () C:\Windows\setuperr.log
2015-05-28 08:58 - 2015-05-28 08:58 - 00082408 _____ () C:\Users\Bene\AppData\Local\GDIPFONTCACHEV1.DAT
2015-05-27 20:00 - 2015-05-27 20:00 - 00000000 __SHD () C:\Users\Bene\AppData\Local\EmieUserList
2015-05-27 20:00 - 2015-05-27 20:00 - 00000000 __SHD () C:\Users\Bene\AppData\Local\EmieSiteList
2015-05-27 20:00 - 2015-05-27 20:00 - 00000000 __SHD () C:\Users\Bene\AppData\Local\EmieBrowserModeList
2015-05-26 23:06 - 2015-05-27 19:11 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-05-26 21:54 - 2015-05-26 21:54 - 00001268 _____ () C:\Users\Bene\Desktop\Revo Uninstaller.lnk
2015-05-26 21:54 - 2015-05-26 21:54 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2015-05-25 09:17 - 2015-05-30 12:00 - 00000892 _____ () C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2015-05-25 09:17 - 2015-05-25 09:17 - 00003882 _____ () C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2015-05-25 09:14 - 2015-05-25 09:27 - 00003850 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1432538089
2015-05-25 09:14 - 2015-05-25 09:14 - 00001133 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 29.lnk
2015-05-25 09:14 - 2015-05-25 09:14 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\Opera Software
2015-05-25 09:14 - 2015-05-25 09:14 - 00000000 ____D () C:\Users\Bene\AppData\Local\Opera Software
2015-05-24 17:40 - 2015-05-30 13:15 - 00000000 ____D () C:\Users\Bene\Desktop\Neuer Ordner (2)
2015-05-23 09:35 - 2015-05-23 09:35 - 00000995 _____ () C:\Users\Administrator\Desktop\SopCast.lnk
2015-05-20 20:07 - 2015-05-21 15:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2015-05-19 20:34 - 2015-05-19 20:34 - 00000000 ____D () C:\7368bc0b271974332c0a6287
2015-05-18 17:01 - 2015-05-18 17:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-05-12 20:33 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:33 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-12 20:32 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-12 20:32 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-12 20:32 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-12 20:32 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-12 20:32 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-12 20:32 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-12 20:32 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-12 20:32 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-12 20:32 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-12 20:32 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-12 20:32 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-12 20:32 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-12 20:32 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-12 20:32 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-12 20:32 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-12 20:32 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-12 20:32 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-12 20:32 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-12 20:32 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-12 20:32 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-12 20:32 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-12 20:32 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-12 20:32 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-12 20:32 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-12 20:32 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-12 20:32 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-12 20:32 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-12 20:32 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-12 20:32 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-12 20:32 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-12 20:32 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-12 20:32 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-12 20:32 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-12 20:32 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-12 20:32 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-12 20:32 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-12 20:32 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-12 20:32 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-12 20:32 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-12 20:32 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-12 20:32 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-12 20:32 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-12 20:32 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-12 20:32 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-12 20:32 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-12 20:32 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-12 20:32 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-12 20:32 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-12 20:32 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-12 20:32 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-12 20:32 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-12 20:32 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-12 20:32 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-12 20:32 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-12 20:32 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-12 20:32 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-12 20:32 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-12 20:32 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-12 20:32 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-12 20:32 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-12 20:32 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-12 20:32 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-12 20:32 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-12 20:32 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-12 20:32 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-12 20:31 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-12 20:31 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-12 20:31 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-12 20:31 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-12 20:31 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-12 20:31 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-12 20:31 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-12 20:31 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-12 20:31 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-12 20:31 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-12 20:31 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-12 20:31 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-12 20:31 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-12 20:31 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-12 20:31 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-12 20:31 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-12 20:31 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-12 20:31 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-12 20:31 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-12 20:31 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-12 20:31 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-12 20:31 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-12 20:31 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-12 20:31 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-12 20:31 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-12 20:31 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-12 20:31 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-12 20:31 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-12 20:31 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-12 20:31 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-12 20:30 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-12 20:30 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-12 20:30 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-12 20:30 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-12 20:30 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-12 20:30 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-12 20:30 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-12 20:30 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-12 20:30 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-12 20:30 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-12 20:30 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-12 20:30 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-12 20:30 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-12 20:30 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-30 13:15 - 2015-02-28 12:53 - 00000000 ___DC () C:\FRST
2015-05-30 13:12 - 2010-04-15 21:01 - 01701437 _____ () C:\Windows\WindowsUpdate.log
2015-05-30 13:11 - 2009-07-14 06:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-30 13:11 - 2009-07-14 06:45 - 00017168 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-30 13:09 - 2015-02-28 13:32 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-30 13:09 - 2010-04-21 17:31 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 13:09 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-30 13:07 - 2014-08-06 12:21 - 00000000 ____D () C:\AdwCleaner
2015-05-30 12:56 - 2010-04-21 17:31 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 12:40 - 2012-07-25 17:06 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-30 10:26 - 2009-07-14 19:58 - 28875626 _____ () C:\Windows\system32\perfh007.dat
2015-05-30 10:26 - 2009-07-14 19:58 - 09068562 _____ () C:\Windows\system32\perfc007.dat
2015-05-30 10:26 - 2009-07-14 07:13 - 00006308 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-30 10:23 - 2015-02-28 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-05-30 10:23 - 2015-02-28 13:32 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-05-30 10:22 - 2012-01-07 18:27 - 00001134 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001UA.job
2015-05-30 10:22 - 2012-01-07 18:27 - 00001112 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001Core.job
2015-05-30 10:20 - 2010-04-15 21:12 - 00000000 ____D () C:\Users\Bene
2015-05-29 20:04 - 2010-04-15 22:27 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\uTorrent
2015-05-29 19:58 - 2011-11-12 15:33 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\vlc
2015-05-29 15:31 - 2010-04-15 22:19 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\DAEMON Tools Lite
2015-05-29 09:23 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2015-05-29 09:17 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2015-05-29 09:16 - 2009-07-14 04:34 - 78643200 _____ () C:\Windows\system32\config\software.bak
2015-05-29 09:16 - 2009-07-14 04:34 - 27525120 _____ () C:\Windows\system32\config\system.bak
2015-05-29 09:16 - 2009-07-14 04:34 - 00786432 _____ () C:\Windows\system32\config\default.bak
2015-05-29 09:16 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2015-05-29 09:16 - 2009-07-14 04:34 - 00061440 _____ () C:\Windows\system32\config\sam.bak
2015-05-29 09:15 - 2009-07-14 04:34 - 39583744 _____ () C:\Windows\system32\config\components.bak
2015-05-27 20:01 - 2013-03-20 22:32 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2015-05-27 20:01 - 2010-12-01 18:39 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2015-05-27 19:56 - 2013-12-19 13:49 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\JAM Software
2015-05-27 19:54 - 2012-05-30 15:10 - 00000000 ____D () C:\Users\Bene\AppData\Roaming\streamripper
2015-05-27 19:53 - 2010-07-28 10:25 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2015-05-27 19:48 - 2011-11-16 20:24 - 00000000 ____D () C:\Program Files (x86)\IDM
2015-05-27 19:48 - 2010-04-15 21:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-05-27 19:45 - 2010-11-29 17:39 - 00000000 ____D () C:\Program Files (x86)\Diesterweg
2015-05-27 19:44 - 2012-09-04 09:30 - 00000000 ____D () C:\Program Files (x86)\Klett
2015-05-27 19:44 - 2010-11-29 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lehrer-Software
2015-05-27 19:36 - 2013-09-26 19:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2015-05-27 17:09 - 2010-02-25 22:41 - 00000000 ____D () C:\Users\Bene\Documents\Verschiedenes
2015-05-25 16:15 - 2010-05-18 13:09 - 00000432 _____ () C:\Windows\BRWMARK.INI
2015-05-25 12:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2015-05-25 09:27 - 2010-04-15 21:44 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-25 09:20 - 2012-07-25 17:06 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-25 09:17 - 2012-07-25 17:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-25 09:17 - 2011-05-25 07:21 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-25 09:16 - 2010-04-17 13:45 - 00000000 ____D () C:\Users\Bene\AppData\Local\Adobe
2015-05-24 09:41 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-23 10:11 - 2012-04-30 10:11 - 00000000 ____D () C:\Users\Bene\Documents\Körperstolz
2015-05-23 10:08 - 2010-04-15 21:42 - 00000000 ____D () C:\Program Files (x86)\CCleaner
2015-05-21 18:18 - 2012-05-03 21:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-05-20 08:16 - 2015-04-05 21:28 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-05-20 08:16 - 2015-04-05 21:28 - 00000000 ___SD () C:\Windows\system32\GWX
2015-05-19 19:41 - 2012-09-16 14:26 - 00000000 ____D () C:\ProgramData\LAT 2.0 Deutsch
2015-05-17 09:51 - 2010-04-21 17:31 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 09:51 - 2010-04-21 17:31 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-16 17:40 - 2014-10-19 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-05-16 16:15 - 2013-01-02 20:29 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-12 21:47 - 2009-07-14 20:18 - 00000000 ____D () C:\Program Files\Windows Journal
2015-05-12 21:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers
2015-05-12 20:44 - 2011-01-25 21:06 - 00001912 _____ () C:\Windows\epplauncher.mif
2015-05-12 20:44 - 2010-04-15 22:16 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-05-12 20:43 - 2011-01-25 21:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2015-05-12 20:43 - 2011-01-25 21:05 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2015-05-12 20:42 - 2013-07-23 09:36 - 00000000 ____D () C:\Windows\system32\MRT
2015-05-12 20:36 - 2010-04-17 09:08 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-12 15:12 - 2012-05-20 00:46 - 00000000 ____D () C:\Users\Bene\Documents\Deutsche Kreditbank DKB

==================== Files in the root of some directories =======

2010-03-25 18:42 - 2010-03-25 18:42 - 0388096 _____ (Trend Micro Inc.) C:\Program Files (x86)\HiJackThis.exe
2011-12-17 13:34 - 2011-12-17 13:34 - 0000288 _____ () C:\Users\Bene\AppData\Roaming\.backup.dm
2013-08-10 13:14 - 2013-08-10 13:14 - 0000132 _____ () C:\Users\Bene\AppData\Roaming\Adobe BMP Format CS5 Prefs
2011-09-24 22:29 - 2011-09-24 22:29 - 0001456 _____ () C:\Users\Bene\AppData\Local\Adobe Save for Web 12.0 Prefs
2011-06-28 20:27 - 2012-06-30 20:36 - 0019968 _____ () C:\Users\Bene\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-01-03 12:13 - 2011-08-06 13:46 - 0007631 _____ () C:\Users\Bene\AppData\Local\Resmon.ResmonCfg
2010-04-17 11:47 - 2010-04-17 11:47 - 0000056 ____H () C:\ProgramData\ezsidmv.dat

Some files in TEMP:
====================
C:\Users\Bene\AppData\Local\Temp\Quarantine.exe
C:\Users\Bene\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-25 11:41

==================== End of log ============================
         

Alt 30.05.2015, 12:30   #9
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-05-2015
Ran by Bene at 2015-05-30 13:16:19
Running from C:\Users\Bene\Desktop\Neuer Ordner (2)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2058888408-2479665750-2358759828-500 - Administrator - Enabled) => C:\Users\Administrator
Bene (S-1-5-21-2058888408-2479665750-2358759828-1001 - Administrator - Enabled) => C:\Users\Bene
Gast (S-1-5-21-2058888408-2479665750-2358759828-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2058888408-2479665750-2358759828-1014 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1 - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.7.148 - Adobe Systems, Inc.)
Allway Sync version 10.5.8 (HKLM-x32\...\Allway Sync_is1) (Version:  - Botkind Inc)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.10.0.40918 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{857A474F-2485-BC1B-168C-BD396012C30E}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
ATI Catalyst Registration (x32 Version: 2.01.0000 - ATI Technologies Inc.) Hidden
AVG 2012 (Version: 12.0.1913 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2178 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2180 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2193 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2195 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2197 - AVG Technologies) Hidden
AVG 2012 (Version: 12.0.2221 - AVG Technologies) Hidden
AVG 2013 (HKLM\...\AVG) (Version: 2013.0.2805 - AVG Technologies)
AVG 2013 (Version: 13.0.2742 - AVG Technologies) Hidden
AVG 2013 (Version: 13.0.2793 - AVG Technologies) Hidden
calibre (HKLM-x32\...\{62B6B7C3-E75B-49E6-A351-6CDD99C39A61}) (Version: 0.9.19 - Kovid Goyal)
CANON iMAGE GATEWAY MyCamera Download Plugin (HKLM-x32\...\MyCamera Download Plugin) (Version: 3.1.1.2 - Canon Inc.)
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\CANON iMAGE GATEWAY Task) (Version: 1.9.0.9 - Canon Inc.)
Canon MOV Decoder (HKLM-x32\...\Canon MOV Decoder) (Version: 1.8.0.7 - Canon Inc.)
Canon MOV Encoder (HKLM-x32\...\Canon MOV Encoder) (Version: 1.6.0.1 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (HKLM-x32\...\MovieEditTask) (Version: 3.7.0.4 - Canon Inc.)
Canon Utilities Digital Photo Professional 3.10 (HKLM-x32\...\DPP) (Version: 3.10.2.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.10.2.0 - Canon Inc.)
Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX (HKLM-x32\...\EOS Video Snapshot Task) (Version: 1.0.0.10 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.22.46 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.9.0.0 - Canon Inc.)
Canon Utilities ZoomBrowser EX (HKLM-x32\...\ZoomBrowser EX) (Version: 6.7.0.24 - Canon Inc.)
Canon ZoomBrowser EX Memory Card Utility (HKLM-x32\...\ZoomBrowser EX Memory Card Utility) (Version: 1.5.0.9 - Canon Inc.)
ccc-core-static (x32 Version: 2010.0202.2335.42270 - Ihr Firmenname) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.05 - Piriform)
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Gigabyte Raid Cinfigurer (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0001 - GIGABYTE Technologies, Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKLM-x32\...\{D1D4D7EA-62B8-4665-9FF7-02A91B925CC9}) (Version: 1.0.18.74 - Google)
GooReader (HKLM-x32\...\{FF357FB1-41AA-4C8A-BAC3-0B309E9798D2}) (Version: 2.0 - GooReader)
HydraVision (x32 Version: 4.2.114.0 - ATI Technologies Inc.) Hidden
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM-x32\...\{95140000-00AF-0407-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyScript HWR (German) (HKLM-x32\...\{415CD877-0970-4CB6-B178-1E72F7DC60E7}) (Version: 4.4.5.1 - SMART Technologies ULC)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.14.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.14.0 - NEC Electronics Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{5DB65884-C963-4454-AABA-4CA3089281FA}) (Version: 9.09.0720 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera 12.15 (HKLM-x32\...\Opera 12.15.1748) (Version: 12.15.1748 - Opera Software ASA)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
PDFZilla V1.2.11 (HKLM-x32\...\PDFZilla_is1) (Version:  - PDFZilla, Inc.)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver For Windows Vista and Later (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0009 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.5897 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5964 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
SMART Common Files (HKLM-x32\...\{BBA07B40-F7C6-44F7-BF08-767F8835685F}) (Version: 11.4.194.0 - SMART Technologies ULC)
SMART German Language Pack (HKLM-x32\...\{603E8F13-20D9-4367-81F2-CF6E22D05DA9}) (Version: 11.3.29.0 - SMART Technologies ULC)
SMART Ink (HKLM-x32\...\{5ABC49B5-D0DC-428D-A082-4AEFF6490F04}) (Version: 2.0.723.0 - SMART Technologies ULC)
SMART Notebook (HKLM-x32\...\{E57F6C8B-E159-477E-93BF-764759747BC4}) (Version: 11.3.857.0 - SMART Technologies ULC)
SMART Product Update (HKLM-x32\...\{8D4B716A-0ABE-4238-9090-D208E5F57A5E}) (Version: 5.0.108.0 - SMART Technologies ULC)
SMART Produkttreiber (HKLM-x32\...\{589B09F5-0768-4BE9-B8C0-DD253E6B3643}) (Version: 11.3.550.0 - SMART Technologies ULC)
Spotify (HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\Spotify) (Version: 1.0.3.101.gbfa97dfe - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
The Lord of the Rings FREE Trial  (x32 Version: 1.00.0000 - ATI Technologies Inc.) Hidden
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
WD SmartWare (HKLM\...\{6F482C75-174D-42EB-A2CF-B00A1F354F7B}) (Version: 1.4.1.1 - Western Digital)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (03/06/2009 1.0.0008.0) (HKLM\...\422991454CB076E9B856C21BBF99AF2B82317EDA) (Version: 03/06/2009 1.0.0008.0 - Western Digital Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

27-05-2015 19:54:23 Revo Uninstaller's restore point - Tesseract-OCR - open source OCR engine
27-05-2015 19:55:11 Revo Uninstaller's restore point - Visual Studio 2008 x64 Redistributables
27-05-2015 19:55:44 Revo Uninstaller's restore point - SpeedFan (remove only)
27-05-2015 19:56:27 Revo Uninstaller's restore point - TreeSize Free V3.3.2
27-05-2015 19:57:11 Revo Uninstaller's restore point - TVUPlayer 2.5.3.1
27-05-2015 19:58:01 Revo Uninstaller's restore point - Veetle TV
27-05-2015 19:58:45 Revo Uninstaller's restore point - Winamp
27-05-2015 19:59:57 Revo Uninstaller's restore point - WinPcap 4.1.1
27-05-2015 20:00:33 Revo Uninstaller's restore point - WinX Free AVI to MP4 Converter 4.0.6
27-05-2015 20:01:28 Revo Uninstaller's restore point - Free YouTube Download 2.9
27-05-2015 20:02:26 Revo Uninstaller's restore point - ConvertHelper 2.2
29-05-2015 08:59:28 ComboFix created restore point
29-05-2015 15:44:53 Revo Uninstaller's restore point - The Rosetta Stone
29-05-2015 15:54:43 Installed Rosetta Stone Version 3
30-05-2015 10:05:26 Revo Uninstaller's restore point - Rosetta Stone Version 3
30-05-2015 10:06:24 Removed Rosetta Stone Version 3

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2015-05-29 09:17 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01FB23D4-0705-4D28-BEC8-4C0FC0FDFEEB} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2058888408-2479665750-2358759828-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {113A608B-2F17-4125-9B88-991F7DED31F2} - System32\Tasks\{8B1D292D-2914-4AA3-BCBC-9FE908B6FA97} => pcalua.exe -a "C:\Program Files (x86)\StreamTorrent 1.0\uninstall.exe"
Task: {13A015D2-E736-47CF-98C2-29E3B290DBA2} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {29BB99AA-BFDF-4F7F-B675-A1E89142B939} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {39AE87D7-3AE6-4311-89CA-85E8CDAF1831} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001Core => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {46ED0861-2531-458B-8BE3-F19272A99F94} - System32\Tasks\{62C40AA6-4406-467a-A5A5-DFDF1B559B7A} => C:\Windows\Szucia.exe
Task: {517E3F93-F287-4CFA-B353-75843DBF4365} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2015-04-23] (Piriform Ltd)
Task: {5951FCD3-A3A7-40ED-A42F-25256B80229D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5D1CAB1C-92A4-4A7E-9F61-9D7A583CE8DE} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-03-10] (Microsoft Corporation)
Task: {60F5DBFC-77F6-4A86-A579-86FAFF72FEB9} - System32\Tasks\Bene NBAgent 15 0 => C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBAgent.exe
Task: {6AF0D6C0-DEDB-40C3-B2A4-790D8227F473} - System32\Tasks\{A09F4D61-F3DA-4CAE-9D42-1A230292C43C} => pcalua.exe -a C:\Users\Bene\Desktop\template_italien.exe -d C:\Users\Bene\Desktop
Task: {8BD55A68-0FF4-4417-8ACF-A0B6B81C65BA} - System32\Tasks\{B7E44C94-1876-437B-8A2E-E746911C8E79} => pcalua.exe -a D:\Downloads\irfanview_plugins_430_setup.exe -d D:\Downloads
Task: {99C9EB3C-D579-4ACA-9F3B-0AC31A7B411D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001UA => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-25] (Facebook Inc.)
Task: {9A06DA48-887A-4EA4-9939-DE2421B9F645} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe [2015-05-25] (Adobe Systems Incorporated)
Task: {A4DEBC80-80B3-4C62-8C3F-F5EDB03A4F7A} - System32\Tasks\Opera scheduled Autoupdate 1432538089 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {B2813C45-2182-438B-8847-21F07446211D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {B55F1077-438F-47DB-A40F-C21738F2869D} - System32\Tasks\{FF9EE5E2-1D95-4F78-9EC0-2DFECC036871} => pcalua.exe -a F:\setup.exe -d F:\
Task: {C0FF2D93-882C-4367-AD2D-16D741A30142} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {CD0E08A7-1647-4472-8F08-6F3D33AE7C78} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2058888408-2479665750-2358759828-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {DA3545A3-021B-4E04-9C48-B38C72F60F2E} - System32\Tasks\{0A436A0A-962C-461C-8033-6CF892A2762D} => Firefox.exe hxxp://ui.skype.com/ui/0/6.11.0.102/de/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {F5E9D5F9-50C0-44C5-9B12-8284F8CF8D7B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_17_0_0_188_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001Core.job => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2058888408-2479665750-2358759828-1001UA.job => C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (Whitelisted) ==============

2015-04-08 21:53 - 2015-04-08 21:53 - 00057344 _____ () C:\Program Files (x86)\CCleaner\lang\lang-1031.dll
2011-05-22 12:14 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5773 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2058888408-2479665750-2358759828-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Bene\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk => C:\Windows\pss\Secunia PSI Tray.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WDDMStatus.lnk => C:\Windows\pss\WDDMStatus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Bene^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Bene^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EvernoteClipper.lnk => C:\Windows\pss\EvernoteClipper.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS4ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Bene\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: Facebook Update => "C:\Users\Bene\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: lollipop => "c:\users\bene\appdata\local\lollipop\lollipop.exe" lollipop
MSCONFIG\startupreg: PC Speed Maximizer => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: sbsdk-server => "C:\Program Files (x86)\SMART Technologies\Education Software\sbsdk-server\NodeLauncher.exe"
MSCONFIG\startupreg: SMART Board Service => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardService.exe" -d
MSCONFIG\startupreg: SMART Board Tools => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTBoardTools.exe"
MSCONFIG\startupreg: SMART Floating Tools => "C:\Program Files (x86)\SMART Technologies\Education Software\FloatingTools.exe"
MSCONFIG\startupreg: SMART Ink => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTInk.exe" -a
MSCONFIG\startupreg: SMART SNMP Agent => C:\Program Files (x86)\SMART Technologies\SMART Product Drivers\SMARTSNMPAgent.exe -e
MSCONFIG\startupreg: SMART Tray Tools => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTTrayIcon.exe"
MSCONFIG\startupreg: SMARTNotification => "C:\Program Files (x86)\SMART Technologies\Education Software\SMARTNotification.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Bene\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Bene\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SweetIM => C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe" -osboot
MSCONFIG\startupreg: VDownloader => "C:\Program Files\VDownloader\VDownloader.exe" /silent

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{D843B4D3-5F51-4723-A7C7-E5E2E994191E}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [UDP Query User{01D36DD1-840C-4670-9D93-14408D1CC43C}C:\program files (x86)\opera\opera.exe] => (Allow) C:\program files (x86)\opera\opera.exe
FirewallRules: [{2FEFC434-44D6-48BA-B664-A4459CC4D6CC}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{29A76C6C-F87D-4498-8707-C4780CF004A7}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{1BE2B5C4-B2C3-4C52-A81C-A8AF13244F35}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [UDP Query User{14EA8528-3238-4C41-8C52-2284D5F98A5D}C:\program files (x86)\warcraft iii\war3.exe] => (Allow) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{2D64331F-6D0F-4841-8584-E081E9E8D5AF}] => (Block) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{63A31D00-D2F6-4B94-80DD-99B57FC208CB}] => (Block) C:\program files (x86)\warcraft iii\war3.exe
FirewallRules: [{8C029300-CE15-4036-8EE6-81E0AF9975E4}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{3817DCE6-EC3D-4AA6-B717-2769E87AF47D}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{EC4725F9-CDEE-43E8-8CAB-573E08DEBE0A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{9C366134-E842-4D7F-8C98-745915390798}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{C27C9CD9-B086-470A-8BCA-6D4BCAAA0066}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{51E6E2A5-3E21-4F93-9828-152E2EA4F36C}] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{556628F7-71F9-4339-B0C3-6D73591869B1}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{3E5EDDF5-4EAA-41D6-8412-A73C48B130C2}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{6C5A3C64-1033-4362-9985-97CD370F748F}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{6B452E67-C11A-4D06-A818-C0411A01C48B}] => (Block) C:\program files (x86)\internet explorer\iexplore.exe
FirewallRules: [{743DE810-FC17-43FF-9069-1A1E4BA33C57}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{3E4CC361-3137-41AE-86CF-17677E3B8DAA}] => (Allow) LPort=2869
FirewallRules: [{A3A2434C-B3E7-4AA3-A4A7-7FE5216EAD7F}] => (Allow) LPort=1900
FirewallRules: [{3CBA40EF-BAB9-4F9A-8740-7A0A1153279C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [TCP Query User{F85D8056-0EA6-4C5E-B4EB-9DC5E4887EBF}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{F501DBDC-1876-4447-8B1F-E9058EF39C0E}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [TCP Query User{91B23A24-FB2C-4C3D-A435-E0AE5F6458B3}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [UDP Query User{41343117-962E-41DE-B993-08EA151B4049}C:\program files (x86)\real\realplayer\realplay.exe] => (Allow) C:\program files (x86)\real\realplayer\realplay.exe
FirewallRules: [TCP Query User{1FA3BEF2-3619-4728-B624-E650CBFABF54}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{6C1647F5-3662-4A5D-99D9-1D2DEFCE15A0}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{33E0AEF5-A4E9-40BD-910F-56310A869485}] => (Allow) E:\AliceSetup.exe
FirewallRules: [{FBA11FAE-AF1E-4240-BB7B-1D4A6D306721}] => (Allow) E:\AliceSetup.exe
FirewallRules: [TCP Query User{9F9AD9E6-84C6-4910-885C-D3A0B1BF0F38}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{02194056-7F43-4526-BD6A-E57BE743211D}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{DBA582D7-776A-4D0F-893F-459703E13CF9}] => (Block) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{18BD4D54-1BF4-4EFF-A2CB-3998FCFE1BAB}] => (Block) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [{A8E28D94-D18A-4AA6-9C8A-F8D3EB30B0A0}] => (Allow) C:\Users\Bene\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{55DF8F9F-2DD3-425B-8164-F35B95BEC065}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{FB6492E0-AB67-48D8-8B10-1B92E881E96F}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{8C64E472-A5E4-4F46-9AF2-329A91340E69}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{BF486187-EC9A-4B9D-A961-0F2410B16EB4}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgmfapx.exe
FirewallRules: [{2BA211D1-6493-4872-9ED0-D0E1055EE180}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{BA1D4679-9F58-4E31-A677-CE40B6A84885}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
FirewallRules: [{99BC6303-8D41-4520-B0C4-ED8606E60375}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{51003424-229C-4664-9B5A-6237322D9BD0}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgdiagex.exe
FirewallRules: [{473D03B8-6E6D-46FD-970F-2A2B39AAC50D}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{41E8CB64-1CB8-4A3E-94B7-72A972EA8951}] => (Allow) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
FirewallRules: [{2D093579-5CF6-4371-8466-BEC1AAAB13DC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{60B106CC-60BD-43E4-9705-6C4C308B924D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{CBEB99C9-0906-40AE-AF62-370CB48C2418}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [{1BA72F6F-70E8-4BFB-ACDE-6B967A0E0CD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\dota.exe
FirewallRules: [TCP Query User{A4221A6F-EED6-429E-B36A-7D477C017D6B}C:\users\bene\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{4E83E4B9-6B0F-4B54-9F90-FB9E674A1B11}C:\users\bene\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B295299D-1FE1-4386-82DB-D00EF015177C}] => (Block) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [{C84B547A-8217-432E-88E6-65D255CDCB82}] => (Block) C:\users\bene\appdata\roaming\spotify\spotify.exe
FirewallRules: [{18840E1A-DA1E-4FA7-B12C-716A4614C787}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{1E042D43-FA70-4029-90B2-46FE9B1F1909}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{9159569B-FC06-4D88-9DC3-8D6E9532DE13}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{C4D8AC87-8A6C-459D-8415-DB23D0DFD369}] => (Allow) C:\Program Files (x86)\GoforFiles\goforfilesdl.exe
FirewallRules: [{54A947F0-795B-4234-98FE-6D196DD758DB}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{C681084F-F226-4CC7-A7A2-15BA3C189345}] => (Allow) C:\Program Files (x86)\GoforFiles\GoforFiles.exe
FirewallRules: [{AA17F77C-C65A-46EC-8FCE-404E98B2C64C}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{831331E4-8EF3-40FC-9B2B-C07DB52AAA51}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCGui.exe
FirewallRules: [{71969024-C6F0-4F62-8632-5941D4D651E6}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{D1DE3663-1907-4421-98F7-3FFCE678ED95}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\UCService.exe
FirewallRules: [{D74F1BA6-7A5B-42EA-9E91-579DE5F0A504}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{72AE8C43-3F63-474B-98CB-8DD5BB20D3EB}] => (Allow) C:\Program Files (x86)\SMART Technologies\Education Software\SMARTSNMPAgent.exe
FirewallRules: [{14822A7D-7524-4FD0-B7DA-E736757EF09A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{6362272A-DC91-47DB-98A4-220F19FE8EF1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\BackItUp.exe
FirewallRules: [{A73EA5E3-58C3-4C90-BDA9-DD2942652DAA}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\BackItUp.exe
FirewallRules: [{21FB9A72-A014-4FFD-B037-20D9B1A5909E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5C125B9C-5EEB-4E54-9FEC-E708DD126769}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{66A4650F-74CB-4EB1-B4B1-A60C18DD723D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8722310E-6001-4F48-8C74-6D22605BD8DD}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5B6D9EE0-2E47-4AD8-951F-B0FBC084998F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{162E11F7-E1A9-412B-B6FF-475F7AA75F41}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5EE5C28F-CD60-4688-9C01-962BB426A169}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{9CE6BD1F-95A1-472D-9930-ED77B8225C5E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{71C41DB2-0947-4A1A-9B66-35AF8C20154F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4A7B3664-5759-44C2-88D4-194609F64A6A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{803A2851-D1B9-4410-99E2-DC8317AAA380}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AEE15BFC-0C24-4E7D-AF6C-B92F9A878EF8}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1162FD64-0784-4C77-8223-0776089A28C4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E350985C-7F06-4905-B988-A886156F98A7}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B91D171A-B528-4510-A050-E24F3A245C4B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{25144524-EDFE-4DA1-8979-2020CF8CE843}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2DB5963A-D981-4BB3-8B97-9716B298DF70}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1B6E5399-1304-44F5-827B-57BE3B80A087}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{21AA41C3-1091-49A6-A3FE-A27ED736A76A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{93EBD48D-5862-4A6E-B080-13FD7FD8D84B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{84BEE9EC-2160-4927-BCE0-901E1D5C4475}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AC3B6AB4-5CDA-4591-B9D7-E1104C80D682}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{DF9F5BD2-C461-4C97-9757-8F4E1B5177B9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B3AFA6C0-FB2F-4559-AD13-2C63160B216E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A2C8F448-5B52-4C56-A00C-16A6ED1DF324}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3971F6FB-CE5F-40D9-9690-9AC62F49F6C9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CFB9EE1D-B9BC-4E3B-B8EB-B95AF7F4C8DB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{00965370-B8C7-432A-ACE7-39CF7D5AD4CC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ADB7FD5D-A5B0-4318-8526-FDC6497A86EF}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4CF4F8AE-E51B-41FD-A677-1AFE18573FC9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{618B9538-7D57-46C1-A755-5AB6BD7C29BF}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3D613248-91B6-4256-B0C4-9DC88A714796}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{89B3F129-D75F-4726-A6A0-BB7C9EF9A88F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{0E87771A-832E-4EA3-9159-78BCB1CCA2B6}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5A5E9EE8-2B80-4DC3-8C5A-B0329E13A1D3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{15FC5AF6-3811-42CE-9C3A-9AE3763EF22A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F21A4CC8-8BDC-438F-A242-0CD1B38B487A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E97C50CF-4580-410F-8475-CC1CF14A0A64}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{423D723C-9BAC-44DD-A28E-B4D294C471F1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D70982F5-80DA-411F-8B34-22F19EA2338A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8E7A13F3-4B02-42D0-BC96-45989F4A4F41}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{505EAC42-7424-4BF3-9112-70BCF17A94BD}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D70E861A-3872-4B23-B5BD-683A2C794685}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C36790A2-2EE2-4394-981A-4BA5A2F461EA}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8CE952FC-6E0B-471C-9467-2913669E053E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CC64DEB9-9F94-4C7A-8133-651BE39FED53}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E3CE0D92-53F2-4392-AE79-988B99C2C3E4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1F4348A6-31B5-4FD4-AC32-079A9526989C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D91A78E7-08D4-461E-B905-10501C29E3B5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{FBBD0627-5E9D-4121-A6FA-8843BB62B517}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F1FC2B33-9EDE-459F-BF4F-8D80F885426E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{6F17FAC0-4093-4835-A704-3CE2DAD24335}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A43C5DB4-42E0-41ED-BB9F-7CBF17A5B16B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{078500A1-B717-4773-B96E-3788DB42C22A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1A2654DB-1D87-4F3B-8F04-3F1C49CB4AE1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2077D459-3348-4A02-ACED-F2C936B54775}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8FDD40B6-0B28-4A18-8E18-AB8149CBF829}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ECE39D3C-4E27-49D3-9869-ADD0EB252C1C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B0CE7E59-AA63-4520-99C5-209027AC8D5F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{FFF31E17-DC3B-4A4F-B9AB-54F0EBF09EAB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4066FF01-D83F-487E-BBF2-5437925DFCA3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{61FA4CF5-FC7D-4AC1-84F8-BC87EE0319FF}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{DB15DF42-3274-44C5-BC0B-E1EA778BA307}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{335E19B5-292B-4024-8A51-6E57C56B7829}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CD52912C-ABFC-474F-92DD-0ECED37F8F4A}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A8FD1575-33E1-4820-9597-DC4FE344D34E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AEDA11C0-5AB3-4B05-81E0-60844DFBBCDB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{436F3EE7-CB26-4602-B077-349A854E7156}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2619F447-B6DF-442F-9B96-1F69B3EA7F3B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3CE3A11B-3E2F-41A2-9217-BF6FC1F901C2}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{923655CB-2DFE-4A69-883E-0E5264A47C21}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3E147A1D-931F-402E-A583-8D99720AA23F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E83C0344-B78C-47B9-AFE4-8204830A78A9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ECADE6E3-0529-4DAE-B635-6FBB05D27A9C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C7EB8302-53D8-42E2-99B8-A600C1C62377}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2075A672-FDEE-4A64-8900-F808199D5F43}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B10F1986-8F4E-4ABC-8D7B-FE7C7C875536}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{7A028AE3-7A0B-4228-86B8-AD1C2D903A17}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5E4AC8F1-F145-4FDB-9267-E9AB14A45432}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4EF2F9DC-70CA-4271-99F8-E90183B16C36}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E33C8EFD-DE24-4F51-9BDF-F84EC2B13800}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{147F18DD-893E-46AE-A963-3A07BE0A5062}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CFE79706-AE93-4EC3-A104-ED9B8F440A18}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{2DB846ED-7DA4-4AFF-8671-098D8352AF97}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{FA6F9E88-165F-41FD-B62A-C45014E8063F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{9A6CDEFD-D2CB-44EE-89FE-E84C8AD0F3AC}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4426E50C-8DC6-4F05-ACBF-250AE2FD2D01}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4BD47A97-A350-49E9-8665-AD024FA52B0D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1B781CE9-B763-498D-93A7-D68153CB45D4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{B0E1BA6E-C11B-447F-BC9A-943ACBE4371D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{82A8627C-63D5-422D-B80E-0242BE31012B}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1FA50F55-1377-4146-AEDE-F844C5B76434}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{AD02F91B-E284-4D93-B138-D0202E15F4CE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F128269C-A541-492D-81A5-BE0D5E1608D9}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{51E45F65-4276-4630-A60E-9C3830A67793}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{1E6DC3C4-74A1-4C99-8D93-DBE511F06BCE}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{D7901FD4-79DB-47CC-A4DD-A672EDD77C38}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{ED54139C-1DD4-4BAC-845D-FF15BA178E57}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5D909E09-76D7-40E0-9681-3ED2EE4BD668}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{A5C2F50C-51D4-49E5-BECD-E02E8BEDCCAA}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{4AD2D853-EFC4-4DCA-A538-17289290B1D1}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{963CC360-606A-4A84-9794-E9302FF33CF4}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{5D28F85D-2550-453C-80B2-EADBCCEE6290}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{443C10B5-C1E4-41BA-B259-C8EDB36FD088}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{7334F4C3-C112-4AE9-AF7D-80ABD06B2626}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{0F57633A-6353-4BE2-AEF0-A37D1086DDB5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E80B998E-C65D-433A-A68F-8ABD78EC1F1F}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C532F21B-D608-46F9-8177-B711AE8FAE8D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8639BDBE-12BD-43FE-B585-80C0E9741BA8}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{01DE4C5F-103A-43EF-A9E0-0F5A92746773}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{7C150231-2DCC-40E5-836D-DCAFDA579E10}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CB787287-32D7-42A0-B575-C283BC606B7D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{F6C14CA0-7E1C-4516-B7A9-EB42E6A1BD4E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{CFE70C50-F9F3-48F7-88D3-8BEDFB73E44E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{E4C9FBBA-5638-4AE6-A736-5748D8CA5DF6}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8898AED8-41D4-4351-AB17-1E302517B85D}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{0E6DA300-FC29-48EF-B200-477D2D78C30E}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{C41C51CA-B658-488A-BF13-3668F1FAF448}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8427F0FF-9607-4DAE-B67A-762372919566}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3AAEA944-77F5-48E4-9FDA-A6B11F4674A0}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{3F07A7CB-F74F-4306-B6A5-11C4E8770EF5}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{09163CEE-BB05-49F5-806A-B7A67D1C7E3C}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [{8919816D-1746-4C4F-A9D7-0466C9CD2D33}] => (Allow) C:\Program Files (x86)\Nero\Nero 2014\Nero BackItUp\NBService\NBService.exe
FirewallRules: [TCP Query User{8B36116D-B853-4FE1-80A1-F9E305395FC6}D:\downloads\ratiomaster.net.exe] => (Allow) D:\downloads\ratiomaster.net.exe
FirewallRules: [UDP Query User{5F6F94A9-06FD-4CAC-AE57-4B4B6F1362B4}D:\downloads\ratiomaster.net.exe] => (Allow) D:\downloads\ratiomaster.net.exe
FirewallRules: [TCP Query User{32171C11-C0E9-4F02-9E7A-C2FAEE77CF11}D:\downloads\mratio.exe] => (Allow) D:\downloads\mratio.exe
FirewallRules: [UDP Query User{662BB4CE-4360-4590-8748-BEA1EF2C4A8C}D:\downloads\mratio.exe] => (Allow) D:\downloads\mratio.exe
FirewallRules: [{48E0A8E8-3645-4610-B759-5EC100BA017B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62C75188-603C-49B4-8730-98A3C842D165}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\fotobuch.de\Designer 2.0\Designer.exe] => Designer.exe

==================== Faulty Device Manager Devices =============

Name: SMART Virtual TabletPC
Description: SMART Virtual TabletPC
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: SMART Technologies ULC
Service: SMARTVTabletPCx64
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Event log errors: =========================

Application errors:
==================
Error: (05/30/2015 00:44:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/30/2015 10:26:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/30/2015 10:26:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/30/2015 10:26:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/30/2015 09:45:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifest.

Error: (05/29/2015 08:19:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (05/29/2015 08:19:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/29/2015 08:19:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (05/29/2015 03:51:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: setup.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x375ee349
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5180f322
Ausnahmecode: 0xc0000005
Fehleroffset: 0x65accc49
ID des fehlerhaften Prozesses: 0x588
Startzeit der fehlerhaften Anwendung: 0xsetup.exe_unknown0
Pfad der fehlerhaften Anwendung: setup.exe_unknown1
Pfad des fehlerhaften Moduls: setup.exe_unknown2
Berichtskennung: setup.exe_unknown3

Error: (05/29/2015 03:51:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: QT32.exe, Version: 0.0.0.0, Zeitstempel: 0x36b88abd
Name des fehlerhaften Moduls: QuickTime.qts_unloaded, Version: 0.0.0.0, Zeitstempel: 0x5180f322
Ausnahmecode: 0xc0000005
Fehleroffset: 0x65accc49
ID des fehlerhaften Prozesses: 0x1284
Startzeit der fehlerhaften Anwendung: 0xQT32.exe0
Pfad der fehlerhaften Anwendung: QT32.exe1
Pfad des fehlerhaften Moduls: QT32.exe2
Berichtskennung: QT32.exe3


System errors:
=============
Error: (05/30/2015 01:13:47 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Software Protection" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (05/30/2015 01:11:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2015 01:11:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/30/2015 01:11:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2015 01:11:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WD File Management Shadow Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2015 01:11:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WD File Management Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2015 01:11:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "WDDMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2015 01:11:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SMART Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2015 01:11:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia PSI Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/30/2015 01:11:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


Microsoft Office:
=========================
Error: (05/30/2015 00:44:52 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (05/30/2015 10:26:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/30/2015 10:26:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (05/30/2015 10:26:30 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (05/30/2015 09:45:51 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458.manifestc:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe

Error: (05/29/2015 08:19:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000

Error: (05/29/2015 08:19:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (05/29/2015 08:19:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000

Error: (05/29/2015 03:51:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: setup.exe_unknown0.0.0.0375ee349QuickTime.qts_unloaded0.0.0.05180f322c000000565accc4958801d09a167d262666F:\setup.exeQuickTime.qtsd671449d-0609-11e5-af2a-6cf0490ead50

Error: (05/29/2015 03:51:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: QT32.exe0.0.0.036b88abdQuickTime.qts_unloaded0.0.0.05180f322c000000565accc49128401d09a168b947e0cF:\Support\QT32.exeQuickTime.qtscf973ae8-0609-11e5-af2a-6cf0490ead50


CodeIntegrity Errors:
===================================
  Date: 2015-05-29 09:14:26.562
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2015-05-29 09:14:26.531
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-06 18:02:49.131
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Bene\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-06 18:02:49.124
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Users\Bene\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-06 18:02:48.003
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-05-06 18:02:47.996
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 33%
Total physical RAM: 4094.49 MB
Available physical RAM: 2717.21 MB
Total Pagefile: 10092.7 MB
Available Pagefile: 8643.92 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:127.99 GB) (Free:7.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:337.77 GB) (Free:23.09 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 00000001)
Partition 1: (Active) - (Size=128 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=337.8 GB) - (Type=07 NTFS)

==================== End of log ============================
         
Hab jetzt alles zusammen. Während des Mbam -und AdwCleaner Scans ist der PC jeweils einmal abgestürzt, ohne dass der Browser aktiv war. Also das Problem besteht nach wie vor. Danke, danke für die tolle Unterstüzung!

Alt 31.05.2015, 05:40   #10
schrauber
/// the machine
/// TB-Ausbilder
 

PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Lade Dir bitte Bluescreenview und installiere es:
BlueScreenView - Download - Filepony

Öffnen und den aktuellsten Dump analysieren lassen (macht das Tool automatisch).
Output hier posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.05.2015, 09:06   #11
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Bei Bluescreenview gabs keine Funde. Hatte auch keine Abstürze mit Bluescreen.

Was nun?

Alt 31.05.2015, 14:40   #12
schrauber
/// the machine
/// TB-Ausbilder
 

PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



der Rechner stürzt ab ohne Bluescreen? Stürzt er wirklich ab? Sprich geh aus?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.05.2015, 18:52   #13
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Der PC hängt sich auf, ohne Blue Screen:

Zitat:
ich brauche Hilfe. Mein PC hängt sich seit ein paar Tagen regelmäßig nach ca. 5-15 Minuten auf. Alle Programme hören auf zu laufen, ich kann die Fenster nicht mehr schließen, die Windowstaste reagiert nicht mehr und ich kann nicht mal mehr den Task Manager öffnen. Ich kann nur noch den Cursor bewegen.

Alt 01.06.2015, 17:10   #14
schrauber
/// the machine
/// TB-Ausbilder
 

PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Festplatte testen:
Zustand der Festplatte herausfinden - so gehts - Anleitungen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.06.2015, 18:52   #15
benebene
 
PC stürzt regemäßig ab - Standard

PC stürzt regemäßig ab



Code:
ATTFilter
----------------------------------------------------------------------------
CrystalDiskInfo 6.3.2 (C) 2008-2015 hiyohiyo
                                Crystal Dew World : hxxp://crystalmark.info/
----------------------------------------------------------------------------

    OS : Windows 7 Ultimate SP1 [6.1 Build 7601] (x64)
  Date : 2015/06/01 18:21:22

-- Controller Map ----------------------------------------------------------
 + ATA Channel 1 (1) [ATA]
   - Marvell 91xx Config Device
 + Standard-Zweikanal-PCI-IDE-Controller [ATA]
   - ATA Channel 0 (0)
   - ATA Channel 1 (1)
 + Standard-Zweikanal-PCI-IDE-Controller [ATA]
   - ATA Channel 0 (0)
   - ATA Channel 1 (1)
 + Standard-Zweikanal-PCI-IDE-Controller [ATA]
   + ATA Channel 0 (0)
     - _NEC DVD_RW ND-3500AG ATA Device
     - ST3500418AS ATA Device
   - ATA Channel 1 (1)
 - GIGABYTE GBB36X Controller [SCSI]

-- Disk List ---------------------------------------------------------------
 (1) ST3500418AS : 500,1 GB [0/3/0, pd1] - st

----------------------------------------------------------------------------
 (1) ST3500418AS
----------------------------------------------------------------------------
           Model : ST3500418AS
        Firmware : CC38
   Serial Number : 6VMBC3DZ
       Disk Size : 500,1 GB (8,4/137,4/500,1/500,1)
     Buffer Size : 16384 KB
     Queue Depth : 32
    # of Sectors : 976773168
   Rotation Rate : 7200 RPM
       Interface : Serial ATA
   Major Version : ATA8-ACS
   Minor Version : ATA8-ACS version 4
   Transfer Mode : ---- | SATA/300
  Power On Hours : 8236 Std.
  Power On Count : 5187 mal
     Temperature : 28 C (82 F)
   Health Status : Gut
        Features : S.M.A.R.T., AAM, 48bit LBA, NCQ
       APM Level : ----
       AAM Level : FE00h [ON]

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 117 _99 __6 00000017BC67 Lesefehlerrate
03 _98 _97 __0 000000000000 Mittlere Anlaufzeit
04 _90 _90 _20 00000000287F Start/Stopp-Zyklen der Spindel
05 100 100 _36 000000000000 Wiederzugewiesene Sektoren
07 _87 _60 _30 0000206B0D84 Suchfehler
09 _91 _91 __0 00000000202C Betriebsstunden
0A 100 100 _97 000000000000 Misslungene Spindelanläufe
0C _95 _95 _20 000000001443 Geräte-Einschaltvorgänge
B7 100 100 __0 000000000000 Herstellerspezifisch
B8 100 100 _99 000000000000 Ende-zu-Ende-Fehler
BB 100 100 __0 000000000000 Gemeldete unkorrigierbare Fehler
BC 100 _99 __0 00000000002C Befehlszeitüberschreitung
BD 100 100 __0 000000000000 Übergeordnete Schreibvorgänge
BE _72 _62 _45 00001C14001C Luftstromtemperatur
C2 _28 _40 __0 00100000001C Temperatur
C3 _50 _33 __0 00000017BC67 Hardware-ECC wiederhergestellt
C5 100 100 __0 000000000000 Aktuell ausstehende Sektoren
C6 100 100 __0 000000000000 Nicht korrigierbare Sektoren
C7 200 200 __0 000000000000 UltraDMA-CRC-Fehler
F0 100 253 __0 EED70000538F Kopfpositionierungszeit
F1 100 253 __0 0000A05112FA LBA geschrieben (gesamt)
F2 100 253 __0 00002EE9AB3A LBA gelesen (gesamt)

-- IDENTIFY_DEVICE ---------------------------------------------------------
        0    1    2    3    4    5    6    7    8    9
000: 0C5A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2020 2020 2020 2020 3656 4D42 4333 445A
020: 0000 8000 0004 4343 3338 2020 2020 5354 3335 3030
030: 3431 3841 5320 2020 2020 2020 2020 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 0000 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F 0506 0000 0048 0040
080: 01F0 0029 346B 7F01 4163 3469 BE01 4163 407F 0028
090: 0028 0000 FFFE 0000 FE00 0000 0000 0000 0000 0000
100: 6030 3A38 0000 0000 0000 0000 0000 0000 5000 C500
110: 1F3D 9B75 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 6030
130: 3A38 6030 3A38 2020 0002 0140 0100 5000 3C06 3C0A
140: 0000 003C 0000 0008 0000 0000 004F 0280 0000 0000
150: 0008 0000 0000 0000 0000 0000 0000 0000 3F00 9800
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 103F 0000 0000 0000
210: 0000 0000 0000 0000 0000 0000 0000 1C20 0000 0000
220: 0000 0000 1010 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 E2A5

-- SMART_READ_DATA ---------------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 0A 00 01 0F 00 75 63 67 BC 17 00 00 00 00 03 03
010: 00 62 61 00 00 00 00 00 00 00 04 32 00 5A 5A 7F
020: 28 00 00 00 00 00 05 33 00 64 64 00 00 00 00 00
030: 00 00 07 0F 00 57 3C 84 0D 6B 20 00 00 00 09 32
040: 00 5B 5B 2C 20 00 00 00 00 00 0A 13 00 64 64 00
050: 00 00 00 00 00 00 0C 32 00 5F 5F 43 14 00 00 00
060: 00 00 B7 32 00 64 64 00 00 00 00 00 00 00 B8 32
070: 00 64 64 00 00 00 00 00 00 00 BB 32 00 64 64 00
080: 00 00 00 00 00 00 BC 32 00 64 63 2C 00 00 00 00
090: 00 00 BD 3A 00 64 64 00 00 00 00 00 00 00 BE 22
0A0: 00 48 3E 1C 00 14 1C 00 00 00 C2 22 00 1C 28 1C
0B0: 00 00 00 10 00 00 C3 1A 00 32 21 67 BC 17 00 00
0C0: 00 00 C5 12 00 64 64 00 00 00 00 00 00 00 C6 10
0D0: 00 64 64 00 00 00 00 00 00 00 C7 3E 00 C8 C8 00
0E0: 00 00 00 00 00 00 F0 00 00 64 FD 8F 53 00 00 D7
0F0: EE 17 F1 00 00 64 FD FA 12 51 A0 00 00 00 F2 00
100: 00 64 FD 3A AB E9 2E 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 82 00 58 02 00 7B
170: 03 00 01 00 01 56 02 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 98 02 00 00 02 03 03 02 03 02 03 03
190: 03 00 00 00 00 00 00 00 00 01 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 29 49 D9 D1 FA 1A 00 00
1B0: 00 00 00 00 01 00 3F 00 FA 12 51 A0 72 00 00 00
1C0: 3A AB E9 2E DF 0F 00 00 00 00 00 00 47 8F 00 00
1D0: 00 00 00 02 00 00 00 00 67 1D 00 00 25 00 03 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0A
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 DB

-- SMART_READ_THRESHOLD ----------------------------------------------------
     +0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 01 06 00 00 00 00 00 00 00 00 00 00 03 00
010: 00 00 00 00 00 00 00 00 00 00 04 14 00 00 00 00
020: 00 00 00 00 00 00 05 24 00 00 00 00 00 00 00 00
030: 00 00 07 1E 00 00 00 00 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 61 00 00 00 00
050: 00 00 00 00 00 00 0C 14 00 00 00 00 00 00 00 00
060: 00 00 B7 00 00 00 00 00 00 00 00 00 00 00 B8 63
070: 00 00 00 00 00 00 00 00 00 00 BB 00 00 00 00 00
080: 00 00 00 00 00 00 BC 00 00 00 00 00 00 00 00 00
090: 00 00 BD 00 00 00 00 00 00 00 00 00 00 00 BE 2D
0A0: 00 00 00 00 00 00 00 00 00 00 C2 00 00 00 00 00
0B0: 00 00 00 00 00 00 C3 00 00 00 00 00 00 00 00 00
0C0: 00 00 C5 00 00 00 00 00 00 00 00 00 00 00 C6 00
0D0: 00 00 00 00 00 00 00 00 00 00 C7 00 00 00 00 00
0E0: 00 00 00 00 00 00 F0 00 00 00 00 00 00 00 00 00
0F0: 00 00 F1 00 00 00 00 00 00 00 00 00 00 00 F2 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 60
         

Antwort

Themen zu PC stürzt regemäßig ab
adobe, avg, browser, cursor, defender, desktop, explorer, firefox, flash player, format, google, hijack, hängt, mozilla, object, realtek, registry, scan, schutz, security, software, svchost.exe, usb, windows, windowstaste, winlogon.exe



Ähnliche Themen: PC stürzt regemäßig ab


  1. OTL stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 15.06.2015 (1)
  2. Pc stürzt oft ab !
    Plagegeister aller Art und deren Bekämpfung - 16.01.2015 (48)
  3. ICQ stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 25.03.2011 (1)
  4. pc stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 12.03.2010 (5)
  5. Pc stürzt ab
    Log-Analyse und Auswertung - 08.08.2009 (1)
  6. Pc stürzt ab
    Diskussionsforum - 05.08.2009 (2)
  7. IE stürzt oft ab
    Log-Analyse und Auswertung - 10.03.2009 (23)
  8. PC stürzt ab !!!
    Mülltonne - 05.01.2009 (0)
  9. PC stürzt ab
    Mülltonne - 01.01.2009 (0)
  10. Pc läuft, stürzt ab, fährt hoch und stürzt sofort beim Reboot wieder ab
    Plagegeister aller Art und deren Bekämpfung - 08.08.2008 (14)
  11. PC stürzt ab...
    Log-Analyse und Auswertung - 21.04.2008 (2)
  12. IE stürzt ab
    Plagegeister aller Art und deren Bekämpfung - 15.10.2007 (2)
  13. Pc stürzt ab
    Netzwerk und Hardware - 12.04.2007 (7)
  14. Pc stürzt ab!!HELP!!
    Netzwerk und Hardware - 11.04.2007 (11)
  15. AW: Pc stürzt ab!!HELP!!
    Mülltonne - 11.04.2007 (0)
  16. PC stürzt ab!!!
    Log-Analyse und Auswertung - 30.05.2006 (1)
  17. IE stürzt ab
    Log-Analyse und Auswertung - 25.01.2005 (4)

Zum Thema PC stürzt regemäßig ab - Hallo zusammen, ich brauche Hilfe. Mein PC hängt sich seit ein paar Tagen regelmäßig nach ca. 5-15 Minuten auf. Alle Programme hören auf zu laufen, ich kann die Fenster nicht - PC stürzt regemäßig ab...
Archiv
Du betrachtest: PC stürzt regemäßig ab auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.