Trojaner TR/Dldr.Delf.1053840.3 von Avira gefunden

Carsten M · 05.07.2015, 10:03

Hallo ihr lieben

Wie der Titel bereits sagt hat mein Avira vor kurzem diesen "Virus" gefunden.
Ich kann mir eigentlich nur erklären das ich mir diesen über csgolounge.com gefangen habe, da ich dort eine vermeintliche jpg. mit einer scr. Endung oder so heruntergeladen hatte.
Nach kurzer Recherche stellte sich heraus, dass dies normalerweise Screensaver sind aber teilweise auch Würmer oder Trojaner zur Folge haben können.
Desweiteren ist die Temperatur meines CPU´s gestern auf sage und schreibe 80 Grad hochgeschossen (kann auch an den Temperaturen draussen liegen

).
Nagut auf jeden Fall bin ich mir nicht ganz sicher was ich jetzt tun soll und lasse grade mal
Malwarebytes drüberlaufen (vom letzten Thema von mir

)
Ich hoffe ihr könnt mir helfen .
MfG Carsten

schrauber · 05.07.2015, 10:22

Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Carsten M · 05.07.2015, 11:04

[CODE]Additional
FRST Logfile:

Code:

ATTFilter

scan result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by Carsten at 2015-07-05 12:01:04
Running from C:\Users\Carsten\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4086059184-2630891605-3122563293-500 - Administrator - Disabled)
Carsten (S-1-5-21-4086059184-2630891605-3122563293-1002 - Administrator - Enabled) => C:\Users\Carsten
Gast (S-1-5-21-4086059184-2630891605-3122563293-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4086059184-2630891605-3122563293-1008 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.273 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.190 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{8A7A4673-CB99-40B2-8699-FF46DFD05473}) (Version: 1.0.3 - Amazon)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Amazon MP3-Downloader 1.0.18 (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version:  - Reloaded Productions)
Assassin's Creed (HKLM-x32\...\{8CFA9151-6404-409A-AF22-4632D04582FD}) (Version: 1.02 - Ubisoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{0696cc37-db90-4000-be99-4a173ca7c8af}) (Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.39.17987 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.11.579 - Avira Operations GmbH & Co. KG)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Batman: Arkham Asylum GOTY Edition (HKLM-x32\...\Steam App 35140) (Version:  - Rocksteady Studios)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.7.0 - EA Digital Illusions CE AB)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.25.5401 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{79809712-A577-4B8C-A9FC-51945690C7DC}) (Version: 0.9.25.5401 - BlueStack Systems, Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.44.50 - Conexant)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dirty Bomb (HKLM-x32\...\Steam App 333930) (Version:  - Splash Damage®)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
Energy Management (HKLM-x32\...\InstallShield_{D0956C11-0F60-43FE-99AD-524E833471BB}) (Version: 8.0.2.5 - Lenovo)
Energy Management (x32 Version: 8.0.2.5 - Lenovo) Hidden
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version:  - Monolith )
F.E.A.R. 2: Project Origin (HKLM-x32\...\Steam App 16450) (Version:  - Monolith)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fallout 3 (HKLM-x32\...\Steam App 22300) (Version:  - Bethesda Game Studios)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Hazard Ops (HKLM-x32\...\{F70DE052-CFFD-4DCB-8DA3-3ECAAFBB7D15}}_is1) (Version: 0.2.0.2042 - Infernum Productions AG)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version:  - Blizzard Entertainment)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.1901 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 13.12.824.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.0710 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.0710 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4310.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4310.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{B73D2BF9-2C82-40A4-AFA8-32CE2E501640}) (Version: 2.2.002.00 - Lenovo Group Limited)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.5926 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{02BAAFC5-4E16-42E6-A9F6-8DDE0B7ED3B8}) (Version: 1.0.0.0 - Mojang)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 35.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6873 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.39030 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 17.12.8 - NVIDIA Corporation) Hidden
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version:  - Maxis)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.10.13 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
The Elder Scrolls IV: Oblivion  (HKLM-x32\...\Steam App 22330) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Witcher: Enhanced Edition (HKLM-x32\...\Steam App 20900) (Version:  - CD Projekt RED)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 3.2 - Ubisoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (HKLM\...\71BC3FD63F450BA0A957AAECBDB4A000C4F2BE42) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinFF 1.5.2 (Codename EMMA) (HKLM-x32\...\WinFF_is1) (Version:  - WinFF.org)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4086059184-2630891605-3122563293-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-4086059184-2630891605-3122563293-1002_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Carsten\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4086059184-2630891605-3122563293-1002_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Carsten\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4086059184-2630891605-3122563293-1002_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Carsten\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4086059184-2630891605-3122563293-1002_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Carsten\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

26-06-2015 15:01:02 Windows Update
03-07-2015 21:29:04 Geplanter Prüfpunkt

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00C7358E-8D0F-4F57-9ADC-A47F2EA745AF} - System32\Tasks\{E2D5847D-18AD-496B-9167-CFE2AF035FA5} => Chrome.exe hxxp://ui.skype.com/ui/0/6.14.0.104/de/abandoninstall?page=tsProgressBar
Task: {05DAEF2C-809D-452A-8B83-CF2615F11F6A} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {16B42EE7-CFD6-497D-9FF6-8F452E644A7C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {27629D03-FC57-4FCE-8D20-F0815048E9B9} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-25] (Adobe Systems Incorporated)
Task: {2AF9B8DE-9CB2-434D-BCA3-C7E64EEF079A} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-08-08] (Lenovo)
Task: {2D0D5695-B87B-4D18-983E-C8B68EAB32E2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {3A03FD79-6887-47DD-9A6F-20BE8D46E9E5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002UA => C:\Users\Carsten\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-27] (Facebook Inc.)
Task: {712014D6-3F0C-41E6-A2A9-BD02CA08AAAC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002Core => C:\Users\Carsten\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-27] (Facebook Inc.)
Task: {9D07C24A-A3D7-4972-B164-80445B73FEBC} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {A77B257A-68C3-4C19-AB56-B3EC941EB0B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-26] (Google Inc.)
Task: {D67F7050-A241-4F4F-9B98-F969F3D5E6AF} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-08-08] (Lenovo)
Task: {E5B76F37-1E4F-447A-B403-AE42B88C2729} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-08-08] ()
Task: {E8E25C6F-F8B8-43D5-BB2F-C5DEF9CBC769} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-11] (Microsoft Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002Core.job => C:\Users\Carsten\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002UA.job => C:\Users\Carsten\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (Whitelisted) ==============

2013-12-26 20:42 - 2015-02-05 23:01 - 00012104 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-10-30 17:34 - 2015-02-05 21:07 - 00117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-26 15:48 - 2012-08-26 15:48 - 00044408 _____ () C:\Program Files\Lenovo\Bluetooth Software\BtwLeAPI.dll
2015-01-12 14:06 - 2015-01-12 14:06 - 00076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2014-09-25 20:44 - 2014-09-25 20:44 - 00053248 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-06-08 16:21 - 2015-07-03 15:16 - 00142336 _____ () C:\Program Files (x86)\Steam\steamapps\common\Clicker Heroes\Clicker Heroes.exe
2015-02-26 20:14 - 2015-02-05 23:01 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2012-09-21 23:53 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-06-23 16:52 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 16:52 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
2013-03-12 18:10 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-09 21:06 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-10 08:53 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-09 21:06 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-09 21:06 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-09-21 16:15 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-21 16:15 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-21 16:15 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-21 16:15 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-21 16:15 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2012-12-27 23:05 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-12-27 23:05 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-14 12:05 - 2015-05-11 21:01 - 08958344 _____ () C:\Program Files (x86)\Steam\bin\pdf.dll
2012-12-27 23:05 - 2015-06-04 20:56 - 00372416 _____ () C:\Program Files (x86)\Steam\steam.dll
2014-03-27 15:21 - 2014-03-27 15:21 - 00148480 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\quazip.dll
2014-03-27 15:21 - 2014-03-27 15:21 - 00864768 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\platforms\qwindows.dll
2014-03-27 15:21 - 2014-03-27 15:21 - 00677376 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2012-10-29 12:08 - 2014-08-22 11:51 - 00092104 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\directsound_win32.dll
2012-10-29 12:08 - 2014-08-22 11:51 - 00105416 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win32.dll
2014-03-27 15:21 - 2014-03-27 15:21 - 00025600 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qgif.dll
2014-03-27 15:21 - 2014-03-27 15:21 - 00242688 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\imageformats\qjpeg.dll
2012-10-29 12:08 - 2014-08-22 11:51 - 00477128 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-10 17:41 - 2014-08-22 11:51 - 00484808 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-03-27 15:21 - 2014-03-27 15:21 - 00123904 _____ () C:\Program Files (x86)\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> 
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\Carsten\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.42.129

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "cAudioFilterAgent"
HKLM\...\StartupApproved\Run: => "Energy Management"
HKLM\...\StartupApproved\Run32: => "Dolby Advanced Audio v2"
HKLM\...\StartupApproved\Run32: => "YouCam Mirage"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Battle.net"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{29D683EE-0F75-43ED-A775-8EC4275BE05C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{6E9E7E94-7FA4-4FAA-B578-4D867E3AC270}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3478\Agent.exe
FirewallRules: [{032E5ABC-B21E-422D-9467-48BD6BA7F8F4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{44119E4E-148D-4CEF-AA52-D4BB4BC8B06C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{BFAD6088-0CBA-447A-8013-7A0075167FC3}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{043DFC67-01B7-4B41-AEB0-1BF712B14B85}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3454\Agent.exe
FirewallRules: [{2CDF7C48-1237-4898-B9AD-33648AE2BA06}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{F014BCFC-A616-4B42-A693-9D05D4BFC82A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3427\Agent.exe
FirewallRules: [{AB7AE29A-E605-4B93-8CEE-A930EA699DB3}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{C1A5ED5C-6FC7-4B1C-B555-E332B2BF594A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{081F8873-86C2-46CD-93FF-DC44B5A6F47E}] => (Allow) C:\Users\Carsten\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [UDP Query User{401F364D-1F89-45BD-9AA4-B478D36C7AF0}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{1986707F-972D-4349-B057-DF2A08E154B9}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{4FA55FF9-E9C9-4C74-8CA5-DBB7A2CDB5F8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{9A2B467D-D404-4404-A664-0734B075A336}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{44A4904B-B1DD-441D-ABF1-6B0DB0A676EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{AF1214E7-843D-4BF3-AE07-84821A0FC5D4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe
FirewallRules: [{6514B101-3D8F-43F4-BF3A-C3F46AE075F2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{AA4F62B0-631A-4E04-BD92-3E5DE3D2C70C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{6811ADF4-BF53-4C48-A446-627E4836D67B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{6C5649AD-12E9-48B5-846B-0B1F1E575070}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{A47D389F-DD78-490E-B4DC-4A5A484365E0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{F5E2DA22-16C8-4F48-821E-0B5FE4B07AD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe
FirewallRules: [{5DBB715A-497B-4407-8B4D-D50778C1DA14}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{31D2530D-B6B1-494D-B13E-4B427F806AD1}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Launcher.exe
FirewallRules: [{523BB869-15E2-423D-B44E-84F4473CD824}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{2C929A2B-F30F-4C3F-93D4-38DCE0956F5A}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx10.exe
FirewallRules: [{809A7305-4A42-4636-820B-9F5AD9BD3BB5}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{222265FF-6B6C-4E40-91E9-EE863D227387}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed\AssassinsCreed_Dx9.exe
FirewallRules: [{0AA0291F-1368-406F-8FB2-ABE9890A1130}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FEAR2\FEAR2.exe
FirewallRules: [{13860DB3-66D4-40DE-928B-7C0D1837CA3B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FEAR2\FEAR2.exe
FirewallRules: [{39335B72-5300-4717-A01B-B659089DFAA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{7299BA03-D14A-4371-92CC-80C1D111ACF0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\FEAR Ultimate Shooter Edition\FEAR.exe
FirewallRules: [{13A7FE8A-9524-49B3-9359-AD97DC6DFD71}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{C4181D17-033E-4447-B290-8776998F3FDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B92006FC-5046-4476-92D8-92D5A1339114}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{62047ACB-984B-4DD9-A289-0CC0950ADD59}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{254F7290-10B5-4DE7-8639-FB9391B9D08C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{40FDF54C-C308-4D0F-9B95-00BF348CD63A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [UDP Query User{3491F352-A910-47BC-B6A5-27BA68913499}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{A33E140C-555C-47B9-9EE7-A759BBCC5716}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{584FCFD4-8447-4CA2-B0E0-93C9BA2BC67F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{14E23650-602D-4ABE-A52F-C420350BD643}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{F9953CB3-DE46-4F3A-8970-BCDE29EB1893}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{5D9C1A32-8FCC-4315-9F7F-41F9EA45007D}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{BC603469-CB72-4A38-AB81-A93B27D3FCF8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{6D20E46A-368D-42B4-A255-FD9F5EAF9587}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [UDP Query User{E997BC17-0755-4A56-B190-BE5114D01D63}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [TCP Query User{47E7640A-5D03-4665-8DE0-81A040552678}C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{7B2D421F-FFC0-4243-AE01-93D49EC7A503}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{9A0F7703-73DF-423A-9BB9-B48E5CC0A973}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
FirewallRules: [{E41D8A8C-F258-474C-A5C8-21BEF4B7A8D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{8E9CF943-723F-4BF9-8AA0-408B3E307C9D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\djinni!.exe
FirewallRules: [{6929E253-9592-4875-B4F4-34FA20A7A60F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{C4B13F15-DE4C-4F8E-8E5B-DB19264E203E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher Enhanced Edition\System\witcher.exe
FirewallRules: [{848E17DB-7338-4FA3-9238-69DE48439A94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [{9B91E11C-2293-4DE4-9B68-768FFD707A5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dungeon Defenders\Binaries\Win32\DungeonDefenders.exe
FirewallRules: [UDP Query User{C34F82DA-60AA-4391-B523-626F9DA351FD}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [TCP Query User{D9AD3D08-97EB-42CC-982F-BEF69B3256B8}C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{8BBB6B04-B93A-417E-9115-2330EFB3D7F3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{FFCAB0E5-F448-4153-B572-5F3DFC144814}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
FirewallRules: [{CFF81E00-CD0D-42D6-B1D6-0B0F45FCE02B}] => (Allow) LPort=1900
FirewallRules: [{E39BB4F7-3C01-4D88-B077-4A914EC67416}] => (Allow) LPort=2869
FirewallRules: [{C18A6296-90FF-4605-8680-285F318BA850}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A22721DC-798A-40AF-B7CF-A71BFEB10D99}] => (Allow) C:\Users\Carsten\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{74A0C20C-23A0-457B-A008-A02A0DB11DAD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{47201D81-1B3A-4089-AF99-28FE288FD120}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Support\EA Help\Electronic_Arts_Technical_Support.htm
FirewallRules: [{D6917E13-EC3C-4CAF-A372-2E52DEA8ABDD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{F4E06D38-055B-4B1F-9543-4F63EF3EEE6B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [UDP Query User{0F938BBC-5401-4561-B880-942931B53AD0}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [TCP Query User{9449438B-727E-4F5A-BE5C-27B6E18ABC11}C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dungeon defenders\binaries\win32\dundefgame.exe
FirewallRules: [UDP Query User{EB41418F-44A9-48DC-A92D-C1DF59D09A02}C:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe
FirewallRules: [TCP Query User{192E0725-225A-48A5-B65C-CDDEAF018A57}C:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe] => (Allow) C:\program files (x86)\ubisoft\related designs\anno 2070\autopatcher.exe
FirewallRules: [{77C70D27-A833-45DC-9D0D-6A8F36D9EA70}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [{3B427D2D-7839-4F27-B218-FB12B978715B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Plants Vs Zombies\PlantsVsZombies.exe
FirewallRules: [UDP Query User{F5E54AD3-6862-452E-9A2E-FEDE4ECE43BF}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [TCP Query User{14720713-7BEA-493E-BEC2-DEA650CFA876}C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base23260\sc2.exe
FirewallRules: [{D09B5570-A69B-4CC7-AF43-DA35624FE639}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{65B159CF-BA30-4BD5-8352-F34C8F7A2F86}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{37B57CD8-5F3B-4CCA-B40A-20F018D3A8A8}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{DD73EEA8-CFF8-492F-8D3B-8AA4EF776019}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{FDEEF098-2FF3-4F45-92EA-B06EA48FF83B}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{DBF62FFD-27E1-4C4B-9CD5-CA5B33F82F5C}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{EEF676C2-6A39-4204-9BE0-387E1A0511D3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1FA72343-EB76-4900-BDB6-AA9F81092BD2}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0E15230D-A7E3-42C3-8EDC-5F0C076CEDA4}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{8A41D373-4F5F-43D3-B8BD-86AC4717AA17}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{C49158E9-63CE-4312-8CEA-39C50EAE5D8D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{35595D95-2B2A-49B9-ABEF-94D1B1812EE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{AA24AC28-0FEF-456B-9043-E49A171B1ADF}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{D3DF985D-0AA3-4A18-BB5B-79574DC433AC}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{5C658F95-A314-4982-8940-A9F9FAF165A5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{40CFE232-02AD-4F87-8CB9-50ABC2C5B530}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{CB35789D-6883-44F7-BFE5-73B439D165EA}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{DB88ACC7-B415-4252-B40C-1F6EE082ED14}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [TCP Query User{ACBC80F5-37FC-40D3-BB71-2ED71F2000E4}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [UDP Query User{63A4C290-4976-43E7-B515-4AC1CC03E657}C:\programdata\battle.net\agent\agent.3507\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.3507\agent.exe
FirewallRules: [{D2942D8F-FE86-4DE0-9CEB-421AB5C5C040}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{0D8B6D38-CF95-48DB-885E-8544DA45265C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{26019819-FC11-46AE-917F-945B721302DC}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{DD8C891E-11BA-467E-9175-DA429860ABE7}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3526\Agent.exe
FirewallRules: [{A5AA3914-A79E-47E6-884D-7A4F1B01DE1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{E8B46C8F-3CA5-486F-991E-721EB78FD627}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{DA99A37E-FDC1-4789-8A68-2E60AA32B762}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3B4303E2-70E5-436B-A04A-6DC37AD834D7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3BDF8612-93D3-4E27-979C-85DB37877D99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{0D9F2224-0322-4C77-A028-8FA9633CEACE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\SP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{91C87F1C-ADD2-44E1-A4B8-C46180A57B1D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [{048F956C-95B4-47C3-932E-DFDB119F5A0F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock 2\MP\Builds\Binaries\Bioshock2Launcher.exe
FirewallRules: [TCP Query User{4995FA26-5080-4A15-B370-845B63A34F92}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [UDP Query User{D7FFEE23-4126-4289-BAC1-CBC8A123AB61}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcher.exe
FirewallRules: [TCP Query User{7A54DD4B-71BA-4859-8696-2583402186AC}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [UDP Query User{AEDBA00D-AA0D-4F60-9C59-D682EC4481EA}C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe] => (Allow) C:\riot games\league of legends\rads\projects\lol_patcher\releases\0.0.0.14\deploy\lolpatcherux.exe
FirewallRules: [{47605E54-D098-4A2C-8268-12BA35D8D4DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{220A8E15-748E-4667-AA7B-35C987C25CFF}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3632\Agent.exe
FirewallRules: [{E89EEEDE-E1F8-4F27-B428-6376806DCDED}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{7FB85EDC-E597-4AEE-A979-0B003635049C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{97172492-9578-4181-90CD-5AAF7A8C2C7C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{87F6649E-F733-40C6-932E-5DC221FEA9D9}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [TCP Query User{E5C71AD6-03C2-4F16-853D-D3F297B33951}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{2C1FC0C6-046B-47FE-B881-5E0D041B7E67}C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33353\heroesofthestorm_x64.exe
FirewallRules: [{AF0182FF-66A3-4246-9585-2DB73286A77E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [{7523E286-F21A-4C6C-90F3-97D71631BE0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal\hl2.exe
FirewallRules: [TCP Query User{C7F94F8E-14A6-4A99-872B-041E91130901}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{B7DE14CD-7AE3-4024-9A8C-0DAFB4C05F97}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{6A4FA2AE-9D50-40BE-B021-92427494684C}] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{1EA1C744-B96F-45B3-A8DA-25D6D2B30061}] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{E6382F03-4844-426C-A15C-878250894CF9}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{5BE679CF-7ACE-4D5C-9792-CC95E6260891}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{E0888337-5EEA-45F9-9EBA-67EEF5169A5B}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{27943848-3091-4051-826B-C9172B4BA790}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5111EE2A-C431-4081-8B69-56CC444EE29F}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{69F52230-3496-4C0F-BB59-E8C4BE80E5FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{DAF8D858-5E73-430B-B889-BD3F1784D46A}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{91CE75B4-25D7-4766-B063-C7F1CCCFF7B6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3669\Agent.exe
FirewallRules: [{C1A2A9A3-9B3D-46C3-BC9A-9C5F328DCB4F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [{BF28E393-B558-4A6D-8B6E-981A0A543303}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3688\Agent.exe
FirewallRules: [TCP Query User{4CBEBE2A-87B9-4821-A346-4A0C0647F487}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{A7BB7AC5-1E57-4C7C-8872-2DB5E36672B4}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe
FirewallRules: [{30B63D52-E747-41DA-B4A9-9BF2DBD8FB8F}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [{785A87C5-63DF-4A22-B2B0-2C86BEFEB25B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3689\Agent.exe
FirewallRules: [TCP Query User{781912A4-9AE4-4203-83C9-A6B4ACA4C04C}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{BAAC9586-F5E4-4E3E-A080-2604284C0A20}C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{93BEBA58-76AF-4B47-BEA2-88DAD44B97C6}] => (Block) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{390D1137-B1EB-482E-8568-CB2890C42E50}] => (Block) C:\program files (x86)\heroes of the storm\versions\base33684\heroesofthestorm_x64.exe
FirewallRules: [{F16346B8-F156-4AB9-B020-26995C598A0B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [{149C7C41-7D1C-4A3A-A05B-8D0F82E56954}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe
FirewallRules: [TCP Query User{5B125B82-9384-463C-A7FA-26D0155947D5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{23F21019-6F56-4888-A6DC-F10259B6BA1E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{D3D20D1F-8360-461A-9AE3-39C58B5D1683}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{11385A0C-1F53-474A-B934-7FC3626ABBC8}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{EFABD62E-B486-497E-91EF-C9FBECE259AA}] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{5181EE7E-3BA9-426A-A921-0D7C0AD43A1D}] => (Allow) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{AF7105F9-6C35-4C4B-B6C8-3702E0CB4A4C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{761DED38-7265-479B-BB76-01D6887FC3E2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02F3A693-2751-4846-9A36-6B31B887B446}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{3E5878C5-69F6-4EFF-92A0-A9D1912749D5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{D1DB88D5-6584-4EAD-9D9C-BD3419510CCA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [{8B99A39A-0FA6-4042-B029-3C1746FB8BE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe
FirewallRules: [TCP Query User{0E606EB1-32EC-44E7-AA66-94D2A040BF1D}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{ED422013-3F10-4F57-90DC-AAF0DAF0F7F8}C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{32ED3883-BE44-404D-9D7F-8B531D41F117}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{97D3F687-A703-429D-B02C-0F7AD4248682}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34190\heroesofthestorm_x64.exe
FirewallRules: [{940F55A4-6E9D-480E-9F13-43A1D48ED895}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{A79BADDF-4CB9-48F8-8C19-3DE98732ADBC}] => (Allow) C:\Program Files (x86)\StarCraft II\StarCraft II.exe
FirewallRules: [{CA636B81-AB8A-4984-8B7D-44CBE9700136}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{64946A2E-2C7B-4D53-93E7-3044C04FAE74}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{09A99126-63E1-456A-A383-EEEE4BF89A63}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{B3B77BB3-E542-4200-BE8D-6977449EEB4A}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{916118E7-BA5B-4A98-82AC-76B1F2723C12}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [{8961D2F7-962D-4A7D-B720-EE4778455CB7}] => (Block) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{74604920-8140-4C8A-A1D6-FC5013F0A221}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [UDP Query User{A02A69E1-17BE-4E53-A946-6E338D257BFC}C:\program files (x86)\origin games\battlefield 3\bf3.exe] => (Allow) C:\program files (x86)\origin games\battlefield 3\bf3.exe
FirewallRules: [TCP Query User{56963F3C-F332-402E-ADE6-E1F3CC1C0251}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{399F2B53-F934-418C-B5AD-3E6DAD92B795}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{1C5B9EF1-2C79-409A-8090-C13E37392902}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E553A46A-7B82-4624-9E57-AB4CDD57E355}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{B676545D-9735-43D3-A351-E5F8CC53B292}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{7979E162-0EC8-4414-9799-FDDACFDA81A1}C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35634\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{70CA0C65-B575-4866-8389-4112AF1CAF08}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{5D01A199-C8D4-4B92-B9F1-8F89AF96E84F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{3A4BC846-DC28-4697-9861-3400DAC0EC20}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{C116D5FC-FAF4-49E4-BE5A-D2F6167AE24F}C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35702\heroesofthestorm_x64.exe
FirewallRules: [TCP Query User{573293F2-6D74-452F-B686-348BC44B35A6}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{83C748C0-5919-4F70-9BAE-79A46B8BE7A2}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{37E6C489-4EDB-4D6C-A191-E19B0CF4AB55}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [{FC1BD72A-9792-4E83-BA37-2590AF4228ED}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
FirewallRules: [TCP Query User{9DFD2106-A991-4045-8C8A-EA91F7A9D199}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{627ED389-C547-411B-9D04-104899FA6212}C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe] => (Allow) C:\program files (x86)\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{9EBFFB92-7D90-42C2-AE9C-C7107D9F4B66}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{9AEA48C9-D13A-4104-8703-5B02575BF8F1}C:\users\carsten\appdata\local\temp\adobedata\client32.exe] => (Block) C:\users\carsten\appdata\local\temp\adobedata\client32.exe
FirewallRules: [UDP Query User{2EB208F1-D011-49B5-B5D5-835A3BD69875}C:\users\carsten\appdata\local\temp\adobedata\client32.exe] => (Block) C:\users\carsten\appdata\local\temp\adobedata\client32.exe
FirewallRules: [TCP Query User{2FACE119-4A40-4C19-A96A-2E1AED4DF137}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe
FirewallRules: [UDP Query User{E407B40F-D9F6-4A4A-8128-5BE0B3B334C6}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2015 11:35:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1d90

Startzeit: 01d0b63c0c49a898

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: ffd78242-222f-11e5-bf39-02686d610904

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (07/03/2015 09:30:05 PM) (Source: Google Update) (EventID: 20) (User: CarstensPC)
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801

Error: (06/29/2015 10:40:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CarstensPC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (06/28/2015 11:50:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Wow-64.exe, Version 6.2.0.20182 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13f0

Startzeit: 01d0b179903c078c

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\World of Warcraft\Wow-64.exe

Berichts-ID: 032f3c8e-1d7a-11e5-bf39-02686d610904

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/27/2015 08:49:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 13dc

Startzeit: 01d0b10953a5e8bb

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\syswow64\wwahost.exe

Berichts-ID: 475108db-1cfd-11e5-bf39-02686d610904

Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (06/27/2015 08:47:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20905 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: b84

Startzeit: 01d0b108f57eeb25

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: e7876c41-1cfc-11e5-bf39-02686d610904

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/26/2015 08:01:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm javaw.exe, Version 8.0.31.13 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1378

Startzeit: 01d0b01e9ca005bf

Endzeit: 132

Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe

Berichts-ID: 53ebf89c-1c2d-11e5-bf38-02686d610904

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/22/2015 04:16:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20856 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 97c

Startzeit: 01d0acf555f2d55c

Endzeit: 4294967295

Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe

Berichts-ID: 47b37d4f-18e9-11e5-bf37-c0143dca4612

Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (06/21/2015 03:49:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm csgo.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e58

Startzeit: 01d0ac122fd846fb

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe

Berichts-ID: 405d2455-181c-11e5-bf36-02686d610904

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/20/2015 10:46:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Battle.net.exe, Version 1.2.9.5833 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e50

Startzeit: 01d0ab313fbe5c3b

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Battle.net\Battle.net.5833\Battle.net.exe

Berichts-ID: e51742f4-1728-11e5-bf36-02686d610904

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (07/05/2015 10:28:20 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Conexant Audio Message Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 10:27:08 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎05.‎07.‎2015 um 10:15:33 unerwartet heruntergefahren.

Error: (07/05/2015 10:16:32 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Conexant Audio Message Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (07/05/2015 10:15:32 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎04.‎07.‎2015 um 20:50:21 unerwartet heruntergefahren.

Error: (07/04/2015 05:20:19 PM) (Source: DCOM) (EventID: 10010) (User: CarstensPC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/04/2015 05:19:49 PM) (Source: DCOM) (EventID: 10010) (User: CarstensPC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/04/2015 03:37:05 PM) (Source: DCOM) (EventID: 10010) (User: CarstensPC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/04/2015 03:36:35 PM) (Source: DCOM) (EventID: 10010) (User: CarstensPC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/04/2015 02:17:01 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (07/03/2015 11:08:13 PM) (Source: DCOM) (EventID: 10010) (User: CarstensPC)
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}


Microsoft Office:
=========================
Error: (07/04/2015 11:35:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.209111d9001d0b63c0c49a8984294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exeffd78242-222f-11e5-bf39-02686d610904microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (07/03/2015 09:30:05 PM) (Source: Google Update) (EventID: 20) (User: CarstensPC)
Description: Network Request Error.
Error: 0x80040801. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=IE, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying WinHTTP.
Send request returned 0x80040801. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80040801. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80040801

Error: (06/29/2015 10:40:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CarstensPC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (06/28/2015 11:50:35 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Wow-64.exe6.2.0.2018213f001d0b179903c078c4294967295C:\Program Files (x86)\World of Warcraft\Wow-64.exe032f3c8e-1d7a-11e5-bf39-02686d610904

Error: (06/27/2015 08:49:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1741513dc01d0b10953a5e8bb4294967295C:\WINDOWS\syswow64\wwahost.exe475108db-1cfd-11e5-bf39-02686d610904Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp

Error: (06/27/2015 08:47:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20905b8401d0b108f57eeb254294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbwe\LiveComm.exee7876c41-1cfc-11e5-bf39-02686d610904microsoft.windowscommunicationsapps_17.5.9600.20905_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/26/2015 08:01:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: javaw.exe8.0.31.13137801d0b01e9ca005bf132C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe53ebf89c-1c2d-11e5-bf38-02686d610904

Error: (06/22/2015 04:16:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2085697c01d0acf555f2d55c4294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbwe\LiveComm.exe47b37d4f-18e9-11e5-bf37-c0143dca4612microsoft.windowscommunicationsapps_17.5.9600.20856_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1

Error: (06/21/2015 03:49:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: csgo.exe0.0.0.0e5801d0ac122fd846fb4294967295C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe405d2455-181c-11e5-bf36-02686d610904

Error: (06/20/2015 10:46:55 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Battle.net.exe1.2.9.5833e5001d0ab313fbe5c3b4294967295C:\Program Files (x86)\Battle.net\Battle.net.5833\Battle.net.exee51742f4-1728-11e5-bf36-02686d610904


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 46%
Total physical RAM: 8057.77 MB
Available physical RAM: 4284.55 MB
Total Virtual: 9337.77 MB
Available Virtual: 4718.52 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:883.74 GB) (Free:465.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.78 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 41B890BB)

Partition: GPT Partition Type.

==================== End of log ============================

--- --- ---

Carsten M · 05.07.2015, 11:08

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Carsten (administrator) on CARSTENSPC on 05-07-2015 12:00:07
Running from C:\Users\Carsten\Desktop
Loaded Profiles: Carsten &  (Available Profiles: Carsten)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NetSupport Ltd) C:\Users\Carsten\AppData\Local\Temp\AdobeData\client32.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
(Valve Corporation) C:\Program Files (x86)\Steam\GameOverlayUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.4150\Agent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment, Inc.) C:\Program Files (x86)\Heroes of the Storm\Versions\Base36144\HeroesOfTheStorm_x64.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HotKeysCmds] => C:\WINDOWS\system32\hkcmd.exe
HKLM\...\Run: [Persistence] => C:\WINDOWS\system32\igfxpers.exe
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2012-09-22] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-09-22] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-27] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2585744 2015-01-16] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-16] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [884440 2015-05-07] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [130864 2015-05-21] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2014-10-29] (Microsoft Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2860080 2015-06-29] (Blizzard Entertainment)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [AdobeFirmware] => C:\Users\Carsten\AppData\Local\Temp\AdobeData\client32.exe [34808 2011-10-08] (NetSupport Ltd) <===== ATTENTION
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2860080 2015-06-29] (Blizzard Entertainment)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeFirmware] => C:\Users\Carsten\AppData\Local\Temp\AdobeData\client32.exe [34808 2011-10-08] (NetSupport Ltd) <===== ATTENTION
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2860080 2015-06-29] (Blizzard Entertainment)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-06-20] (Google Inc.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28785280 2015-06-02] (Skype Technologies S.A.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [AdobeFirmware] => C:\Users\Carsten\AppData\Local\Temp\AdobeData\client32.exe [34808 2011-10-08] (NetSupport Ltd) <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2012-09-22]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> {EA91F7D3-D0E7-46ED-9543-66B1F5A13080} URL = 
SearchScopes: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {04FEFF2F-5A52-498C-8B2E-23D736EF22AF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=5fd0d11a-4c6c-4866-b96f-38024e5ee3c3&apn_sauid=50583D50-514B-4FC5-B06B-8A9A5A96453F
SearchScopes: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {EA91F7D3-D0E7-46ED-9543-66B1F5A13080} URL = 
SearchScopes: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {04FEFF2F-5A52-498C-8B2E-23D736EF22AF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=5fd0d11a-4c6c-4866-b96f-38024e5ee3c3&apn_sauid=50583D50-514B-4FC5-B06B-8A9A5A96453F
SearchScopes: HKU\S-1-5-21-4086059184-2630891605-3122563293-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1 -> {EA91F7D3-D0E7-46ED-9543-66B1F5A13080} URL = 
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{AE95F6B2-AE8C-47A0-9A4D-C9BD4FA27029}: [DhcpNameServer] 127.0.0.1
Tcpip\..\Interfaces\{CEA4EFFB-10CE-47B4-818F-457E8EBE15A2}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{F68162C2-F2AA-45FB-A8D3-A009BB3F20C2}: [DhcpNameServer] 192.168.42.129

FireFox:
========
FF ProfilePath: C:\Users\Carsten\AppData\Roaming\Mozilla\Firefox\Profiles\2tge81ur.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_17_0_0_190.dll [2015-06-25] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_190.dll [2015-06-25] ()
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [2015-03-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Carsten\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Carsten\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-09-23] ()
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Carsten\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Carsten\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-09-23] ()
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Carsten\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Carsten\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-18] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll [2013-05-22] (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-4086059184-2630891605-3122563293-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-09-23] ()

Chrome: 
=======
CHR Profile: C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-31]
CHR Extension: (Google Docs) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-31]
CHR Extension: (Google Drive) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-31]
CHR Extension: (YouTube) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-31]
CHR Extension: (Adblock Plus) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-05-31]
CHR Extension: (Google Search) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-31]
CHR Extension: (Lounge Assistant) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\enjonnlehciedbcidabdglnnihcncbml [2015-05-31]
CHR Extension: (Google Play Music) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2015-05-31]
CHR Extension: (Google Sheets) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-31]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-31]
CHR Extension: (Google Wallet) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-31]
CHR Extension: (Gmail) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-31]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-16] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [208632 2015-05-21] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-26] (Broadcom Corporation.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [433880 2015-05-07] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [413400 2015-05-07] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [806616 2015-05-07] (BlueStack Systems, Inc.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2015-01-16] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [319376 2014-10-01] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706128 2015-01-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833360 2015-01-16] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1910640 2015-03-21] (Electronic Arts)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76152 2015-01-12] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132656 2015-06-16] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-03-05] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [145112 2015-05-07] (BlueStack Systems)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-09-24] (Microsoft Corporation)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-03-30] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-01-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 ALSysIO; \??\C:\Users\Carsten\AppData\Local\Temp\ALSysIO64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 12:00 - 2015-07-05 12:00 - 00033450 _____ C:\Users\Carsten\Desktop\FRST.txt
2015-07-05 11:55 - 2015-07-05 12:00 - 00000000 ____D C:\FRST
2015-07-05 11:54 - 2015-07-05 11:54 - 02112512 _____ (Farbar) C:\Users\Carsten\Desktop\FRST64.exe
2015-07-04 19:36 - 2015-07-05 10:23 - 00001273 _____ C:\Users\Carsten\Desktop\CoreTemp.ini
2015-07-04 19:35 - 2013-10-08 13:23 - 00890016 _____ C:\Users\Carsten\Desktop\Core Temp.exe
2015-07-04 19:32 - 2015-07-04 19:32 - 00734473 _____ C:\Users\Carsten\Downloads\CoreTemp_106.zip
2015-07-04 19:32 - 2015-07-04 19:32 - 00734473 _____ C:\Users\Carsten\Downloads\CoreTemp_106 (1).zip
2015-07-04 17:44 - 2015-07-04 17:44 - 00000222 _____ C:\Users\Carsten\Desktop\Dirty Bomb.url
2015-07-03 19:19 - 2015-07-04 19:57 - 00022736 _____ C:\Users\Carsten\Desktop\clickerHeroSave.txt
2015-07-03 18:40 - 2015-07-03 18:41 - 00000016 _____ C:\Users\Carsten\Desktop\CH.txt
2015-06-29 21:27 - 2015-06-29 21:27 - 00001695 _____ C:\Users\Carsten\Desktop\My Skype Received Files - Verknüpfung.lnk
2015-06-20 22:12 - 2015-06-25 19:19 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-06-20 22:12 - 2015-06-20 22:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-06-20 21:24 - 2015-06-20 21:24 - 00000221 _____ C:\Users\Carsten\Desktop\Fallout 3.url
2015-06-20 10:49 - 2015-06-20 10:49 - 00000000 ____D C:\ProgramData\Battle.net
2015-06-19 21:30 - 2015-06-19 22:13 - 00000221 _____ C:\Users\Carsten\Desktop\The Elder Scrolls IV Oblivion.url
2015-06-16 16:10 - 2015-06-16 16:10 - 00000000 ____D C:\Users\Carsten\AppData\Local\GWX
2015-06-14 19:16 - 2015-06-14 19:16 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-11 19:04 - 2015-06-11 19:04 - 00001147 _____ C:\Users\Public\Desktop\Avira.lnk
2015-06-10 18:54 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-10 18:54 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-10 18:54 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-10 18:54 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-10 18:54 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-10 18:54 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-10 18:54 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-10 18:54 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-10 18:19 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-10 18:19 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-10 18:07 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-10 18:07 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-10 18:07 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-10 18:07 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-10 17:51 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-10 17:08 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-10 17:08 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-10 16:54 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-10 16:42 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-10 16:42 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-10 16:37 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-10 16:37 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-10 16:37 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-10 16:37 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-10 16:36 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-10 16:36 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-10 16:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-10 16:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-10 16:35 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-10 16:35 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-10 16:35 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-10 16:35 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-10 16:35 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-10 16:35 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-10 16:35 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-10 16:35 - 2015-04-16 08:17 - 00325464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-10 16:35 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-10 16:35 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-10 16:35 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-10 16:35 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-10 16:35 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-10 16:35 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-10 16:35 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-10 16:35 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-10 16:35 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-10 16:35 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-10 16:35 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-10 16:35 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-10 16:35 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-10 16:34 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-10 16:34 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-10 16:34 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-10 16:34 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-10 16:34 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-10 16:34 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-10 16:34 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-10 16:34 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-10 16:34 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-10 16:34 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-10 16:34 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-10 16:34 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-10 16:34 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-10 16:34 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-10 16:34 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-10 16:34 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-10 16:34 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-10 16:34 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-10 16:34 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-10 16:34 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-10 16:34 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-10 16:34 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-10 16:34 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-10 16:34 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-10 16:34 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-10 16:34 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-10 16:34 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-10 16:34 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-10 16:34 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-10 16:34 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-10 16:34 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-10 16:32 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-06-09 16:35 - 2015-01-30 02:53 - 02819584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-06-09 16:35 - 2014-11-14 08:58 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsDatabase.dll
2015-06-08 16:22 - 2015-06-08 16:22 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\com.playsaurus.heroclicker
2015-06-07 22:10 - 2015-06-07 22:10 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-06-07 22:10 - 2015-06-07 22:10 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-06-07 11:08 - 2015-01-23 09:17 - 00723072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2015-06-07 11:08 - 2015-01-23 07:02 - 00560392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2015-06-07 11:05 - 2015-01-29 03:11 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-07 11:05 - 2015-01-29 03:00 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-06-07 11:05 - 2015-01-29 02:55 - 00971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2015-06-07 11:05 - 2015-01-29 02:50 - 00811008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2015-06-07 11:03 - 2015-04-10 02:34 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2015-06-07 11:03 - 2015-04-10 02:11 - 01943040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2015-06-07 11:01 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-06-07 11:01 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-06-07 11:01 - 2015-02-03 02:03 - 03551744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2015-06-07 11:01 - 2015-02-03 02:02 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2015-06-07 11:01 - 2015-01-30 04:03 - 01488896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42u.dll
2015-06-07 11:01 - 2015-01-30 04:03 - 01464832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfc42.dll
2015-06-07 11:01 - 2015-01-30 03:44 - 01230336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42u.dll
2015-06-07 11:01 - 2015-01-30 03:42 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfc42.dll
2015-06-07 11:01 - 2015-01-30 03:29 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2015-06-07 11:01 - 2015-01-29 03:58 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\photowiz.dll
2015-06-07 11:01 - 2015-01-29 03:29 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\photowiz.dll
2015-06-07 11:01 - 2014-12-13 23:28 - 00513488 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-06-07 11:01 - 2014-12-13 23:28 - 00513488 _____ C:\WINDOWS\system32\locale.nls
2015-06-07 11:00 - 2015-01-27 05:44 - 00933888 _____ (Microsoft Corporation) C:\WINDOWS\system32\calc.exe
2015-06-07 11:00 - 2015-01-24 03:51 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\calc.exe
2015-06-07 11:00 - 2014-07-10 06:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2015-06-07 10:58 - 2014-10-31 01:39 - 01970432 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2015-06-07 10:58 - 2014-10-31 01:38 - 01612992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2015-06-07 10:56 - 2014-11-10 04:29 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupStatusProvider.dll
2015-06-07 10:56 - 2014-11-10 03:51 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceSetupStatusProvider.dll
2015-06-07 10:55 - 2015-03-17 19:26 - 00467776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-06-07 10:44 - 2015-03-09 04:02 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2015-06-07 10:42 - 2014-12-19 10:57 - 00788680 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2015-06-07 10:42 - 2014-12-19 10:25 - 00602776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2015-06-07 10:27 - 2015-03-20 03:56 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2015-06-07 10:24 - 2015-03-04 03:32 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2015-06-07 10:24 - 2015-03-04 03:12 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2015-06-07 10:13 - 2015-02-05 22:24 - 01113920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-06-07 10:11 - 2015-04-02 00:22 - 02985984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2015-06-07 10:11 - 2015-04-02 00:20 - 04417536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2015-06-07 10:11 - 2015-04-01 05:45 - 01491456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2015-06-07 10:11 - 2015-04-01 04:31 - 01207296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2015-06-06 20:32 - 2015-01-29 03:04 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2015-06-06 20:31 - 2015-03-13 03:11 - 02162176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-06-06 20:31 - 2015-03-13 02:39 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-06-06 20:31 - 2015-02-18 01:19 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-06-06 20:30 - 2015-04-03 02:35 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoMetadataHandler.dll
2015-06-06 20:30 - 2015-04-03 02:14 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2015-06-06 20:25 - 2015-03-13 04:02 - 00316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2015-06-06 19:41 - 2015-03-06 04:47 - 01696256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2015-06-06 19:40 - 2015-01-19 20:42 - 01487976 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2015-06-06 19:22 - 2015-01-28 04:24 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2015-06-06 19:22 - 2015-01-28 03:47 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StorageContextHandler.dll
2015-06-06 19:20 - 2015-03-11 03:49 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2015-06-06 19:20 - 2015-03-11 03:09 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2015-06-06 19:13 - 2015-01-29 02:59 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-06-06 19:13 - 2015-01-29 02:49 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-06-06 18:45 - 2015-02-08 01:57 - 01090048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2015-06-06 18:45 - 2015-02-08 01:49 - 00791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2015-06-06 18:23 - 2015-01-30 04:02 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2015-06-06 18:23 - 2015-01-30 03:40 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2015-06-06 18:23 - 2015-01-30 03:37 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2015-06-06 18:23 - 2015-01-30 03:24 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2015-06-06 18:23 - 2015-01-30 03:24 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2015-06-06 18:23 - 2015-01-30 03:16 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2015-06-06 18:23 - 2015-01-30 03:08 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2015-06-06 18:23 - 2015-01-30 03:06 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2015-06-06 18:22 - 2015-03-13 06:03 - 00239424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-06-06 18:22 - 2015-03-13 06:03 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2015-06-06 18:04 - 2014-12-11 07:36 - 00046456 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2015-06-06 17:58 - 2015-03-06 05:08 - 02067968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2015-06-06 17:58 - 2015-03-06 04:43 - 01969664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2015-06-06 17:58 - 2015-01-28 01:47 - 02501368 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-06-06 17:57 - 2015-01-28 01:41 - 02207488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-06-06 10:53 - 2015-06-06 10:53 - 00266552 _____ C:\Users\Carsten\Downloads\Die Rote Gentechnik Mika (1).pptx
2015-06-05 17:59 - 2015-06-05 17:59 - 00266552 _____ C:\Users\Carsten\Downloads\Die Rote Gentechnik Mika.pptx

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-07-05 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-05 11:54 - 2014-12-23 12:06 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm
2015-07-05 11:53 - 2013-08-15 20:04 - 00000000 ____D C:\Users\Carsten\AppData\Local\Battle.net
2015-07-05 11:47 - 2014-05-26 15:56 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-05 11:31 - 2013-01-27 16:50 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\TS3Client
2015-07-05 11:12 - 2012-12-27 23:29 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-05 11:07 - 2012-12-27 22:52 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-05 10:58 - 2014-10-21 17:29 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-05 10:52 - 2014-10-21 17:29 - 00001129 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-05 10:52 - 2014-10-21 17:28 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-07-05 10:51 - 2014-10-30 17:33 - 01273718 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-05 10:40 - 2012-12-25 12:24 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4086059184-2630891605-3122563293-1002
2015-07-05 10:33 - 2014-09-24 08:17 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-07-05 10:33 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-07-05 10:33 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-07-05 10:28 - 2014-05-26 15:55 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-05 10:27 - 2013-08-22 16:46 - 00348429 _____ C:\WINDOWS\setupact.log
2015-07-05 10:27 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-05 10:26 - 2014-09-23 23:06 - 00284346 _____ C:\WINDOWS\PFRO.log
2015-07-05 10:20 - 2014-10-30 17:40 - 00000000 ____D C:\Users\Carsten
2015-07-04 18:30 - 2013-12-27 19:25 - 00000958 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002UA.job
2015-07-04 18:30 - 2013-12-27 19:25 - 00000936 _____ C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002Core.job
2015-07-04 11:40 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-02 17:31 - 2012-12-25 13:14 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2015-07-01 20:46 - 2013-10-09 15:07 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\Skype
2015-07-01 12:54 - 2013-06-23 17:06 - 00000000 ____D C:\Users\Carsten\AppData\Roaming\.minecraft
2015-06-30 20:34 - 2014-05-24 11:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-29 21:24 - 2013-08-20 17:34 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-06-29 18:57 - 2013-05-24 16:43 - 00230912 ___SH C:\Users\Carsten\Desktop\Thumbs.db
2015-06-28 22:36 - 2015-03-19 17:13 - 00000112 _____ C:\Users\Carsten\Desktop\Minecraft.txt
2015-06-27 09:31 - 2013-10-09 15:06 - 00000000 ____D C:\ProgramData\Skype
2015-06-26 15:02 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-25 20:16 - 2013-05-26 10:19 - 00000000 ____D C:\Users\Carsten\AppData\Local\._LiveCode_
2015-06-25 17:14 - 2012-12-27 23:29 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-23 16:52 - 2014-05-26 15:56 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-06-20 22:57 - 2014-05-30 14:08 - 00000000 ____D C:\ProgramData\Origin
2015-06-20 22:12 - 2013-10-08 09:06 - 00001182 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-06-20 22:07 - 2014-12-23 13:10 - 00001222 _____ C:\Users\Public\Desktop\Heroes of the Storm.lnk
2015-06-20 21:54 - 2012-12-28 21:42 - 00000000 ____D C:\Program Files (x86)\StarCraft II
2015-06-20 21:53 - 2012-12-28 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2015-06-20 05:02 - 2014-09-24 09:46 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2014-09-24 09:46 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 15:43 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-06-18 08:42 - 2014-10-21 17:28 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-06-18 08:41 - 2014-10-21 17:28 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-06-18 08:41 - 2014-10-21 17:28 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-06-16 16:17 - 2014-05-24 11:34 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-06-16 16:17 - 2014-05-24 11:34 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-06-15 20:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppCompat
2015-06-14 19:18 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-06-14 19:16 - 2014-09-24 09:43 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-14 19:16 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-13 17:39 - 2013-05-17 11:06 - 00000000 ____D C:\Users\Carsten\AppData\Local\Windows Live
2015-06-13 13:12 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-13 11:57 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-06-13 10:19 - 2015-02-24 17:39 - 00000000 ____D C:\Users\Carsten\Desktop\Schule
2015-06-12 15:17 - 2013-08-22 16:44 - 00362760 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-12 15:15 - 2013-03-13 21:55 - 00000000 ____D C:\ProgramData\Avira
2015-06-11 22:18 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-11 22:17 - 2013-08-15 18:49 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-11 22:13 - 2012-12-26 12:59 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-11 19:04 - 2014-08-06 10:01 - 00000000 ____D C:\ProgramData\Package Cache
2015-06-11 19:04 - 2014-05-24 11:33 - 00000000 ____D C:\Program Files (x86)\Avira
2015-06-09 16:13 - 2013-08-22 17:36 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-06-09 16:13 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\WinStore
2015-06-09 16:13 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-06-07 14:07 - 2012-12-28 21:42 - 00000000 ____D C:\Users\Carsten\Documents\StarCraft II

==================== Files in the root of some directories =======

2013-02-04 20:50 - 2013-02-04 20:54 - 0017408 _____ () C:\Users\Carsten\AppData\Local\WebpageIcons.db
2012-09-22 00:03 - 2012-09-22 00:03 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Files to move or delete:
====================
C:\Users\Carsten\AppData\Local\Temp\AdobeData\client32.exe


Some files in TEMP:
====================
C:\Users\Carsten\AppData\Local\Temp\avgnt.exe
C:\Users\Carsten\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Carsten\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-07-03 21:10

==================== End of log ============================

Zum Vergleich mal eine aus dem Jahre 2014

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-10-2014
Ran by Carsten (administrator) on CARSTENSPC on 28-10-2014 10:41:13
Running from C:\Users\Carsten\Desktop
Loaded Profiles: UpdatusUser & Carsten (Available profiles: UpdatusUser & Carsten)
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
() C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Carsten\Desktop\SecurityCheck.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [887968 2012-06-14] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-27] (Synaptics Incorporated)
HKLM\...\Run: [Energy Management] => C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17079376 2012-09-21] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] => C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191568 2012-09-21] (Lenovo(beijing) Limited)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [548864 2012-05-02] (Vimicro)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [165168 2014-09-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1001\...\MountPoints2: {887617d7-0435-11e2-be6a-806e6f6e6963} - "E:\Autorun.exe" 
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1938112 2014-09-23] (Valve Corporation)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe [2864688 2014-10-24] (Blizzard Entertainment)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [854344 2014-10-10] (Google Inc.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
HKU\S-1-5-21-4086059184-2630891605-3122563293-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-10-23] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll (SugarSync, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM - {EA91F7D3-D0E7-46ED-9543-66B1F5A13080} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - {EA91F7D3-D0E7-46ED-9543-66B1F5A13080} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {EA91F7D3-D0E7-46ED-9543-66B1F5A13080} URL = 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Carsten\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Carsten\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome: 
=======
CHR Profile: C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-25]
CHR Extension: (YouTube) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-25]
CHR Extension: (Google-Suche) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-25]
CHR Extension: (Du verlässt Facebook ...) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\eajffggbghfiljaghcfgpokgfgmdfhhm [2013-06-28]
CHR Extension: (Google Play Music) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-05-31]
CHR Extension: (Test- und Verbraucherinformation bei Testberichte.de) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhbfdaopknokahpclnokkmchjlldmmoa [2013-06-28]
CHR Extension: (Google Wallet) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR Extension: (Lustige Videos, Musik, TV Serien und kostenlose Filme - MyVideo) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeihcmcnjkoimeikommiopekojmnhokm [2013-06-28]
CHR Extension: (Battlefield Play4Free) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2013-02-01]
CHR Extension: (Google Mail) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-25]
CHR Profile: C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-31]
CHR Extension: (Google Drive) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-31]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-05]
CHR Extension: (YouTube) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-31]
CHR Extension: (Google-Suche) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-31]
CHR Extension: (Google Play Music) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-05-31]
CHR Extension: (Google Wallet) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-31]
CHR Extension: (Google Mail) - C:\Users\Carsten\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-31]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160560 2014-09-23] (Avira Operations GmbH & Co. KG)
R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252600 2012-08-26] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [953720 2012-08-26] (Broadcom Corporation.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [43520 2012-07-26] (Microsoft Corporation)
S3 LSCWinService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe [30184 2013-08-08] ()
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [634368 2012-07-26] (Microsoft Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-08] (NVIDIA Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18432 2012-07-26] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-05-09] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [164152 2012-08-26] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
S3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-09-04] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-10-01] (Malwarebytes Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-09-28] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 10:41 - 2014-10-28 10:41 - 00019177 _____ () C:\Users\Carsten\Desktop\FRST.txt
2014-10-28 10:16 - 2014-10-28 10:16 - 00001162 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-10-28 10:12 - 2014-10-28 10:14 - 36248896 _____ () C:\Users\Carsten\Downloads\Firefox Setup 33.0.1.exe
2014-10-27 09:59 - 2014-10-27 09:59 - 00036250 _____ () C:\Users\Carsten\Desktop\Addition.txt
2014-10-27 09:54 - 2014-10-27 09:54 - 02113024 _____ (Farbar) C:\Users\Carsten\Desktop\FRST64.exe
2014-10-26 18:17 - 2014-10-26 18:17 - 00854448 _____ () C:\Users\Carsten\Desktop\SecurityCheck.exe
2014-10-26 10:12 - 2014-10-26 10:14 - 02347384 _____ (ESET) C:\Users\Carsten\Downloads\esetsmartinstaller_deu.exe
2014-10-23 15:34 - 2014-10-23 15:34 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\365B21C8.sys
2014-10-21 17:46 - 2014-10-21 17:46 - 00000906 _____ () C:\Users\Carsten\Desktop\JRT.txt
2014-10-21 17:43 - 2014-10-21 17:43 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-21 17:42 - 2014-10-21 17:43 - 01705698 _____ (Thisisu) C:\Users\Carsten\Downloads\JRT.exe
2014-10-21 17:26 - 2014-10-21 17:29 - 00000000 ____D () C:\AdwCleaner
2014-10-21 17:24 - 2014-10-21 17:25 - 01962496 _____ () C:\Users\Carsten\Downloads\AdwCleaner_4.001.exe
2014-10-21 17:08 - 2014-10-21 17:08 - 00077693 _____ () C:\Users\Carsten\Desktop\mbam.txt
2014-10-21 16:29 - 2014-10-28 10:01 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-21 16:29 - 2014-10-21 16:29 - 00001117 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-21 16:28 - 2014-10-21 16:28 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-21 16:28 - 2014-10-21 16:28 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-10-21 16:28 - 2014-10-01 10:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-21 16:28 - 2014-10-01 10:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-21 16:28 - 2014-10-01 10:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-21 16:26 - 2014-10-21 16:26 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Carsten\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-19 08:27 - 2014-10-19 08:27 - 00001148 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-10-17 18:04 - 2014-10-17 18:05 - 00041206 _____ () C:\Users\Carsten\Downloads\Addition.txt
2014-10-17 18:03 - 2014-10-28 10:41 - 00000000 ____D () C:\FRST
2014-10-16 14:54 - 2014-07-12 01:02 - 00478352 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-10-16 14:54 - 2014-07-12 01:00 - 00478352 _____ () C:\WINDOWS\system32\locale.nls
2014-10-16 14:54 - 2014-07-08 23:32 - 01539584 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-10-16 14:54 - 2014-07-07 06:52 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-10-16 14:54 - 2014-07-03 02:59 - 01824784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-16 14:54 - 2014-06-25 08:07 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-10-16 14:54 - 2014-06-18 00:23 - 02238464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-10-16 14:54 - 2014-06-11 15:47 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-10-16 14:54 - 2014-06-11 05:40 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-10-16 14:54 - 2014-06-10 23:44 - 01403896 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-10-16 14:53 - 2014-07-12 05:41 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-10-16 14:53 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-10-16 14:53 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-10-16 14:53 - 2014-07-12 05:41 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-10-16 14:53 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-10-16 14:53 - 2014-07-12 05:41 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-10-16 14:53 - 2014-07-12 05:16 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-10-16 14:53 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-10-16 14:53 - 2014-07-12 05:16 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-10-16 14:53 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-10-16 14:53 - 2014-07-12 05:16 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-10-16 14:53 - 2014-07-12 05:15 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-10-16 14:53 - 2014-07-08 23:33 - 00181248 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-10-16 14:53 - 2014-07-08 23:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-10-16 14:53 - 2014-07-08 23:30 - 01220608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-10-16 14:53 - 2014-07-07 06:52 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-10-16 14:53 - 2014-07-04 11:52 - 00328000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-10-16 14:53 - 2014-07-03 01:30 - 01408952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-16 14:53 - 2014-06-28 08:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-10-16 14:53 - 2014-06-28 07:57 - 00209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-10-16 14:53 - 2014-06-28 07:56 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-10-16 14:53 - 2014-06-25 08:09 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-10-16 14:53 - 2014-06-18 00:27 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-10-16 14:53 - 2014-05-30 00:31 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-10-16 14:53 - 2014-05-30 00:03 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-10-16 14:53 - 2014-02-04 11:57 - 01271664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-10-16 14:50 - 2014-10-10 05:47 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-16 14:50 - 2014-10-10 05:47 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-16 14:50 - 2014-10-08 05:26 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-16 14:50 - 2014-09-03 03:48 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-16 14:50 - 2014-09-03 03:21 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-16 14:49 - 2014-09-13 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-16 14:49 - 2014-09-13 05:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-16 14:48 - 2014-07-07 06:53 - 01125376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2014-10-16 14:48 - 2014-07-07 06:52 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-10-16 14:48 - 2014-07-07 06:52 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-10-16 14:48 - 2014-07-07 06:52 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsta.dll
2014-10-16 14:48 - 2014-07-07 06:51 - 05982208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-16 14:48 - 2014-07-07 05:01 - 01049600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2014-10-16 14:48 - 2014-07-07 05:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsta.dll
2014-10-16 14:48 - 2014-07-07 05:00 - 05095424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-16 14:48 - 2014-07-07 04:59 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aaclient.dll
2014-10-16 14:43 - 2014-09-20 06:18 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-16 14:43 - 2014-09-20 06:17 - 02236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-16 14:43 - 2014-09-20 06:17 - 01407488 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-16 14:43 - 2014-09-20 06:17 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-10-16 14:43 - 2014-09-20 06:17 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 19280896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 15399424 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 02655232 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-10-16 14:43 - 2014-09-20 06:16 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-10-16 14:43 - 2014-09-20 06:15 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-16 14:43 - 2014-09-20 06:15 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-16 14:43 - 2014-09-20 06:15 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 13757952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 02861568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 02055168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 01180672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-10-16 14:43 - 2014-09-20 04:57 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-10-16 14:43 - 2014-09-20 04:56 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-16 14:43 - 2014-09-20 04:56 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-16 14:43 - 2014-09-20 04:56 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-16 14:43 - 2014-09-20 04:38 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-10-16 14:43 - 2014-09-20 04:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-10-16 14:43 - 2014-09-20 02:06 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-10-16 14:41 - 2014-09-28 05:18 - 04068352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-16 14:40 - 2014-08-01 23:08 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-16 14:40 - 2014-07-24 14:50 - 00447296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-10-16 14:40 - 2014-07-17 00:28 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sscore.dll
2014-10-16 14:40 - 2014-07-16 23:59 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-10-16 14:40 - 2014-07-16 23:59 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscore.dll
2014-10-16 14:40 - 2014-07-12 07:45 - 01549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2014-10-16 14:40 - 2014-07-12 05:36 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-10-16 14:40 - 2014-07-12 05:36 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-10-16 14:40 - 2014-07-12 05:34 - 00404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-16 14:40 - 2014-07-12 05:34 - 00250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-10-16 14:40 - 2014-06-28 07:57 - 01341952 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-10-16 14:40 - 2014-06-28 03:23 - 01126400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-10-16 14:39 - 2014-09-18 00:24 - 02416128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-16 14:39 - 2014-09-17 23:56 - 02885120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-16 14:39 - 2014-08-30 06:48 - 10115072 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-16 14:39 - 2014-08-30 06:46 - 02306560 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-16 14:39 - 2014-08-30 05:05 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-16 14:39 - 2014-08-30 05:03 - 02037760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-16 14:39 - 2014-06-13 00:34 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-16 14:39 - 2014-06-13 00:29 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-15 18:12 - 2014-10-21 17:33 - 00133376 _____ () C:\WINDOWS\PFRO.log
2014-10-15 16:58 - 2014-10-15 16:58 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-10-15 16:55 - 2014-10-15 16:55 - 02868792 _____ (Blizzard Entertainment) C:\Users\Carsten\Downloads\Battle.net-Setup-deDE.exe
2014-10-15 16:44 - 2014-10-15 16:44 - 00000000 ____D () C:\ProgramData\Battle.net
2014-10-11 18:02 - 2014-10-11 18:02 - 00283988 _____ () C:\Users\Carsten\Documents\cc_20141011_190230.reg
2014-10-11 17:39 - 2014-10-11 17:39 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-10-11 17:39 - 2014-10-11 17:39 - 00000833 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-11 17:39 - 2014-10-11 17:39 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-11 17:37 - 2014-10-11 17:38 - 03836936 _____ (Piriform Ltd) C:\Users\Carsten\Downloads\ccsetup418_slim.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-28 10:27 - 2012-09-21 23:26 - 01132487 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-28 10:24 - 2014-05-26 14:56 - 00001140 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-28 10:22 - 2012-12-25 11:24 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4086059184-2630891605-3122563293-1002
2014-10-28 10:16 - 2014-05-26 15:25 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-28 10:15 - 2013-04-26 14:14 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Mozilla
2014-10-28 10:12 - 2012-12-27 22:29 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-10-28 10:02 - 2014-05-26 14:55 - 00001136 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-28 10:02 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-28 09:58 - 2012-09-22 08:40 - 00753134 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-28 09:58 - 2012-09-22 08:40 - 00155826 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-28 09:58 - 2012-07-26 08:28 - 01745416 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-27 14:02 - 2013-08-15 19:04 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Battle.net
2014-10-27 14:00 - 2013-01-27 15:50 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\TS3Client
2014-10-27 12:30 - 2013-12-27 18:25 - 00000958 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002UA.job
2014-10-27 09:48 - 2012-12-25 11:18 - 00000000 ____D () C:\Users\Carsten\AppData\Local\Packages
2014-10-26 18:30 - 2013-12-27 18:25 - 00000936 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-4086059184-2630891605-3122563293-1002Core.job
2014-10-26 18:22 - 2013-08-29 14:00 - 00073728 ___SH () C:\Users\Carsten\Downloads\Thumbs.db
2014-10-25 16:27 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-24 20:12 - 2012-07-26 08:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-24 19:41 - 2012-07-26 06:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-24 19:40 - 2014-07-12 20:48 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-24 19:35 - 2013-10-09 14:07 - 00000000 ____D () C:\Users\Carsten\AppData\Roaming\Skype
2014-10-24 17:27 - 2013-08-20 16:34 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-23 16:32 - 2012-07-26 08:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-21 16:57 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\Web
2014-10-21 16:55 - 2012-07-26 09:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-21 16:54 - 2012-09-21 23:24 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-10-21 16:19 - 2014-05-26 14:56 - 00004112 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-21 16:19 - 2014-05-26 14:55 - 00003876 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-21 16:02 - 2012-07-26 09:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-19 08:28 - 2014-08-06 09:01 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-19 08:27 - 2014-05-24 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-10-19 08:27 - 2014-05-24 10:33 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-10-18 23:15 - 2012-07-26 09:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-18 17:33 - 2013-05-26 09:19 - 00000000 ____D () C:\Users\Carsten\AppData\Local\._LiveCode_
2014-10-18 17:33 - 2013-05-24 15:43 - 00126464 ___SH () C:\Users\Carsten\Desktop\Thumbs.db
2014-10-17 19:19 - 2014-05-26 14:56 - 00002186 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-17 15:59 - 2013-08-15 17:49 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-17 15:54 - 2012-12-26 11:59 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 14:50 - 2012-12-25 12:14 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-10-16 14:39 - 2012-12-27 21:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-15 18:12 - 2013-06-17 16:56 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-10-14 16:15 - 2013-02-09 19:31 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft Public Test
2014-10-11 17:49 - 2012-08-01 17:50 - 00000000 ____D () C:\WINDOWS\Panther
2014-10-09 15:27 - 2014-06-03 17:27 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-10-09 15:27 - 2014-05-24 10:34 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-09 15:27 - 2014-05-24 10:34 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-09-29 23:49 - 2014-07-13 07:37 - 00705480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-29 23:49 - 2014-07-13 07:37 - 00104904 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Carsten\AppData\Local\Temp\avgnt.exe
C:\Users\Carsten\AppData\Local\Temp\Quarantine.exe
C:\Users\Carsten\AppData\Local\Temp\sqlite3.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite11078.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite14750.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite20237.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite41838.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite46877.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite48144.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite49328.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite72783.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite75241.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite77470.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite84345.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite84984.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite85600.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite92232.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite92854.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite93643.dll
C:\Users\Carsten\AppData\Local\Temp\System.Data.SQLite95373.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-17 15:50

==================== End Of Log ============================

schrauber · 05.07.2015, 18:37

hi,

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Carsten M · 06.07.2015, 15:23

Code:

ATTFilter

Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org

Database version:
  main:    v2015.07.06.03
  rootkit: v2015.07.05.03

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17842
Carsten :: CARSTENSPC [administrator]

06.07.2015 15:49:21
mbar-log-2015-07-06 (15-49-21).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 402069
Time elapsed: 24 minute(s), 11 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

Carsten M · 06.07.2015, 15:39

Code:

ATTFilter

16:31:09.0300 0x0d6c  TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
16:31:09.0300 0x0d6c  UEFI system
16:31:22.0716 0x0d6c  ============================================================
16:31:22.0716 0x0d6c  Current date / time: 2015/07/06 16:31:22.0716
16:31:22.0716 0x0d6c  SystemInfo:
16:31:22.0716 0x0d6c  
16:31:22.0716 0x0d6c  OS Version: 6.3.9600 ServicePack: 0.0
16:31:22.0716 0x0d6c  Product type: Workstation
16:31:22.0716 0x0d6c  ComputerName: CARSTENSPC
16:31:22.0716 0x0d6c  UserName: Carsten
16:31:22.0716 0x0d6c  Windows directory: C:\WINDOWS
16:31:22.0716 0x0d6c  System windows directory: C:\WINDOWS
16:31:22.0716 0x0d6c  Running under WOW64
16:31:22.0716 0x0d6c  Processor architecture: Intel x64
16:31:22.0716 0x0d6c  Number of processors: 4
16:31:22.0716 0x0d6c  Page size: 0x1000
16:31:22.0716 0x0d6c  Boot type: Normal boot
16:31:22.0716 0x0d6c  ============================================================
16:31:23.0197 0x0d6c  KLMD registered as C:\WINDOWS\system32\drivers\26768355.sys
16:31:24.0541 0x0d6c  System UUID: {04AA6968-52DF-3FF2-E6FE-9ACA37304968}
16:31:25.0527 0x0d6c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:31:25.0540 0x0d6c  ============================================================
16:31:25.0540 0x0d6c  \Device\Harddisk0\DR0:
16:31:25.0540 0x0d6c  GPT partitions:
16:31:25.0540 0x0d6c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A2346942-3F3C-4EEA-AA18-874C65C47083}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
16:31:25.0540 0x0d6c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {9FE1405A-FF8C-490C-B356-00E4FCF15BB5}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
16:31:25.0540 0x0d6c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {0F42EDF2-8718-48E6-A7D3-1675751E7AAD}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
16:31:25.0540 0x0d6c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {372E05DF-49A5-4902-801D-F84229052AEE}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
16:31:25.0541 0x0d6c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {B6E5EA1D-566D-452F-8F6B-4D27AE244915}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6E77B000
16:31:25.0541 0x0d6c  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6FDF0BB2-4DF4-4069-A204-31400782A918}, Name: , StartLBA 0x6EC25800, BlocksNum 0xE1000
16:31:25.0541 0x0d6c  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {4D5170E6-BAF5-4AAC-91C3-4709590A7677}, Name: Basic data partition, StartLBA 0x6ED06800, BlocksNum 0x3200000
16:31:25.0541 0x0d6c  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {DF3E8484-C95E-45DC-996E-0D5BEE469608}, Name: Basic data partition, StartLBA 0x71F06800, BlocksNum 0x2800000
16:31:25.0541 0x0d6c  MBR partitions:
16:31:25.0541 0x0d6c  ============================================================
16:31:25.0611 0x0d6c  C: <-> \Device\Harddisk0\DR0\Partition5
16:31:25.0666 0x0d6c  D: <-> \Device\Harddisk0\DR0\Partition7
16:31:25.0666 0x0d6c  ============================================================
16:31:25.0666 0x0d6c  Initialize success
16:31:25.0666 0x0d6c  ============================================================
16:36:36.0159 0x0d08  ============================================================
16:36:36.0159 0x0d08  Scan started
16:36:36.0159 0x0d08  Mode: Manual; SigCheck; TDLFS; 
16:36:36.0159 0x0d08  ============================================================
16:36:36.0159 0x0d08  KSN ping started
16:36:38.0669 0x0d08  KSN ping finished: true
16:36:41.0762 0x0d08  ================ Scan system memory ========================
16:36:41.0762 0x0d08  System memory - ok
16:36:41.0762 0x0d08  ================ Scan services =============================
16:36:42.0019 0x0d08  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
16:36:42.0152 0x0d08  1394ohci - ok
16:36:42.0173 0x0d08  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
16:36:42.0183 0x0d08  3ware - ok
16:36:42.0232 0x0d08  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
16:36:42.0253 0x0d08  ACPI - ok
16:36:42.0291 0x0d08  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
16:36:42.0300 0x0d08  acpiex - ok
16:36:42.0312 0x0d08  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
16:36:42.0352 0x0d08  acpipagr - ok
16:36:42.0375 0x0d08  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
16:36:42.0471 0x0d08  AcpiPmi - ok
16:36:42.0545 0x0d08  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
16:36:42.0575 0x0d08  acpitime - ok
16:36:42.0623 0x0d08  [ 3B42D95D20CD2AACDB0564471AE43ED7, BF49568D7060159F61D5F6DE7ECDECCCD1F920A2881544BA83CF420C822F6653 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
16:36:43.0770 0x0d08  ACPIVPC - ok
16:36:43.0956 0x0d08  [ 6259A5B669AE018A5E53247259A101C3, 1CD2102FAF1DCEB6B8278D098A7C1A85ED6D6E5DCF7F70E0E9A5166B67C8D057 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:36:43.0967 0x0d08  AdobeFlashPlayerUpdateSvc - ok
16:36:44.0017 0x0d08  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
16:36:44.0047 0x0d08  ADP80XX - ok
16:36:44.0086 0x0d08  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
16:36:44.0218 0x0d08  AeLookupSvc - ok
16:36:44.0244 0x0d08  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
16:36:44.0552 0x0d08  AFD - ok
16:36:44.0564 0x0d08  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
16:36:44.0573 0x0d08  agp440 - ok
16:36:44.0604 0x0d08  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
16:36:44.0667 0x0d08  ahcache - ok
16:36:44.0700 0x0d08  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
16:36:44.0742 0x0d08  ALG - ok
16:36:44.0945 0x0d08  ALSysIO - ok
16:36:44.0989 0x0d08  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
16:36:45.0101 0x0d08  AmdK8 - ok
16:36:45.0119 0x0d08  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
16:36:45.0152 0x0d08  AmdPPM - ok
16:36:45.0177 0x0d08  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
16:36:45.0196 0x0d08  amdsata - ok
16:36:45.0209 0x0d08  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
16:36:45.0224 0x0d08  amdsbs - ok
16:36:45.0242 0x0d08  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
16:36:45.0251 0x0d08  amdxata - ok
16:36:45.0363 0x0d08  [ 3358CAD1887DDDDD2A36B7796B579292, 40BA1A836276C2AA78914F294661C3C918F2D6DFAA9D6EF3FEB6D1EE3B07F584 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
16:36:45.0406 0x0d08  AntiVirMailService - ok
16:36:45.0465 0x0d08  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:36:45.0479 0x0d08  AntiVirSchedulerService - ok
16:36:45.0518 0x0d08  [ 1892E1DB0B6431720B98B52AE9388C28, 141098794D774265662FF0EBB4E938D70ADB8BD54B62B1C9A19F6C3C1F263FEC ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:36:45.0531 0x0d08  AntiVirService - ok
16:36:45.0586 0x0d08  [ 6FD5165364D88FDABE4FA59E1768376F, B82D11E6FCC297F822E29A49D46C9985955C9F5676D107A397B00D0468F93504 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
16:36:45.0616 0x0d08  AntiVirWebService - ok
16:36:45.0688 0x0d08  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
16:36:45.0763 0x0d08  AppID - ok
16:36:45.0789 0x0d08  [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
16:36:45.0873 0x0d08  AppIDSvc - ok
16:36:45.0897 0x0d08  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
16:36:45.0949 0x0d08  Appinfo - ok
16:36:45.0983 0x0d08  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
16:36:46.0149 0x0d08  AppReadiness - ok
16:36:46.0197 0x0d08  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
16:36:46.0339 0x0d08  AppXSvc - ok
16:36:46.0376 0x0d08  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
16:36:46.0387 0x0d08  arcsas - ok
16:36:46.0407 0x0d08  [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
16:36:46.0550 0x0d08  AsyncMac - ok
16:36:46.0565 0x0d08  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
16:36:46.0573 0x0d08  atapi - ok
16:36:46.0608 0x0d08  [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
16:36:46.0729 0x0d08  AudioEndpointBuilder - ok
16:36:46.0765 0x0d08  [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
16:36:46.0848 0x0d08  Audiosrv - ok
16:36:46.0872 0x0d08  [ CC1ABBD9E61B7AA5CCBB45EA87CB033F, 4E5DE485833721E19B36455C017B9D908BAA7D12637A878934A0FAF2326E000B ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
16:36:46.0882 0x0d08  avgntflt - ok
16:36:46.0918 0x0d08  [ 07C8454D3A94BA478752FAFA2B94E0FE, EB19396D4A6D51D6C33ED55C8EF0259045801D39CCE2945931F9163D6006C133 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
16:36:46.0926 0x0d08  avipbb - ok
16:36:47.0086 0x0d08  [ 17348FE28C0A0AB4A6CB86D177770335, 633FEDA61F62504534B47090EA142F73C5D80C0D52A22A6C81DF64CD3EAFDAA8 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
16:36:47.0096 0x0d08  Avira.ServiceHost - ok
16:36:47.0116 0x0d08  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
16:36:47.0123 0x0d08  avkmgr - ok
16:36:47.0145 0x0d08  [ 83586138F23A4C284EB68AFC852D7AFA, 9ADE8924B4518ED0A8E3FC4CC3F9964BC05B5FF67F230A7FD0BDABCFFA0BB0C8 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
16:36:47.0152 0x0d08  avnetflt - ok
16:36:47.0177 0x0d08  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
16:36:47.0220 0x0d08  AxInstSV - ok
16:36:47.0266 0x0d08  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
16:36:47.0287 0x0d08  b06bdrv - ok
16:36:47.0300 0x0d08  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
16:36:47.0362 0x0d08  BasicDisplay - ok
16:36:47.0365 0x0d08  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
16:36:47.0406 0x0d08  BasicRender - ok
16:36:47.0482 0x0d08  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
16:36:47.0493 0x0d08  bcbtums - ok
16:36:47.0727 0x0d08  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
16:36:48.0003 0x0d08  BCM43XX - ok
16:36:48.0103 0x0d08  [ B84DDDB667E1D5957050A458E9EE99C8, FD7C653E9B1567750D7036DBBC05E451034DDF5CCF17FACB2F2DB27D455FB543 ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
16:36:48.0155 0x0d08  BcmBtRSupport - ok
16:36:48.0187 0x0d08  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
16:36:48.0213 0x0d08  bcmfn2 - ok
16:36:48.0249 0x0d08  [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
16:36:48.0349 0x0d08  BDESVC - ok
16:36:48.0374 0x0d08  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
16:36:48.0522 0x0d08  Beep - ok
16:36:48.0575 0x0d08  [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE             C:\WINDOWS\System32\bfe.dll
16:36:48.0648 0x0d08  BFE - ok
16:36:48.0690 0x0d08  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
16:36:48.0774 0x0d08  BITS - ok
16:36:48.0846 0x0d08  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
16:36:48.0933 0x0d08  bowser - ok
16:36:48.0968 0x0d08  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
16:36:49.0100 0x0d08  BrokerInfrastructure - ok
16:36:49.0133 0x0d08  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
16:36:49.0197 0x0d08  Browser - ok
16:36:49.0263 0x0d08  [ 38E83A80EFFE66DBD337EC844355B8CF, 4D58CB3D3DC25F38C48CCF23BEBD7305E05D5A1DD42E548FC8D509E3DF25C045 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe
16:36:49.0279 0x0d08  BstHdAndroidSvc - ok
16:36:49.0298 0x0d08  [ 0E92FB0F359BCAFA4984A3ABED4890C4, 95A616E827F6268BC2514BBF02CC1FF0FF34923A3A87C7D5D87B36D7735386D9 ] BstHdDrv        C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
16:36:49.0308 0x0d08  BstHdDrv - ok
16:36:49.0337 0x0d08  [ 74ADBBD8CFBF70B029F0D6D1A1FBEC2A, 781E7318285F7843AB08DBAD611D8DFBFAE7900E5D56AC0FDD9A4AE44517ABDF ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
16:36:49.0352 0x0d08  BstHdLogRotatorSvc - ok
16:36:49.0391 0x0d08  [ 3BEBD81F03FE5686BD6A0AFD574332D0, 02E8A61B65FEF0AD398E24AED092B7E643F97D05E38ED907CEB54F72BAD39620 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
16:36:49.0418 0x0d08  BstHdUpdaterSvc - ok
16:36:49.0476 0x0d08  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
16:36:49.0534 0x0d08  BthAvrcpTg - ok
16:36:49.0629 0x0d08  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
16:36:49.0780 0x0d08  BthEnum - ok
16:36:49.0808 0x0d08  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
16:36:49.0861 0x0d08  BthHFEnum - ok
16:36:49.0903 0x0d08  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
16:36:49.0987 0x0d08  bthhfhid - ok
16:36:50.0030 0x0d08  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
16:36:50.0075 0x0d08  BthHFSrv - ok
16:36:50.0109 0x0d08  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
16:36:50.0182 0x0d08  BthLEEnum - ok
16:36:50.0225 0x0d08  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
16:36:50.0286 0x0d08  BTHMODEM - ok
16:36:50.0309 0x0d08  [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
16:36:50.0374 0x0d08  BthPan - ok
16:36:50.0448 0x0d08  [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
16:36:50.0542 0x0d08  BTHPORT - ok
16:36:50.0575 0x0d08  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
16:36:50.0638 0x0d08  bthserv - ok
16:36:50.0672 0x0d08  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
16:36:50.0694 0x0d08  BTHUSB - ok
16:36:50.0721 0x0d08  [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
16:36:50.0732 0x0d08  btwampfl - ok
16:36:50.0765 0x0d08  [ F707AF3B94BE7AD7AA5F8886CCCADF80, 3E37BD52AE019711EA6D07A31958D9F65EDEDE5B5C24C38B30F6241CCB669EE7 ] btwavdt         C:\WINDOWS\system32\DRIVERS\btwavdt.sys
16:36:50.0777 0x0d08  btwavdt - ok
16:36:50.0909 0x0d08  [ B0AAB7F9638D1315760F5C48A24CFEAB, 45AA7701A1F3A8C0593174886727A223BC17E4F3F128E98099E8CE85CB2DA9C7 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
16:36:50.0932 0x0d08  btwdins - ok
16:36:50.0946 0x0d08  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
16:36:51.0026 0x0d08  cdfs - ok
16:36:51.0099 0x0d08  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
16:36:51.0127 0x0d08  cdrom - ok
16:36:51.0161 0x0d08  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
16:36:51.0296 0x0d08  CertPropSvc - ok
16:36:51.0324 0x0d08  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
16:36:51.0345 0x0d08  circlass - ok
16:36:51.0385 0x0d08  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
16:36:51.0403 0x0d08  CLFS - ok
16:36:51.0442 0x0d08  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
16:36:51.0497 0x0d08  CmBatt - ok
16:36:51.0581 0x0d08  [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
16:36:51.0605 0x0d08  CNG - ok
16:36:51.0679 0x0d08  [ 1F925AA990A6A446E8BA926B2D0A5201, F278C272E3F40C37D04935CE19938C4B63A4BC2AA378D0F56C32FE78308D6993 ] CnxtHdAudService C:\WINDOWS\system32\drivers\CHDRT64.sys
16:36:51.0721 0x0d08  CnxtHdAudService - ok
16:36:51.0759 0x0d08  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
16:36:51.0797 0x0d08  CompositeBus - ok
16:36:51.0802 0x0d08  COMSysApp - ok
16:36:51.0857 0x0d08  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
16:36:51.0963 0x0d08  condrv - ok
16:36:52.0119 0x0d08  [ D8724B606616B2B75AF54096119580F5, 53E1DEF9F966FDE5898759A33FB62B5062A941E97B235D6F6EF79A5AD1283BDE ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:36:52.0250 0x0d08  cphs - ok
16:36:52.0288 0x0d08  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
16:36:52.0574 0x0d08  CryptSvc - ok
16:36:52.0740 0x0d08  [ 48AED45DF009081AF3F5144F7D624674, 4425C15EB9E1177EE5134A33F63DAF7FF876577946DBF1EAD92C5614025113BB ] CxAudMsg        C:\WINDOWS\system32\CxAudMsg64.exe
16:36:52.0751 0x0d08  CxAudMsg - ok
16:36:52.0771 0x0d08  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
16:36:52.0780 0x0d08  dam - ok
16:36:52.0818 0x0d08  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
16:36:52.0911 0x0d08  DcomLaunch - ok
16:36:52.0943 0x0d08  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
16:36:53.0072 0x0d08  defragsvc - ok
16:36:53.0110 0x0d08  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
16:36:53.0153 0x0d08  DeviceAssociationService - ok
16:36:53.0202 0x0d08  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
16:36:53.0264 0x0d08  DeviceInstall - ok
16:36:53.0341 0x0d08  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
16:36:53.0447 0x0d08  Dfsc - ok
16:36:53.0539 0x0d08  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
16:36:53.0633 0x0d08  Dhcp - ok
16:36:54.0090 0x0d08  [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
16:36:54.0370 0x0d08  DiagTrack - ok
16:36:54.0518 0x0d08  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
16:36:54.0541 0x0d08  disk - ok
16:36:54.0564 0x0d08  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
16:36:54.0813 0x0d08  dmvsc - ok
16:36:54.0896 0x0d08  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
16:36:54.0929 0x0d08  Dnscache - ok
16:36:54.0975 0x0d08  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
16:36:55.0219 0x0d08  dot3svc - ok
16:36:55.0351 0x0d08  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
16:36:55.0444 0x0d08  DPS - ok
16:36:55.0504 0x0d08  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
16:36:55.0536 0x0d08  drmkaud - ok
16:36:55.0679 0x0d08  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
16:36:55.0748 0x0d08  DsmSvc - ok
16:36:56.0175 0x0d08  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
16:36:56.0319 0x0d08  DXGKrnl - ok
16:36:56.0360 0x0d08  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
16:36:56.0551 0x0d08  Eaphost - ok
16:36:56.0683 0x0d08  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
16:36:56.0786 0x0d08  ebdrv - ok
16:36:56.0811 0x0d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
16:36:56.0821 0x0d08  EFS - ok
16:36:56.0902 0x0d08  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
16:36:56.0912 0x0d08  EhStorClass - ok
16:36:56.0930 0x0d08  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
16:36:56.0942 0x0d08  EhStorTcgDrv - ok
16:36:56.0955 0x0d08  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
16:36:56.0977 0x0d08  ErrDev - ok
16:36:57.0013 0x0d08  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
16:36:57.0098 0x0d08  EventSystem - ok
16:36:57.0115 0x0d08  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
16:36:57.0264 0x0d08  exfat - ok
16:36:57.0284 0x0d08  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
16:36:57.0300 0x0d08  fastfat - ok
16:36:57.0378 0x0d08  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
16:36:57.0454 0x0d08  Fax - ok
16:36:57.0501 0x0d08  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
16:36:57.0572 0x0d08  fdc - ok
16:36:57.0595 0x0d08  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
16:36:57.0657 0x0d08  fdPHost - ok
16:36:57.0690 0x0d08  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
16:36:57.0759 0x0d08  FDResPub - ok
16:36:57.0809 0x0d08  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
16:36:57.0867 0x0d08  fhsvc - ok
16:36:57.0886 0x0d08  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
16:36:57.0897 0x0d08  FileInfo - ok
16:36:57.0955 0x0d08  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
16:36:57.0989 0x0d08  Filetrace - ok
16:36:58.0011 0x0d08  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
16:36:58.0041 0x0d08  flpydisk - ok
16:36:58.0084 0x0d08  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
16:36:58.0163 0x0d08  FltMgr - ok
16:36:58.0224 0x0d08  [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache       C:\WINDOWS\system32\FntCache.dll
16:36:58.0316 0x0d08  FontCache - ok
16:36:58.0471 0x0d08  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:36:58.0480 0x0d08  FontCache3.0.0.0 - ok
16:36:58.0508 0x0d08  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
16:36:58.0518 0x0d08  FsDepends - ok
16:36:58.0534 0x0d08  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
16:36:58.0543 0x0d08  Fs_Rec - ok
16:36:58.0637 0x0d08  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
16:36:58.0662 0x0d08  fvevol - ok
16:36:58.0678 0x0d08  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
16:36:58.0706 0x0d08  FxPPM - ok
16:36:58.0724 0x0d08  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
16:36:58.0735 0x0d08  gagp30kx - ok
16:36:58.0765 0x0d08  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
16:36:58.0797 0x0d08  gencounter - ok
16:36:58.0987 0x0d08  [ 28D0B60C58D1F734449E735E2C4FCE94, 8DF2706EB0F6383BA44961440FDAA93B3756E48994FBF4AB2B13CDA66A6F3C3F ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:36:59.0021 0x0d08  GfExperienceService - ok
16:36:59.0073 0x0d08  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
16:36:59.0084 0x0d08  GPIOClx0101 - ok
16:36:59.0298 0x0d08  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
16:36:59.0351 0x0d08  gpsvc - ok
16:36:59.0514 0x0d08  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:59.0539 0x0d08  gupdate - ok
16:36:59.0553 0x0d08  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:36:59.0559 0x0d08  gupdatem - ok
16:36:59.0655 0x0d08  [ 7797D1580D933056023B822BB5CD0FE2, 24585AAFB43862AE4B9228B513658D906550EC8A475C67182933FB233621A85D ] hamachi         C:\WINDOWS\system32\DRIVERS\Hamdrv.sys
16:36:59.0662 0x0d08  hamachi - ok
16:36:59.0707 0x0d08  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
16:36:59.0879 0x0d08  HDAudBus - ok
16:36:59.0901 0x0d08  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
16:36:59.0937 0x0d08  HidBatt - ok
16:36:59.0963 0x0d08  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
16:36:59.0992 0x0d08  HidBth - ok
16:37:00.0012 0x0d08  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
16:37:00.0119 0x0d08  hidi2c - ok
16:37:00.0175 0x0d08  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
16:37:00.0230 0x0d08  HidIr - ok
16:37:00.0330 0x0d08  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
16:37:00.0405 0x0d08  hidserv - ok
16:37:00.0500 0x0d08  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
16:37:00.0597 0x0d08  HidUsb - ok
16:37:00.0623 0x0d08  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
16:37:00.0673 0x0d08  hkmsvc - ok
16:37:00.0707 0x0d08  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
16:37:00.0819 0x0d08  HomeGroupListener - ok
16:37:00.0862 0x0d08  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
16:37:00.0898 0x0d08  HomeGroupProvider - ok
16:37:00.0933 0x0d08  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
16:37:00.0942 0x0d08  HpSAMD - ok
16:37:00.0983 0x0d08  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
16:37:01.0021 0x0d08  HTTP - ok
16:37:01.0063 0x0d08  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
16:37:01.0074 0x0d08  hwpolicy - ok
16:37:01.0091 0x0d08  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
16:37:01.0113 0x0d08  hyperkbd - ok
16:37:01.0150 0x0d08  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
16:37:01.0181 0x0d08  HyperVideo - ok
16:37:01.0255 0x0d08  [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
16:37:01.0369 0x0d08  i8042prt - ok
16:37:01.0440 0x0d08  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
16:37:01.0450 0x0d08  iaLPSSi_GPIO - ok
16:37:01.0482 0x0d08  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
16:37:01.0491 0x0d08  iaLPSSi_I2C - ok
16:37:01.0542 0x0d08  [ 6C024B3AE192D72B216166802AF345DD, 67AEDBEF4A1C1EE1DA9B684BDEB3DB07715E12B766AA72B6684CC6C583A8DCC5 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
16:37:01.0562 0x0d08  iaStorA - ok
16:37:01.0615 0x0d08  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
16:37:01.0637 0x0d08  iaStorAV - ok
16:37:01.0677 0x0d08  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
16:37:01.0700 0x0d08  iaStorV - ok
16:37:01.0705 0x0d08  IEEtwCollectorService - ok
16:37:01.0833 0x0d08  [ 076023219E918D34585B231029A44571, C2AB0DE0D80D0BC6595C9F9655A890531E7952599714DC03B4ECB46947D833A8 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:37:01.0975 0x0d08  igfx - ok
16:37:02.0019 0x0d08  [ C814D4A0B7B91E936B2DC0828C69ACAB, A19B503CB3C598474C61DA6F1AC087CCF287F7523D2F932B21EF21E7CA1809B1 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
16:37:02.0032 0x0d08  igfxCUIService1.0.0.0 - ok
16:37:02.0103 0x0d08  [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
16:37:02.0154 0x0d08  IKEEXT - ok
16:37:02.0189 0x0d08  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
16:37:02.0197 0x0d08  intaud_WaveExtensible - ok
16:37:02.0271 0x0d08  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:37:02.0323 0x0d08  IntcDAud - ok
16:37:02.0380 0x0d08  [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
16:37:02.0397 0x0d08  Intel(R) Capability Licensing Service Interface - ok
16:37:02.0455 0x0d08  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
16:37:02.0464 0x0d08  intelide - ok
16:37:02.0489 0x0d08  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
16:37:02.0501 0x0d08  intelpep - ok
16:37:02.0515 0x0d08  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
16:37:02.0539 0x0d08  intelppm - ok
16:37:02.0557 0x0d08  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
16:37:02.0588 0x0d08  IpFilterDriver - ok
16:37:02.0639 0x0d08  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
16:37:02.0670 0x0d08  iphlpsvc - ok
16:37:02.0692 0x0d08  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
16:37:02.0864 0x0d08  IPMIDRV - ok
16:37:02.0887 0x0d08  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
16:37:03.0044 0x0d08  IPNAT - ok
16:37:03.0079 0x0d08  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
16:37:03.0093 0x0d08  IRENUM - ok
16:37:03.0160 0x0d08  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
16:37:03.0169 0x0d08  isapnp - ok
16:37:03.0210 0x0d08  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
16:37:03.0226 0x0d08  iScsiPrt - ok
16:37:03.0259 0x0d08  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
16:37:03.0266 0x0d08  iwdbus - ok
16:37:03.0364 0x0d08  [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
16:37:03.0376 0x0d08  jhi_service - ok
16:37:03.0406 0x0d08  [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
16:37:03.0416 0x0d08  kbdclass - ok
16:37:03.0441 0x0d08  [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
16:37:03.0468 0x0d08  kbdhid - ok
16:37:03.0493 0x0d08  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
16:37:03.0647 0x0d08  kdnic - ok
16:37:03.0667 0x0d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
16:37:03.0677 0x0d08  KeyIso - ok
16:37:03.0700 0x0d08  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
16:37:03.0711 0x0d08  KSecDD - ok
16:37:03.0742 0x0d08  [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
16:37:03.0754 0x0d08  KSecPkg - ok
16:37:03.0787 0x0d08  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
16:37:03.0817 0x0d08  ksthunk - ok
16:37:03.0878 0x0d08  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
16:37:03.0908 0x0d08  KtmRm - ok
16:37:03.0941 0x0d08  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
16:37:03.0950 0x0d08  L1C - ok
16:37:03.0999 0x0d08  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
16:37:04.0098 0x0d08  LanmanServer - ok
16:37:04.0136 0x0d08  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
16:37:04.0188 0x0d08  LanmanWorkstation - ok
16:37:04.0278 0x0d08  [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
16:37:04.0464 0x0d08  lfsvc - ok
16:37:04.0513 0x0d08  [ BE166935083F9C38EDFDC21B9A7A679B, 89C64DBE58E1B974208AAAA5CC757C599B1439C205C3C48BF16BA054A06DBC94 ] LHDmgr          C:\WINDOWS\system32\DRIVERS\LhdX64.sys
16:37:04.0520 0x0d08  LHDmgr - ok
16:37:04.0539 0x0d08  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
16:37:04.0573 0x0d08  lltdio - ok
16:37:04.0658 0x0d08  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
16:37:04.0688 0x0d08  lltdsvc - ok
16:37:04.0720 0x0d08  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
16:37:04.0852 0x0d08  lmhosts - ok
16:37:04.0884 0x0d08  [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:37:04.0905 0x0d08  LMS - ok
16:37:04.0983 0x0d08  [ 2808470E5E91D8838243D9045588C303, 4516559853EEEDD86260F4A1EFAD41190C00E5B5317DB3CF5C709DF207AE42A9 ] LSCWinService   C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCWinService.exe
16:37:04.0989 0x0d08  LSCWinService - ok
16:37:05.0083 0x0d08  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
16:37:05.0095 0x0d08  LSI_SAS - ok
16:37:05.0114 0x0d08  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
16:37:05.0126 0x0d08  LSI_SAS2 - ok
16:37:05.0150 0x0d08  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
16:37:05.0159 0x0d08  LSI_SAS3 - ok
16:37:05.0196 0x0d08  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
16:37:05.0205 0x0d08  LSI_SSS - ok
16:37:05.0271 0x0d08  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
16:37:05.0350 0x0d08  LSM - ok
16:37:05.0457 0x0d08  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
16:37:05.0511 0x0d08  luafv - ok
16:37:05.0529 0x0d08  [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
16:37:05.0535 0x0d08  MBAMProtector - ok
16:37:06.0268 0x0d08  [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
16:37:06.0364 0x0d08  MBAMScheduler - ok
16:37:06.0818 0x0d08  [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
16:37:06.0846 0x0d08  MBAMService - ok
16:37:06.0874 0x0d08  [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
16:37:06.0882 0x0d08  MBAMSwissArmy - ok
16:37:06.0915 0x0d08  [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
16:37:06.0922 0x0d08  MBAMWebAccessControl - ok
16:37:07.0383 0x0d08  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
16:37:07.0404 0x0d08  megasas - ok
16:37:07.0444 0x0d08  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
16:37:07.0549 0x0d08  megasr - ok
16:37:07.0587 0x0d08  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
16:37:07.0594 0x0d08  MEIx64 - ok
16:37:07.0621 0x0d08  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
16:37:07.0680 0x0d08  MMCSS - ok
16:37:07.0758 0x0d08  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
16:37:07.0791 0x0d08  Modem - ok
16:37:07.0826 0x0d08  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
16:37:07.0976 0x0d08  monitor - ok
16:37:08.0017 0x0d08  [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
16:37:08.0027 0x0d08  mouclass - ok
16:37:08.0061 0x0d08  [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
16:37:08.0149 0x0d08  mouhid - ok
16:37:08.0207 0x0d08  [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
16:37:08.0220 0x0d08  mountmgr - ok
16:37:08.0250 0x0d08  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
16:37:08.0383 0x0d08  mpsdrv - ok
16:37:08.0544 0x0d08  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
16:37:08.0592 0x0d08  MpsSvc - ok
16:37:08.0628 0x0d08  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
16:37:08.0693 0x0d08  MRxDAV - ok
16:37:08.0779 0x0d08  [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
16:37:08.0881 0x0d08  mrxsmb - ok
16:37:08.0981 0x0d08  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
16:37:09.0035 0x0d08  mrxsmb10 - ok
16:37:09.0076 0x0d08  [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
16:37:09.0112 0x0d08  mrxsmb20 - ok
16:37:09.0156 0x0d08  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
16:37:09.0188 0x0d08  MsBridge - ok
16:37:09.0228 0x0d08  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
16:37:09.0240 0x0d08  MSDTC - ok
16:37:09.0303 0x0d08  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
16:37:09.0342 0x0d08  Msfs - ok
16:37:09.0391 0x0d08  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
16:37:09.0402 0x0d08  msgpiowin32 - ok
16:37:09.0465 0x0d08  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
16:37:09.0520 0x0d08  mshidkmdf - ok
16:37:09.0632 0x0d08  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
16:37:09.0712 0x0d08  mshidumdf - ok
16:37:09.0736 0x0d08  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
16:37:09.0744 0x0d08  msisadrv - ok
16:37:09.0777 0x0d08  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
16:37:09.0807 0x0d08  MSiSCSI - ok
16:37:09.0810 0x0d08  msiserver - ok
16:37:09.0830 0x0d08  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
16:37:09.0853 0x0d08  MSKSSRV - ok
16:37:09.0886 0x0d08  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
16:37:09.0990 0x0d08  MsLldp - ok
16:37:10.0027 0x0d08  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
16:37:10.0056 0x0d08  MSPCLOCK - ok
16:37:10.0081 0x0d08  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
16:37:10.0092 0x0d08  MSPQM - ok
16:37:10.0117 0x0d08  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
16:37:10.0137 0x0d08  MsRPC - ok
16:37:10.0142 0x0d08  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
16:37:10.0152 0x0d08  mssmbios - ok
16:37:10.0181 0x0d08  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
16:37:10.0215 0x0d08  MSTEE - ok
16:37:10.0237 0x0d08  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
16:37:10.0277 0x0d08  MTConfig - ok
16:37:10.0339 0x0d08  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
16:37:10.0349 0x0d08  Mup - ok
16:37:10.0392 0x0d08  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
16:37:10.0402 0x0d08  mvumis - ok
16:37:10.0438 0x0d08  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
16:37:10.0701 0x0d08  napagent - ok
16:37:10.0757 0x0d08  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
16:37:10.0916 0x0d08  NativeWifiP - ok
16:37:10.0958 0x0d08  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
16:37:11.0056 0x0d08  NcaSvc - ok
16:37:11.0088 0x0d08  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
16:37:11.0154 0x0d08  NcbService - ok
16:37:11.0220 0x0d08  [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
16:37:11.0298 0x0d08  NcdAutoSetup - ok
16:37:11.0364 0x0d08  [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
16:37:11.0401 0x0d08  NDIS - ok
16:37:11.0456 0x0d08  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
16:37:11.0495 0x0d08  NdisCap - ok
16:37:11.0526 0x0d08  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
16:37:11.0605 0x0d08  NdisImPlatform - ok
16:37:11.0667 0x0d08  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
16:37:11.0705 0x0d08  NdisTapi - ok
16:37:11.0737 0x0d08  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
16:37:11.0808 0x0d08  Ndisuio - ok
16:37:11.0836 0x0d08  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
16:37:11.0910 0x0d08  NdisVirtualBus - ok
16:37:11.0952 0x0d08  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:37:11.0987 0x0d08  NdisWan - ok
16:37:11.0994 0x0d08  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
16:37:12.0010 0x0d08  NdisWanLegacy - ok
16:37:12.0049 0x0d08  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
16:37:12.0061 0x0d08  NDProxy - ok
16:37:12.0104 0x0d08  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
16:37:12.0176 0x0d08  Ndu - ok
16:37:12.0217 0x0d08  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
16:37:12.0293 0x0d08  NetBIOS - ok
16:37:12.0333 0x0d08  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
16:37:12.0404 0x0d08  NetBT - ok
16:37:12.0464 0x0d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
16:37:12.0473 0x0d08  Netlogon - ok
16:37:12.0507 0x0d08  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
16:37:12.0523 0x0d08  Netman - ok
16:37:12.0557 0x0d08  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
16:37:12.0600 0x0d08  netprofm - ok
16:37:12.0684 0x0d08  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:37:12.0721 0x0d08  NetTcpPortSharing - ok
16:37:12.0756 0x0d08  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
16:37:12.0815 0x0d08  netvsc - ok
16:37:12.0859 0x0d08  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
16:37:12.0908 0x0d08  NlaSvc - ok
16:37:12.0944 0x0d08  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
16:37:12.0967 0x0d08  Npfs - ok
16:37:12.0996 0x0d08  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
16:37:13.0102 0x0d08  npsvctrig - ok
16:37:13.0126 0x0d08  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
16:37:13.0165 0x0d08  nsi - ok
16:37:13.0227 0x0d08  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
16:37:13.0237 0x0d08  nsiproxy - ok
16:37:13.0305 0x0d08  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
16:37:13.0363 0x0d08  Ntfs - ok
16:37:13.0406 0x0d08  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
16:37:13.0433 0x0d08  Null - ok
16:37:13.0744 0x0d08  [ 3B99271224C43ADAB5A7F8D4B574AE3F, 931B011EA7796C61922D892C11D880BCC0383FCECABC4F4855AF89BA20B9B01B ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
16:37:14.0061 0x0d08  nvlddmkm - ok
16:37:14.0186 0x0d08  [ 93C82F365F9C0A2058A211E305A5CCFA, 1B3FA9122377CF8C982EEE8719E2E295E3D118AC15646ACAB3A5BF78E1EE7E70 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:37:14.0228 0x0d08  NvNetworkService - ok
16:37:14.0254 0x0d08  [ 6DBDE7A7C81F05C20C82291401627503, F4CED36A12D4C0F2C8220FC36C7067C50C3DC1D8D6158FF414DA9F8789757564 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
16:37:14.0261 0x0d08  nvpciflt - ok
16:37:14.0295 0x0d08  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
16:37:14.0307 0x0d08  nvraid - ok
16:37:14.0330 0x0d08  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
16:37:14.0346 0x0d08  nvstor - ok
16:37:14.0402 0x0d08  [ 977C9F7656D07D36887814A7D570FE1A, 843032A0EB1A4B81E506F80C59E613F700A353DE2C3514566092E336FE608DAB ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:37:14.0410 0x0d08  NvStreamKms - ok
16:37:14.0413 0x0d08  NvStreamSvc - ok
16:37:14.0480 0x0d08  [ 97ADEBE576474D4CEC53F8E06590FFC8, 2CC8587AAB595D7621AA57A33D94789BD9DC6DBFB4FA9BDEFBB425B7ACCB65AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
16:37:14.0505 0x0d08  nvsvc - ok
16:37:14.0535 0x0d08  [ DBFE7B2DF103F74AE51840B3C5F25FE9, 436CAA417FD24BA870F117FA4BABA2AB694825795508BCFCC8C927CC2D5BBC5E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
16:37:14.0541 0x0d08  nvvad_WaveExtensible - ok
16:37:14.0562 0x0d08  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
16:37:14.0573 0x0d08  nv_agp - ok
16:37:14.0734 0x0d08  [ 4E2D0656946F2A19FED1C60E0E4FC1AF, 5551D5BD89EB650C5485BBB58DAA5473044B7C967B72687A27430FA9A1E812FE ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
16:37:14.0785 0x0d08  Origin Client Service - ok
16:37:14.0828 0x0d08  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
16:37:14.0955 0x0d08  p2pimsvc - ok
16:37:15.0027 0x0d08  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
16:37:15.0087 0x0d08  p2psvc - ok
16:37:15.0108 0x0d08  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
16:37:15.0120 0x0d08  Parport - ok
16:37:15.0174 0x0d08  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
16:37:15.0184 0x0d08  partmgr - ok
16:37:15.0213 0x0d08  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
16:37:15.0234 0x0d08  PcaSvc - ok
16:37:15.0272 0x0d08  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
16:37:15.0289 0x0d08  pci - ok
16:37:15.0301 0x0d08  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
16:37:15.0311 0x0d08  pciide - ok
16:37:15.0332 0x0d08  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
16:37:15.0344 0x0d08  pcmcia - ok
16:37:15.0358 0x0d08  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
16:37:15.0369 0x0d08  pcw - ok
16:37:15.0404 0x0d08  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
16:37:15.0415 0x0d08  pdc - ok
16:37:15.0465 0x0d08  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
16:37:15.0551 0x0d08  PEAUTH - ok
16:37:15.0676 0x0d08  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
16:37:15.0746 0x0d08  PerfHost - ok
16:37:15.0820 0x0d08  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
16:37:15.0914 0x0d08  pla - ok
16:37:15.0977 0x0d08  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
16:37:15.0988 0x0d08  PlugPlay - ok
16:37:15.0991 0x0d08  PnkBstrA - ok
16:37:16.0024 0x0d08  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
16:37:16.0103 0x0d08  PNRPAutoReg - ok
16:37:16.0149 0x0d08  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
16:37:16.0164 0x0d08  PNRPsvc - ok
16:37:16.0200 0x0d08  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
16:37:16.0249 0x0d08  PolicyAgent - ok
16:37:16.0284 0x0d08  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
16:37:16.0436 0x0d08  Power - ok
16:37:16.0474 0x0d08  [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
16:37:16.0502 0x0d08  PptpMiniport - ok
16:37:17.0353 0x0d08  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:37:18.0105 0x0d08  PrintNotify - ok
16:37:18.0154 0x0d08  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
16:37:18.0191 0x0d08  Processor - ok
16:37:18.0293 0x0d08  [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
16:37:18.0389 0x0d08  ProfSvc - ok
16:37:18.0424 0x0d08  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
16:37:18.0491 0x0d08  Psched - ok
16:37:18.0552 0x0d08  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
16:37:18.0607 0x0d08  QWAVE - ok
16:37:18.0642 0x0d08  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
16:37:18.0666 0x0d08  QWAVEdrv - ok
16:37:18.0692 0x0d08  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
16:37:18.0724 0x0d08  RasAcd - ok
16:37:18.0804 0x0d08  [ E8FFD8BE3C50E7A71C5FBB87BDD1128E, 3E3EB906CC9A1CCA09580DA9F94DD0E1162CABD343874B76718DC4F2E9069C4E ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
16:37:18.0834 0x0d08  RasAgileVpn - ok
16:37:18.0875 0x0d08  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
16:37:18.0909 0x0d08  RasAuto - ok
16:37:18.0991 0x0d08  [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
16:37:19.0030 0x0d08  Rasl2tp - ok
16:37:19.0072 0x0d08  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
16:37:19.0109 0x0d08  RasMan - ok
16:37:19.0127 0x0d08  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
16:37:19.0152 0x0d08  RasPppoe - ok
16:37:19.0203 0x0d08  [ 41F631007A158FEBB67F0E2AD1601BBA, EB5EA7277F4178BC27E55BF850AEBCD84B6BED80B2383CFB29548824AAFED135 ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
16:37:19.0273 0x0d08  RasSstp - ok
16:37:19.0302 0x0d08  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
16:37:19.0412 0x0d08  rdbss - ok
16:37:19.0490 0x0d08  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
16:37:19.0559 0x0d08  rdpbus - ok
16:37:19.0583 0x0d08  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
16:37:19.0749 0x0d08  RDPDR - ok
16:37:19.0779 0x0d08  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
16:37:19.0787 0x0d08  RdpVideoMiniport - ok
16:37:19.0810 0x0d08  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
16:37:19.0826 0x0d08  rdyboost - ok
16:37:19.0868 0x0d08  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
16:37:19.0900 0x0d08  ReFS - ok
16:37:19.0931 0x0d08  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
16:37:19.0958 0x0d08  RemoteAccess - ok
16:37:19.0983 0x0d08  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
16:37:20.0050 0x0d08  RemoteRegistry - ok
16:37:20.0073 0x0d08  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
16:37:20.0086 0x0d08  RFCOMM - ok
16:37:20.0108 0x0d08  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
16:37:20.0136 0x0d08  RpcEptMapper - ok
16:37:20.0159 0x0d08  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
16:37:20.0176 0x0d08  RpcLocator - ok
16:37:20.0217 0x0d08  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
16:37:20.0244 0x0d08  RpcSs - ok
16:37:20.0291 0x0d08  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
16:37:20.0326 0x0d08  rspndr - ok
16:37:20.0370 0x0d08  [ 8EB6DCEB7473C232D8BC9A886E3183AC, D81B089443306AD9D89F59DBC5F9C2F5B6A86112B4AB59316B97EE7D8B97D2FA ] RSUSBVSTOR      C:\WINDOWS\System32\Drivers\RtsUVStor.sys
16:37:20.0384 0x0d08  RSUSBVSTOR - ok
16:37:20.0415 0x0d08  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
16:37:20.0451 0x0d08  s3cap - ok
16:37:20.0484 0x0d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
16:37:20.0497 0x0d08  SamSs - ok
16:37:20.0531 0x0d08  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
16:37:20.0545 0x0d08  sbp2port - ok
16:37:20.0576 0x0d08  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
16:37:20.0610 0x0d08  SCardSvr - ok
16:37:20.0648 0x0d08  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
16:37:20.0750 0x0d08  ScDeviceEnum - ok
16:37:20.0781 0x0d08  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
16:37:20.0803 0x0d08  scfilter - ok
16:37:20.0866 0x0d08  [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
16:37:20.0927 0x0d08  Schedule - ok
16:37:20.0958 0x0d08  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
16:37:20.0971 0x0d08  SCPolicySvc - ok
16:37:21.0054 0x0d08  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
16:37:21.0068 0x0d08  sdbus - ok
16:37:21.0111 0x0d08  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
16:37:21.0123 0x0d08  sdstor - ok
16:37:21.0157 0x0d08  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
16:37:21.0181 0x0d08  secdrv - ok
16:37:21.0256 0x0d08  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
16:37:21.0267 0x0d08  seclogon - ok
16:37:21.0311 0x0d08  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
16:37:21.0344 0x0d08  SENS - ok
16:37:21.0436 0x0d08  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
16:37:21.0497 0x0d08  SensrSvc - ok
16:37:21.0521 0x0d08  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
16:37:21.0533 0x0d08  SerCx - ok
16:37:21.0591 0x0d08  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
16:37:21.0604 0x0d08  SerCx2 - ok
16:37:21.0613 0x0d08  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
16:37:21.0625 0x0d08  Serenum - ok
16:37:21.0658 0x0d08  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
16:37:21.0685 0x0d08  Serial - ok
16:37:21.0712 0x0d08  [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
16:37:21.0737 0x0d08  sermouse - ok
16:37:21.0780 0x0d08  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
16:37:21.0866 0x0d08  SessionEnv - ok
16:37:21.0879 0x0d08  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
16:37:21.0906 0x0d08  sfloppy - ok
16:37:21.0980 0x0d08  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
16:37:22.0009 0x0d08  SharedAccess - ok
16:37:22.0048 0x0d08  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
16:37:22.0104 0x0d08  ShellHWDetection - ok
16:37:22.0137 0x0d08  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
16:37:22.0146 0x0d08  SiSRaid2 - ok
16:37:22.0169 0x0d08  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
16:37:22.0179 0x0d08  SiSRaid4 - ok
16:37:22.0316 0x0d08  [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:37:22.0335 0x0d08  SkypeUpdate - ok
16:37:22.0365 0x0d08  [ 165AB7677D53868AA61FB26B739C66DB, 8991AF9673B2F9664C90607FD40BA3813B798340E565E87FC07F78C6C6756740 ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
16:37:22.0373 0x0d08  SmbDrvI - ok
16:37:22.0400 0x0d08  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
16:37:22.0411 0x0d08  smphost - ok
16:37:22.0445 0x0d08  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
16:37:22.0469 0x0d08  SNMPTRAP - ok
16:37:22.0501 0x0d08  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
16:37:22.0519 0x0d08  spaceport - ok
16:37:22.0561 0x0d08  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
16:37:22.0573 0x0d08  SpbCx - ok
16:37:22.0613 0x0d08  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
16:37:22.0758 0x0d08  Spooler - ok
16:37:23.0033 0x0d08  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
16:37:23.0282 0x0d08  sppsvc - ok
16:37:23.0321 0x0d08  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
16:37:23.0455 0x0d08  srv - ok
16:37:23.0546 0x0d08  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
16:37:23.0573 0x0d08  srv2 - ok
16:37:23.0614 0x0d08  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
16:37:23.0712 0x0d08  srvnet - ok
16:37:23.0743 0x0d08  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
16:37:23.0759 0x0d08  SSDPSRV - ok
16:37:23.0800 0x0d08  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
16:37:23.0827 0x0d08  SstpSvc - ok
16:37:23.0935 0x0d08  [ 0A3544D7E9AF7D8C991C904339157EDC, 1E1DE4D808AE1174B0CB37E93EBADFC98FEBCD70D612CFE393DDA513581CD123 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:37:23.0954 0x0d08  Steam Client Service - ok
16:37:23.0973 0x0d08  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
16:37:23.0981 0x0d08  stexstor - ok
16:37:24.0023 0x0d08  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
16:37:24.0152 0x0d08  stisvc - ok
16:37:24.0186 0x0d08  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
16:37:24.0197 0x0d08  storahci - ok
16:37:24.0223 0x0d08  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
16:37:24.0239 0x0d08  storflt - ok
16:37:24.0264 0x0d08  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
16:37:24.0273 0x0d08  stornvme - ok
16:37:24.0307 0x0d08  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
16:37:24.0399 0x0d08  StorSvc - ok
16:37:24.0417 0x0d08  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
16:37:24.0426 0x0d08  storvsc - ok
16:37:24.0449 0x0d08  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
16:37:24.0493 0x0d08  svsvc - ok
16:37:24.0553 0x0d08  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
16:37:24.0564 0x0d08  swenum - ok
16:37:24.0614 0x0d08  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
16:37:24.0655 0x0d08  swprv - ok
16:37:24.0733 0x0d08  [ 1436A1A955D758AB6242F7FFC92FCCA4, F772A3FC2EC43D07BEE403118A2B96195914A6B84DDDE145B65D0C402E7BB235 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
16:37:24.0775 0x0d08  SynTP - ok
16:37:24.0859 0x0d08  [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain         C:\WINDOWS\system32\sysmain.dll
16:37:24.0954 0x0d08  SysMain - ok
16:37:24.0983 0x0d08  [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
16:37:25.0013 0x0d08  SystemEventsBroker - ok
16:37:25.0041 0x0d08  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
16:37:25.0132 0x0d08  TabletInputService - ok
16:37:25.0177 0x0d08  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
16:37:25.0235 0x0d08  TapiSrv - ok
16:37:25.0383 0x0d08  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
16:37:25.0520 0x0d08  Tcpip - ok
16:37:25.0584 0x0d08  [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
16:37:25.0647 0x0d08  TCPIP6 - ok
16:37:25.0684 0x0d08  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
16:37:25.0800 0x0d08  tcpipreg - ok
16:37:25.0836 0x0d08  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
16:37:25.0890 0x0d08  tdx - ok
16:37:25.0965 0x0d08  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
16:37:25.0974 0x0d08  terminpt - ok
16:37:26.0025 0x0d08  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
16:37:26.0080 0x0d08  TermService - ok
16:37:26.0110 0x0d08  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
16:37:26.0138 0x0d08  Themes - ok
16:37:26.0169 0x0d08  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
16:37:26.0179 0x0d08  THREADORDER - ok
16:37:26.0253 0x0d08  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
16:37:26.0292 0x0d08  TimeBroker - ok
16:37:26.0310 0x0d08  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
16:37:26.0326 0x0d08  TPM - ok
16:37:26.0353 0x0d08  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
16:37:26.0372 0x0d08  TrkWks - ok
16:37:26.0434 0x0d08  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
16:37:26.0506 0x0d08  TrustedInstaller - ok
16:37:26.0571 0x0d08  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
16:37:26.0640 0x0d08  TsUsbFlt - ok
16:37:26.0662 0x0d08  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
16:37:26.0709 0x0d08  TsUsbGD - ok
16:37:26.0758 0x0d08  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
16:37:26.0792 0x0d08  tunnel - ok
16:37:26.0866 0x0d08  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
16:37:26.0875 0x0d08  uagp35 - ok
16:37:26.0891 0x0d08  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
16:37:26.0902 0x0d08  UASPStor - ok
16:37:26.0928 0x0d08  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
16:37:26.0941 0x0d08  UCX01000 - ok
16:37:26.0974 0x0d08  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
16:37:27.0064 0x0d08  udfs - ok
16:37:27.0078 0x0d08  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
16:37:27.0088 0x0d08  UEFI - ok
16:37:27.0119 0x0d08  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
16:37:27.0151 0x0d08  UI0Detect - ok
16:37:27.0221 0x0d08  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
16:37:27.0231 0x0d08  uliagpkx - ok
16:37:27.0245 0x0d08  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
16:37:27.0267 0x0d08  umbus - ok
16:37:27.0288 0x0d08  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
16:37:27.0298 0x0d08  UmPass - ok
16:37:27.0334 0x0d08  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
16:37:27.0470 0x0d08  UmRdpService - ok
16:37:27.0601 0x0d08  [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:37:27.0614 0x0d08  UNS - ok
16:37:27.0652 0x0d08  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
16:37:27.0693 0x0d08  upnphost - ok
16:37:27.0708 0x0d08  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
16:37:27.0720 0x0d08  usbccgp - ok
16:37:27.0737 0x0d08  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
16:37:27.0756 0x0d08  usbcir - ok
16:37:27.0782 0x0d08  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
16:37:27.0794 0x0d08  usbehci - ok
16:37:27.0809 0x0d08  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
16:37:27.0828 0x0d08  usbhub - ok
16:37:27.0860 0x0d08  [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
16:37:27.0881 0x0d08  USBHUB3 - ok
16:37:27.0907 0x0d08  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
16:37:28.0127 0x0d08  usbohci - ok
16:37:28.0158 0x0d08  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
16:37:28.0239 0x0d08  usbprint - ok
16:37:28.0266 0x0d08  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
16:37:28.0279 0x0d08  USBSTOR - ok
16:37:28.0310 0x0d08  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
16:37:28.0351 0x0d08  usbuhci - ok
16:37:28.0383 0x0d08  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
16:37:28.0401 0x0d08  USBXHCI - ok
16:37:28.0429 0x0d08  [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
16:37:28.0499 0x0d08  usb_rndisx - ok
16:37:28.0516 0x0d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
16:37:28.0527 0x0d08  VaultSvc - ok
16:37:28.0543 0x0d08  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
16:37:28.0552 0x0d08  vdrvroot - ok
16:37:28.0622 0x0d08  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
16:37:28.0665 0x0d08  vds - ok
16:37:28.0691 0x0d08  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
16:37:28.0704 0x0d08  VerifierExt - ok
16:37:28.0770 0x0d08  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
16:37:28.0792 0x0d08  vhdmp - ok
16:37:28.0822 0x0d08  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
16:37:28.0831 0x0d08  viaide - ok
16:37:28.0884 0x0d08  [ A87EA7A4ABC27B8F22F905C2C386A9C2, 91C7B8B7A257F1A8B624BF89FFA52B9F9B32350B6467A12F086450B7BA84A24F ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
16:37:28.0949 0x0d08  vm331avs - ok
16:37:28.0972 0x0d08  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
16:37:28.0981 0x0d08  vmbus - ok
16:37:29.0013 0x0d08  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
16:37:29.0039 0x0d08  VMBusHID - ok
16:37:29.0087 0x0d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
16:37:29.0125 0x0d08  vmicguestinterface - ok
16:37:29.0139 0x0d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
16:37:29.0157 0x0d08  vmicheartbeat - ok
16:37:29.0170 0x0d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
16:37:29.0188 0x0d08  vmickvpexchange - ok
16:37:29.0201 0x0d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
16:37:29.0221 0x0d08  vmicrdv - ok
16:37:29.0233 0x0d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
16:37:29.0254 0x0d08  vmicshutdown - ok
16:37:29.0267 0x0d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
16:37:29.0284 0x0d08  vmictimesync - ok
16:37:29.0298 0x0d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
16:37:29.0317 0x0d08  vmicvss - ok
16:37:29.0334 0x0d08  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
16:37:29.0345 0x0d08  volmgr - ok
16:37:29.0354 0x0d08  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
16:37:29.0374 0x0d08  volmgrx - ok
16:37:29.0387 0x0d08  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
16:37:29.0405 0x0d08  volsnap - ok
16:37:29.0417 0x0d08  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
16:37:29.0426 0x0d08  vpci - ok
16:37:29.0450 0x0d08  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
16:37:29.0462 0x0d08  vsmraid - ok
16:37:29.0554 0x0d08  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
16:37:29.0599 0x0d08  VSS - ok
16:37:29.0633 0x0d08  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
16:37:29.0651 0x0d08  VSTXRAID - ok
16:37:29.0714 0x0d08  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
16:37:29.0791 0x0d08  vwifibus - ok
16:37:29.0821 0x0d08  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
16:37:29.0861 0x0d08  vwififlt - ok
16:37:29.0865 0x0d08  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
16:37:29.0892 0x0d08  vwifimp - ok
16:37:29.0931 0x0d08  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
16:37:30.0016 0x0d08  W32Time - ok
16:37:30.0034 0x0d08  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
16:37:30.0061 0x0d08  WacomPen - ok
16:37:30.0092 0x0d08  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:37:30.0116 0x0d08  Wanarp - ok
16:37:30.0120 0x0d08  [ 6505C9E72910F91D4C317EECF22D1DE6, 838BAEA6F0BBA916B3291EB165F65DA2F4EC35395678D450EEEB1E540A123FC4 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
16:37:30.0132 0x0d08  Wanarpv6 - ok
16:37:30.0196 0x0d08  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
16:37:30.0293 0x0d08  wbengine - ok
16:37:30.0329 0x0d08  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
16:37:30.0408 0x0d08  WbioSrvc - ok
16:37:30.0435 0x0d08  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
16:37:30.0454 0x0d08  Wcmsvc - ok
16:37:30.0495 0x0d08  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
16:37:30.0516 0x0d08  wcncsvc - ok
16:37:30.0545 0x0d08  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
16:37:30.0628 0x0d08  WcsPlugInService - ok
16:37:30.0654 0x0d08  [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
16:37:30.0663 0x0d08  WdBoot - ok
16:37:30.0722 0x0d08  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
16:37:30.0749 0x0d08  Wdf01000 - ok
16:37:30.0776 0x0d08  [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
16:37:30.0791 0x0d08  WdFilter - ok
16:37:30.0819 0x0d08  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
16:37:30.0843 0x0d08  WdiServiceHost - ok
16:37:30.0848 0x0d08  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
16:37:30.0863 0x0d08  WdiSystemHost - ok
16:37:30.0887 0x0d08  [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
16:37:30.0898 0x0d08  WdNisDrv - ok
16:37:30.0920 0x0d08  WdNisSvc - ok
16:37:30.0967 0x0d08  [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient       C:\WINDOWS\System32\webclnt.dll
16:37:31.0031 0x0d08  WebClient - ok
16:37:31.0069 0x0d08  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
16:37:31.0099 0x0d08  Wecsvc - ok
16:37:31.0133 0x0d08  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
16:37:31.0144 0x0d08  WEPHOSTSVC - ok
16:37:31.0171 0x0d08  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
16:37:31.0255 0x0d08  wercplsupport - ok
16:37:31.0278 0x0d08  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
16:37:31.0315 0x0d08  WerSvc - ok
16:37:31.0366 0x0d08  [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
16:37:31.0377 0x0d08  WFPLWFS - ok
16:37:31.0402 0x0d08  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
16:37:31.0430 0x0d08  WiaRpc - ok
16:37:31.0457 0x0d08  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
16:37:31.0466 0x0d08  WIMMount - ok
16:37:31.0468 0x0d08  WinDefend - ok
16:37:31.0515 0x0d08  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
16:37:31.0559 0x0d08  WinHttpAutoProxySvc - ok
16:37:31.0624 0x0d08  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
16:37:31.0691 0x0d08  Winmgmt - ok
16:37:31.0791 0x0d08  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
16:37:31.0861 0x0d08  WinRM - ok
16:37:31.0903 0x0d08  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
16:37:31.0914 0x0d08  WinUsb - ok
16:37:31.0981 0x0d08  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
16:37:32.0042 0x0d08  WlanSvc - ok
16:37:32.0106 0x0d08  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
16:37:32.0153 0x0d08  wlidsvc - ok
16:37:32.0184 0x0d08  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
16:37:32.0212 0x0d08  WmiAcpi - ok
16:37:32.0250 0x0d08  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
16:37:32.0279 0x0d08  wmiApSrv - ok
16:37:32.0310 0x0d08  WMPNetworkSvc - ok
16:37:32.0376 0x0d08  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
16:37:32.0389 0x0d08  Wof - ok
16:37:32.0464 0x0d08  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
16:37:32.0565 0x0d08  workfolderssvc - ok
16:37:32.0597 0x0d08  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
16:37:32.0608 0x0d08  wpcfltr - ok
16:37:32.0639 0x0d08  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
16:37:32.0682 0x0d08  WPCSvc - ok
16:37:32.0707 0x0d08  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
16:37:32.0760 0x0d08  WPDBusEnum - ok
16:37:32.0792 0x0d08  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
16:37:32.0802 0x0d08  WpdUpFltr - ok
16:37:32.0831 0x0d08  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
16:37:32.0861 0x0d08  ws2ifsl - ok
16:37:32.0895 0x0d08  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
16:37:32.0963 0x0d08  wscsvc - ok
16:37:32.0983 0x0d08  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
16:37:32.0994 0x0d08  WSDPrintDevice - ok
16:37:33.0025 0x0d08  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
16:37:33.0064 0x0d08  WSDScan - ok
16:37:33.0067 0x0d08  WSearch - ok
16:37:33.0188 0x0d08  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
16:37:33.0288 0x0d08  WSService - ok
16:37:33.0327 0x0d08  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
16:37:33.0337 0x0d08  wsvd - ok
16:37:33.0444 0x0d08  [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
16:37:33.0597 0x0d08  wuauserv - ok
16:37:33.0631 0x0d08  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
16:37:33.0687 0x0d08  WudfPf - ok
16:37:33.0704 0x0d08  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
16:37:33.0731 0x0d08  WUDFRd - ok
16:37:33.0738 0x0d08  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
16:37:33.0751 0x0d08  WUDFSensorLP - ok
16:37:33.0778 0x0d08  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
16:37:33.0804 0x0d08  wudfsvc - ok
16:37:33.0814 0x0d08  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
16:37:33.0826 0x0d08  WUDFWpdFs - ok
16:37:33.0833 0x0d08  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
16:37:33.0844 0x0d08  WUDFWpdMtp - ok
16:37:33.0892 0x0d08  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
16:37:33.0923 0x0d08  WwanSvc - ok
16:37:33.0937 0x0d08  ================ Scan global ===============================
16:37:34.0016 0x0d08  [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
16:37:34.0039 0x0d08  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
16:37:34.0061 0x0d08  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
16:37:34.0094 0x0d08  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
16:37:34.0102 0x0d08  [ Global ] - ok
16:37:34.0103 0x0d08  ================ Scan MBR ==================================
16:37:34.0116 0x0d08  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
16:37:34.0178 0x0d08  \Device\Harddisk0\DR0 - ok
16:37:34.0178 0x0d08  ================ Scan VBR ==================================
16:37:34.0212 0x0d08  [ C8401AB796565C096A9C0C9DEAA7E26F ] \Device\Harddisk0\DR0\Partition1
16:37:34.0264 0x0d08  \Device\Harddisk0\DR0\Partition1 - ok
16:37:34.0291 0x0d08  [ 2023CE2545D91109CBE8838DF40D89FE ] \Device\Harddisk0\DR0\Partition2
16:37:34.0340 0x0d08  \Device\Harddisk0\DR0\Partition2 - ok
16:37:34.0359 0x0d08  [ 7FAEAA8B721EF639D6179B602F3999E3 ] \Device\Harddisk0\DR0\Partition3
16:37:34.0426 0x0d08  \Device\Harddisk0\DR0\Partition3 - ok
16:37:34.0453 0x0d08  [ D5454901590D07E494FDA4B7B26C5E64 ] \Device\Harddisk0\DR0\Partition4
16:37:34.0453 0x0d08  \Device\Harddisk0\DR0\Partition4 - ok
16:37:34.0459 0x0d08  [ 7A6349973BD50ADAA134D356A6BC2FE6 ] \Device\Harddisk0\DR0\Partition5
16:37:34.0515 0x0d08  \Device\Harddisk0\DR0\Partition5 - ok
16:37:34.0532 0x0d08  [ 8611670308ED97AC007E55FEBBF036CC ] \Device\Harddisk0\DR0\Partition6
16:37:34.0577 0x0d08  \Device\Harddisk0\DR0\Partition6 - ok
16:37:34.0607 0x0d08  [ 486FE9B75E959CDBB36644F72D7C23E9 ] \Device\Harddisk0\DR0\Partition7
16:37:34.0609 0x0d08  \Device\Harddisk0\DR0\Partition7 - ok
16:37:34.0623 0x0d08  [ E530A9269AAE82E262AC716B561497DA ] \Device\Harddisk0\DR0\Partition8
16:37:34.0624 0x0d08  \Device\Harddisk0\DR0\Partition8 - ok
16:37:34.0624 0x0d08  ================ Scan generic autorun ======================
16:37:34.0675 0x0d08  [ 8EC9EF60E24E88DC5DC74D305925E2CF, 37719AAD02B4EA851F899AB4A3464EA381B96BA2E386A52BF9FDAA8C9257FDBE ] C:\WINDOWS\system32\igfxtray.exe
16:37:34.0692 0x0d08  IgfxTray - ok
16:37:34.0694 0x0d08  HotKeysCmds - ok
16:37:34.0696 0x0d08  Persistence - ok
16:37:34.0849 0x0d08  [ 8970A59A838FF1CDC3D62D85823AA61E, 5842DAFD20C1A024CF8984652A08D12DBA1DE15788794D01FF6070D4E24D2479 ] C:\Program Files\CONEXANT\SAII\SACpl.exe
16:37:34.0907 0x0d08  SmartAudio - detected UnsignedFile.Multi.Generic ( 1 )
16:37:37.0357 0x0d08  Detect skipped due to KSN trusted
16:37:37.0357 0x0d08  SmartAudio - ok
16:37:37.0423 0x0d08  [ DD8C5A331E1F83510C5A788CB9AA8727, BDEDB9B9D3B0C16B217A67B9B02C9E339E133E4FE05E144DCB344D80C6786078 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
16:37:37.0449 0x0d08  cAudioFilterAgent - ok
16:37:38.0009 0x0d08  [ EEFE5331495FBDA8DDBA30305FC39297, 4F2A7BDE30A1233EB9D66FAA646268A2AFFC8314385E1633F2E62942B05714AD ] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
16:37:38.0543 0x0d08  Energy Management - ok
16:37:38.0580 0x0d08  [ 13F91EA5B3B0F8EA19BC5C00F408442B, 2C9760941167C9D1B2DF21EE61E5258B67838829ED003D4CD91AAE1D99DE723C ] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
16:37:38.0588 0x0d08  EnergyUtility - ok
16:37:38.0589 0x0d08  SynTPEnh - ok
16:37:38.0723 0x0d08  [ 059E588FDF6B7E83227D45D026D21874, 211B5E85D84562E11F3A676686E7C716BB59912F7764A49D9164277EB3991AC3 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:37:38.0773 0x0d08  NvBackend - ok
16:37:38.0809 0x0d08  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe
16:37:38.0875 0x0d08  ShadowPlay - ok
16:37:38.0917 0x0d08  [ 3E8F4A9876EC2CE97C9E58A61CB16B40, 86AE785F005C42E276C9D8FC1158B6BBD7F3C321A1E9E8CF600C4F9AFAE8D82D ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
16:37:38.0944 0x0d08  331BigDog - ok
16:37:38.0983 0x0d08  [ 5C80FBEE03ED1CBF108AFC029D73D857, 472508F140286868051D0AF557D11EB8FF2ACC6352C278970BB4D94F02428B6B ] C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
16:37:38.0999 0x0d08  Dolby Advanced Audio v2 - ok
16:37:39.0050 0x0d08  [ A1741C3B79F9DF8895E05EF43579E74B, 446094FDBA93518ABE1CDEC50E24AB60BC7CA78022A289AF5C21461778FD8001 ] C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
16:37:39.0058 0x0d08  YouCam Mirage - ok
16:37:39.0079 0x0d08  [ 79EDDBCBFFC23585BC1495AFC03CC4D7, 325A6C067A52BAD7070C1C758EA69645FD8083AC6D0ABA8340BDBE1A712E005F ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
16:37:39.0089 0x0d08  YouCam Tray - ok
16:37:39.0153 0x0d08  [ 16D807D8B07A868298A8044E576BE419, 148399752A497E7FEA07C59C89834E266652AC1C0793B5C9C429FDBB37AB7617 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
16:37:39.0160 0x0d08  UpdateP2GShortCut - detected UnsignedFile.Multi.Generic ( 1 )
16:37:41.0558 0x0d08  Detect skipped due to KSN trusted
16:37:41.0558 0x0d08  UpdateP2GShortCut - ok
16:37:41.0629 0x0d08  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
16:37:41.0639 0x0d08  RemoteControl10 - ok
16:37:41.0703 0x0d08  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
16:37:41.0714 0x0d08  Intel AppUp(SM) center - ok
16:37:41.0796 0x0d08  [ A6ABD4AF02AB03676DEA55F383ABC7C2, 62F838618C78A297D970EC58F97F2D843EBFEF2D81754D658664BEEED79BFB50 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:37:41.0815 0x0d08  avgnt - ok
16:37:41.0857 0x0d08  [ 66CD7CBBC6B3B24F8904AB0699CB99AA, 0D4E70360E789F3DB4ED0BBD4B12870E4D6E27184E33AF6CA75721EBE0D13B4B ] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
16:37:41.0882 0x0d08  BlueStacks Agent - ok
16:37:41.0966 0x0d08  [ 5120CD65A74A5E054FB2B0577688024C, 2C771743C797ED2F94E4C0CD7472D20532DB6C3E95DEB0DA4D14D6B5469EE273 ] C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
16:37:41.0975 0x0d08  Avira Systray - ok
16:37:42.0114 0x0d08  [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] C:\Program Files (x86)\Steam\steam.exe
16:37:42.0171 0x0d08  Steam - ok
16:37:42.0220 0x0d08  [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
16:37:42.0299 0x0d08  WAB Migrate - ok
16:37:42.0393 0x0d08  [ 8DACA62F3E15E45EBAF7AE51A609CBC1, 5FACF0EA36572E7228EB2808731ED00DD08B481937569E71C3A537D7E65022AD ] C:\Program Files (x86)\Steam\steam.exe
16:37:42.0452 0x0d08  Steam - ok
16:37:42.0587 0x0d08  [ DA91AAC840C1B4E72E4D37169B0E0CE7, D4EC45404F2E22D418392FDE1436B18EE19AFCE4DB2E06E6FBFBD66F955080EB ] C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe
16:37:42.0656 0x0d08  Battle.net - ok
16:37:42.0806 0x0d08  [ E8405C87CD06FF5D69BC6F3B24D766D0, C82171BEDBFE593A04D09C2E20B0528AA3CEC722D6919F8A5C70C6EFFB9EFEAE ] C:\Users\Carsten\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
16:37:42.0826 0x0d08  AmazonMP3DownloaderHelper - ok
16:37:42.0930 0x0d08  [ 98FA788238E71D9563D4BF177A4FC22C, 73F27EA6BB27789FED63B744F54AE045DE2E74109276AD91B4EF84366C41BA73 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
16:37:42.0950 0x0d08  GoogleChromeAutoLaunch_DDA28BE83B10695CA343BB975497B041 - ok
16:37:42.0995 0x0d08  Skype - ok
16:37:43.0199 0x0d08  [ 4DF6E378A00B6F89CB35078054057C36, 981BE3859AC48F43E739885BDA6756C5583BFD7353A57669067C8FB170DAE097 ] C:\Program Files\CCleaner\CCleaner64.exe
16:37:43.0322 0x0d08  CCleaner Monitoring - ok
16:37:43.0411 0x0d08  [ A7D88932F0A6FF038DBDD1566D9E29DF, C9AEF58C5A639778B2F83495D30A4A9466D79E70B2D089CFFB9E1974D335B4ED ] C:\Users\Carsten\AppData\Local\Temp\AdobeData\client32.exe
16:37:43.0418 0x0d08  AdobeFirmware - ok
16:37:43.0418 0x0d08  Waiting for KSN requests completion. In queue: 174
16:37:44.0420 0x0d08  Waiting for KSN requests completion. In queue: 174
16:37:45.0420 0x0d08  Waiting for KSN requests completion. In queue: 174
16:37:46.0457 0x0d08  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.11.550 ), 0x41000 ( enabled : updated )
16:37:46.0457 0x0d08  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
16:37:46.0460 0x0d08  Win FW state via NFP2: enabled
16:37:48.0902 0x0d08  ============================================================
16:37:48.0902 0x0d08  Scan finished
16:37:48.0902 0x0d08  ============================================================
16:37:48.0910 0x1ab8  Detected object count: 0
16:37:48.0910 0x1ab8  Actual detected object count: 0

schrauber · 07.07.2015, 06:10

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Carsten M · 09.07.2015, 13:22

Hatte leider die Tage keine Zeit. Logs kommen morgen.

schrauber · 10.07.2015, 07:46

ok

10.07.2015, 07:46	#10
schrauber /// the machine /// TB-Ausbilder	Trojaner TR/Dldr.Delf.1053840.3 von Avira gefunden ok __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Trojaner TR/Dldr.Delf.1053840.3 von Avira gefunden

Log-Analyse und Auswertung: Trojaner TR/Dldr.Delf.1053840.3 von Avira gefunden