|
Plagegeister aller Art und deren Bekämpfung: Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 ZeichenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
18.08.2014, 00:55 | #1 |
| Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen Hallo zusammen, also ich weiß nicht, ob das hier hereingehört aber andererseits wüsste ich auch nicht, wo es sonst hingehören könnte. Vor rund 4 Wochen habe ich bei Ebay Kleinanzeigen eine Anzeige aufgegeben. Die Beschreibung des Artikels wird immer wieder mal von meinem PC wiederholt. Der Text umfasst rund 200 Zeichen. Dabei ist es völlig egal, in welchem Programm ich gerade bin. Bin ich im Browser scrollt das Bild plötzlich wild hin und her eben so, als würde ich gerade diese Artikelbeschreibung auf der Tastatur schreiben ohne den Cursor in einem Textfeld zu haben. Setze ich den Cursor dann in ein Textfeld, schreibt der PC wieder gerade die Artikelbeschreibung von Ebay Kleinanzeigen von vor vier Wochen. Er hat sich auch die Korrekturen gemerkt, die ich seinerzeit gemacht habe. Er schreibt also Aluminium mit 2 mal l, um den Fehler im nächsten Schritt zu korrigieren. Eben genau wie ich es vor 4 Wochen gemacht habe. Mittlerweile habe ich eine TXT Datei auf dem Desktop, in der ich Windows dann schreiben lasse damit nicht noch ein Schaden entsteht. Dieses Phänomen tritt gefühlt ein bis zwei mal am Tag auf. Nachdem er den Text fertig geschrieben hat, ist dann erst einmal wieder Ruhe. Bin ja mal gespannt, ob mir hier einer weiter helfen kann. Die Sache ist völlig nervig und natürlich auch beängstigend. LG Ceborat Code:
ATTFilter ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\System32\vmms.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Skwire Empire) C:\Program Files (x86)\MPH1.0.7\MPH.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE () C:\Program Files\WindowsApps\21767Katans.gTasks_1.2.0.50_x64__ey1k83fg9dn8w\gTasks.exe (Microsoft Corporation) C:\Windows\System32\calc.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\WinStore\WSHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe () C:\Program Files\WindowsApps\4659BB81.WEB.DEMail_1.1.0.8_neutral__9r8rjdwa12808\WindowsMailApp.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SMB50StarMoneyRunEntry] => "L:\Progrdat\StarMoney Business 5.0\app\oflagent.exe" HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SMB60StarMoneyRunEntry] => "L:\Progrdat\StarMoney Business 6.0\app\oflagent.exe" HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-723429055-607364035-2451921369-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TotalMedia Server.lnk ShortcutTarget: TotalMedia Server.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe (ArcSoft Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8F4FF39C22B6CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKCU - {8D6AF7B2-C1FD-4BE1-B623-9AEBCA5487EF} URL = hxxp://search.microsoft.com/results.aspx?form=MSHOME&setlang=de-de&q={searchTerms}&mkt=de-de SearchScopes: HKCU - {99F45115-7F2D-40F2-BC0B-6578422146A8} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg SearchScopes: HKCU - {D0B280F4-C756-4C10-9BE6-F3C9AB6CFFE8} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2014-02-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2014-03-11] (ArcSoft, Inc.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed] S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] () R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] S2 Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [608256 2014-03-04] (ArcSoft, Inc.) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-16] (IObit) R2 vmms; C:\Windows\system32\vmms.exe [13401600 2014-05-10] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [46384 2009-04-24] (Advanced Micro Devices) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices) R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [3315392 2013-11-20] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.) R3 cxbu0x64; C:\Windows\system32\DRIVERS\cxbu0x64.sys [147576 2014-04-05] (HID Global Corporation) R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2013-10-30] (Microsoft Corporation) S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2013-10-30] (Microsoft Corporation) S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2013-10-30] (Microsoft Corporation) S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-10-30] (Microsoft Corporation) S3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [47320 2013-07-29] (Realtek Microelectronics) S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation) R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-18 01:47 - 2014-08-18 01:47 - 00012773 _____ () C:\Users\Kai\Downloads\FRST.txt 2014-08-18 01:47 - 2014-08-18 01:47 - 00000000 ____D () C:\FRST 2014-08-18 01:46 - 2014-08-18 01:46 - 02101760 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe 2014-08-17 19:58 - 2014-08-17 19:58 - 00000000 _____ () C:\Users\Kai\Desktop\m.txt 2014-08-14 12:53 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-14 12:53 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-14 12:53 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-26 11:39 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-07-26 11:39 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-07-26 11:39 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-07-26 11:36 - 2014-07-26 11:36 - 00000000 ____D () C:\ProgramData\ATI 2014-07-26 11:34 - 2014-07-26 11:34 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261134124973.log 2014-07-26 11:34 - 2014-07-26 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-07-26 11:33 - 2014-07-26 11:33 - 00065920 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261133423567.log 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI 2014-07-26 11:32 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2014-07-26 11:32 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2014-07-26 11:32 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-07-26 11:32 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-07-26 11:32 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-07-26 11:32 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-07-26 11:32 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-07-26 11:32 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-07-26 11:32 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-07-26 11:32 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys 2014-07-26 11:32 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys 2014-07-26 11:32 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe 2014-07-26 11:32 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2014-07-26 11:32 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll 2014-07-26 11:32 - 2014-05-29 08:21 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2014-07-26 11:32 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-07-26 11:32 - 2014-05-27 15:15 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wnv.sys 2014-07-26 11:32 - 2014-05-27 15:15 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys 2014-07-26 11:32 - 2014-05-27 12:23 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll 2014-07-26 11:32 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll 2014-07-26 11:32 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2014-07-26 11:32 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-07-26 11:32 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-07-26 11:32 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-07-26 11:32 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-07-26 11:32 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-07-26 11:32 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-07-26 11:32 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-07-26 11:32 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-07-26 11:32 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-07-26 11:32 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-07-26 11:32 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-07-26 11:32 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-07-26 11:32 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-07-26 11:32 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-07-26 11:32 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-07-26 11:32 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-07-26 11:32 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-07-26 11:32 - 2014-05-03 05:30 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-07-26 11:32 - 2014-05-03 05:27 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-07-26 11:32 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-07-26 11:32 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-07-26 11:32 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-07-26 11:32 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-07-26 11:32 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-07-26 11:32 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-07-26 11:32 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-07-26 11:32 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-07-26 11:32 - 2014-04-30 06:30 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2014-07-26 11:32 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-07-26 11:32 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-07-26 11:32 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-07-26 11:32 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-07-26 11:32 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-07-26 11:32 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-07-26 11:32 - 2014-04-30 05:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2014-07-26 11:32 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-07-26 11:32 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-07-26 11:32 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-07-26 11:32 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-07-26 11:32 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-07-26 11:32 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-07-26 11:32 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-07-26 11:32 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-07-26 11:32 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe 2014-07-26 11:32 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2014-07-26 11:32 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2014-07-26 11:32 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2014-07-26 11:32 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-07-26 11:32 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-07-26 11:32 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-07-26 11:32 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-07-26 11:32 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-07-26 11:32 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-07-26 11:31 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-07-21 22:05 - 2014-07-21 22:05 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe 2014-07-21 22:05 - 2014-07-21 22:05 - 00135168 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.1001.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00100352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\system32\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-18 01:47 - 2014-08-18 01:47 - 00012773 _____ () C:\Users\Kai\Downloads\FRST.txt 2014-08-18 01:47 - 2014-08-18 01:47 - 00000000 ____D () C:\FRST 2014-08-18 01:46 - 2014-08-18 01:46 - 02101760 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe 2014-08-18 01:45 - 2014-03-02 19:34 - 02033385 _____ () C:\WINDOWS\WindowsUpdate.log 2014-08-18 01:39 - 2013-10-12 02:45 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-723429055-607364035-2451921369-1001 2014-08-18 01:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-08-18 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-08-18 00:45 - 2013-10-12 02:37 - 00000000 ____D () C:\Users\Kai\AppData\Local\Packages 2014-08-17 22:08 - 2013-10-17 18:57 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9D204474-2CF9-4C35-9030-A2B7CF9F4175} 2014-08-17 19:58 - 2014-08-17 19:58 - 00000000 _____ () C:\Users\Kai\Desktop\m.txt 2014-08-17 19:55 - 2014-03-02 19:50 - 00004217 _____ () C:\WINDOWS\setupact.log 2014-08-14 14:03 - 2013-10-12 03:09 - 00004260 _____ () C:\WINDOWS\System32\Tasks\AmdMsrTweaker_1.1 2014-08-14 13:30 - 2013-10-12 03:48 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-14 13:30 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-08-14 13:29 - 2013-10-12 03:30 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-08-14 13:29 - 2013-10-12 03:30 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-08-14 13:28 - 2014-07-10 01:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-08-13 09:41 - 2013-10-12 10:55 - 00002246 ____H () C:\Users\Kai\Documents\Default.rdp 2014-08-11 09:13 - 2013-10-12 04:34 - 00000000 ____D () C:\Users\Kai\Documents\FinePrint-Dateien 2014-08-08 10:56 - 2013-10-12 03:07 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-08-08 10:55 - 2013-10-17 18:18 - 00000000 ___DO () C:\Users\Kai\SkyDrive 2014-08-07 00:38 - 2014-08-14 12:53 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-05 21:56 - 2014-08-05 21:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-05 21:56 - 2013-10-12 04:16 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-02 07:44 - 2014-08-14 12:53 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-26 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-07-26 11:54 - 2013-10-30 12:24 - 27590656 _____ () C:\WINDOWS\system32\vmguest.iso 2014-07-26 11:45 - 2013-09-30 06:14 - 01686150 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-07-26 11:45 - 2013-09-30 05:56 - 00726688 _____ () C:\WINDOWS\system32\perfh007.dat 2014-07-26 11:45 - 2013-09-30 05:56 - 00151380 _____ () C:\WINDOWS\system32\perfc007.dat 2014-07-26 11:41 - 2014-04-09 13:58 - 00032164 _____ () C:\WINDOWS\PFRO.log 2014-07-26 11:41 - 2013-10-12 14:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-26 11:41 - 2013-10-12 14:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-26 11:41 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-07-26 11:40 - 2013-08-22 15:25 - 01835008 ___SH () C:\WINDOWS\system32\config\BBI 2014-07-26 11:39 - 2013-10-12 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-26 11:37 - 2014-01-16 12:39 - 00000000 ____D () C:\ProgramData\ProductData 2014-07-26 11:36 - 2014-07-26 11:36 - 00000000 ____D () C:\ProgramData\ATI 2014-07-26 11:36 - 2013-08-22 16:44 - 00494912 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-07-26 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-07-26 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-07-26 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-07-26 11:34 - 2014-07-26 11:34 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261134124973.log 2014-07-26 11:34 - 2014-07-26 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-07-26 11:34 - 2013-10-12 02:56 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-07-26 11:33 - 2014-07-26 11:33 - 00065920 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261133423567.log 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI 2014-07-26 11:32 - 2013-10-12 02:48 - 00000000 ____D () C:\AMD 2014-07-26 11:31 - 2014-06-11 23:23 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-07-26 11:31 - 2014-04-09 18:56 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe 2014-07-21 22:05 - 2014-07-21 22:05 - 00135168 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.1001.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00100352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\system32\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2014-07-21 22:04 - 2013-12-07 00:03 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2014-07-21 22:04 - 2013-12-06 23:57 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2014-07-21 22:04 - 2013-12-06 23:56 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2014-07-21 22:04 - 2013-12-06 22:53 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2014-07-21 22:04 - 2013-12-06 22:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2014-07-21 22:04 - 2013-12-06 22:52 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2014-07-21 22:04 - 2013-12-06 22:22 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2014-07-21 22:04 - 2013-07-31 19:52 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2014-07-21 22:04 - 2013-07-31 19:52 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2014-07-21 22:04 - 2013-07-31 18:14 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll 2014-07-21 12:37 - 2014-03-30 19:45 - 00000000 ____D () C:\Users\Kai\Desktop\Einkaufsrechnungen 2014 Some content of TEMP: ==================== C:\Users\Kai\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_tagscan5.1.648.exe C:\Users\Kai\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Kai\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\Kai\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Kai\AppData\Local\Temp\promote-upx.exe C:\Users\Kai\AppData\Local\Temp\sfamcc00001.dll C:\Users\Kai\AppData\Local\Temp\sfareca00001.dll C:\Users\Kai\AppData\Local\Temp\_is71E5.exe C:\Users\Kai\AppData\Local\Temp\_isA06A.exe C:\Users\Kai\AppData\Local\Temp\_isAD2.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-15 21:12 ==================== End Of Log ============================ Code:
ATTFilter ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{853A112F-241F-E344-4636-103C25D3751E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden AMD Fuel (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.) AMD PSCheck (HKLM-x32\...\{CF5274C3-DB54-4156-BF11-F8526390743A}) (Version: 3.4.1.0277 - Advanced Micro Devices, Inc.) AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) ArcSoft TotalMedia Theatre 6 (HKLM-x32\...\InstallShield_{5232358C-7C23-4319-8271-E43F924196AC}) (Version: 6.6.1.190 - ArcSoft) ArcSoft TotalMedia Theatre 6 (x32 Version: 6.6.1.190 - ArcSoft) Hidden AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) Brother MFL-Pro Suite MFC-J4710DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.1129.1143.20969 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden CPUID CPU-Z 1.67 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft) DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.3.0 - CM&V) FinePrint (HKLM\...\FinePrint) (Version: 6.15 - FinePrint Software, LLC) Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.7.2405 - IObit) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden LAV Filters 0.61.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.2 - Hendrik Leppkes) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Picture It! Foto 7.0 (HKLM-x32\...\{369B36BE-3D64-4641-9AEA-808D436FE132}) (Version: 7.0.0.0000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) StarMoney (x32 Version: 3.0.0.124 - StarFinanz) Hidden StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden StarMoney Business 5.0 (HKLM-x32\...\{0451283F-76D1-43BF-9325-3160210E0118}) (Version: 5.0 - Star Finanz GmbH) StarMoney Business 6.0 (HKLM-x32\...\{9FD9F9E9-3002-4ED7-8002-8D869BCF6606}) (Version: 6.0 - Star Finanz GmbH) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 26-07-2014 09:32:16 Windows Update 04-08-2014 10:59:48 Geplanter Prüfpunkt 05-08-2014 19:56:14 Installed Java 7 Update 67 14-08-2014 11:28:25 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {1F7023B5-7A5C-4284-BD01-75F399725AE6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {22400DA6-E1DD-4612-A401-87E633B15A4B} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {29813668-2EB4-4EB4-90A2-AD1D3D0FAC0A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {2B9F4D2D-96B6-4EA0-A90C-A63A4D351C5E} - System32\Tasks\AmdMsrTweaker_1.1 => C:\Program Files (x86)\AmdMsrTweaker_1.1\x64\AmdMsrTweaker.exe [2013-04-07] () Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {4893B312-C8F7-4518-B2B4-ECC846C3314C} - System32\Tasks\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2011-11-03] (Almico Software (Almico's Home Page)) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {683093C4-2D91-4E3D-8627-F57F183B275E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {776425FC-4D13-4464-928A-34D75E999304} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {78B6F3E6-A2C4-489C-83E2-584B27B0DC92} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-01-16] (IObit) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8A986788-A6D4-445D-8290-BBED5B026567} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {8C2B5636-0CAC-4471-B3CC-58F575497E3C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {900DA9AA-3839-4F78-B590-81746035C55C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft) Task: {9D64C69D-DC8F-4B5D-9EEC-5AF305C1F17A} - System32\Tasks\MPH => C:\Program Files (x86)\MPH1.0.7\MPH.exe [2014-02-05] (Skwire Empire) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A317CF7B-6B8C-42C3-A961-D973A43C338D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DB3DD63C-A65D-4A96-98EF-D6650B1BD732} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {E686F5C6-ED55-44D3-88FF-AF21E17FE787} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-14] (Microsoft Corporation) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {E6F5EFA8-66C5-4491-831B-A648BF73D2F2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-01 22:35 - 2006-02-23 12:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll 2014-03-01 22:35 - 2006-02-22 11:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll 2013-12-06 17:06 - 2013-12-06 17:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2013-07-26 06:59 - 2013-07-26 06:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2013-07-26 06:59 - 2013-07-26 06:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2013-10-12 04:02 - 2005-04-22 13:36 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2013-12-06 17:06 - 2013-12-06 17:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2013-10-12 04:21 - 2013-10-12 04:21 - 00292352 _____ () C:\Program Files\WindowsApps\21767Katans.gTasks_1.2.0.50_x64__ey1k83fg9dn8w\gTasks.exe 2014-04-10 13:28 - 2014-04-10 13:28 - 01726976 _____ () C:\Users\Kai\AppData\Local\Packages\21767katans.gtasks_ey1k83fg9dn8w\AC\Microsoft\CLR_v4.0\NativeImages\gTasks\acc77cd85e4c9224b077663c798cf58d\gTasks.ni.exe 2014-04-10 13:19 - 2014-04-10 13:19 - 05185024 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\58afb3c922fe504503f07ade2e88ccfb\Windows.UI.Xaml.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\ba65f033632f4fc480cc45bc72bf25e4\Windows.Storage.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\d07f690ce5d3a2de7c9089a6200d64db\Windows.Data.ni.dll 2014-04-10 13:28 - 2014-04-10 13:28 - 00086528 _____ () C:\Users\Kai\AppData\Local\Packages\21767katans.gtasks_ey1k83fg9dn8w\AC\Microsoft\CLR_v4.0\NativeImages\CharmFlyoutLibrary\2033c364e283ec4ac7c6c9f89d95f148\CharmFlyoutLibrary.ni.dll 2014-08-18 00:45 - 2014-08-18 00:45 - 00409088 _____ () C:\Program Files\WindowsApps\4659BB81.WEB.DEMail_1.1.0.8_neutral__9r8rjdwa12808\WindowsMailApp.exe 2014-04-09 21:24 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-06-09 11:27 - 2014-08-08 10:56 - 00172032 _____ () C:\Users\Kai\AppData\Local\Temp\sfareca00001.dll 2013-10-17 18:19 - 2014-08-08 10:56 - 00192512 _____ () C:\Users\Kai\AppData\Local\Temp\sfamcc00001.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Kai\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "TotalMedia Server.lnk" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKCU\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk" HKCU\...\StartupApproved\Run: => "Raptr" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/14/2014 01:28:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (08/05/2014 09:56:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:36:13.424]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:36:13.424]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:34:41.342]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:34:41.341]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 00:59:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (08/04/2014 00:47:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. System errors: ============= Error: (08/14/2014 06:04:34 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:03:09 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:03:09 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/11/2014 02:06:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/11/2014 02:06:20 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Microsoft Office Sessions: ========================= Error: (08/14/2014 01:28:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (08/05/2014 09:56:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:36:13.424]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:36:13.424]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:34:41.342]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:34:41.341]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 00:59:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (08/04/2014 00:47:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174 Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174 CodeIntegrity Errors: =================================== Date: 2014-07-26 12:02:11.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:02:11.664 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.677 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.599 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.412 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.286 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.083 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:23.958 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:23.771 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:23.646 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-8120 Eight-Core Processor Percentage of memory in use: 52% Total physical RAM: 8175.15 MB Available physical RAM: 3846.02 MB Total Pagefile: 9455.15 MB Available Pagefile: 2921.8 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.13 GB) (Free:140.3 GB) NTFS Drive f: (H2O-Speicher1) (Fixed) (Total:97.65 GB) (Free:89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 08810881) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=135.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: F7DCB47E) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Geändert von ceborat (18.08.2014 um 01:27 Uhr) |
18.08.2014, 04:44 | #2 |
/// the machine /// TB-Ausbilder | Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen hi,
__________________das klingt ja fast nach einem Fall für Mulder und Scully der kopf der Logfiles fehlt
__________________ |
18.08.2014, 08:28 | #3 |
| Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen Hi, ja da hast du recht. Wer den Schaden hat...., Du kennst das. Ich traue mich kaum jemandem davon zu erzählen weil jeder denkt, ich hätt was geraucht.
__________________Das Problem ist aber echt so da. Ich habe die Logs noch mal gemacht: Code:
ATTFilter can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01 Ran by Kai (administrator) on H2O-SEVEN-ONES1 on 18-08-2014 09:14:44 Running from C:\Users\Kai\Downloads Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Microsoft Corporation) C:\Windows\System32\vmms.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe (Skwire Empire) C:\Program Files (x86)\MPH1.0.7\MPH.exe (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-07-22] (Geek Software GmbH) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SMB50StarMoneyRunEntry] => "L:\Progrdat\StarMoney Business 5.0\app\oflagent.exe" HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2013-12-05] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SMB60StarMoneyRunEntry] => "L:\Progrdat\StarMoney Business 6.0\app\oflagent.exe" HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation) Winlogon\Notify\ScCertProp: wlnotify.dll [X] HKU\S-1-5-21-723429055-607364035-2451921369-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TotalMedia Server.lnk ShortcutTarget: TotalMedia Server.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TotalMedia Server\TM Server.exe (ArcSoft Inc.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8F4FF39C22B6CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE SearchScopes: HKCU - {8D6AF7B2-C1FD-4BE1-B623-9AEBCA5487EF} URL = hxxp://search.microsoft.com/results.aspx?form=MSHOME&setlang=de-de&q={searchTerms}&mkt=de-de SearchScopes: HKCU - {99F45115-7F2D-40F2-BC0B-6578422146A8} URL = hxxp://rover.ebay.com/rover/1/707-53477-19255-0/1?icep_ff3=9&pub=5574640706&toolid=10001&campid=5336449492&customid=&icep_uq={searchTerms}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229487&kwid=902099&mtid=824&kw=lg SearchScopes: HKCU - {D0B280F4-C756-4C10-9BE6-F3C9AB6CFFE8} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms} BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [omaonpoimgkmbllpdihbnmgphjoipdhf] - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx [2014-02-16] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2014-03-11] (ArcSoft, Inc.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed] S2 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [137584 2014-01-08] () R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [File not signed] S2 Launch TotalMedia Theatre 6 Driver; C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe [608256 2014-03-04] (ArcSoft, Inc.) [File not signed] S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-16] (IObit) R2 vmms; C:\Windows\system32\vmms.exe [13401600 2014-05-10] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R3 AmdTools64; C:\Windows\System32\drivers\AmdTools64.sys [46384 2009-04-24] (Advanced Micro Devices) R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices) R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [59624 2014-01-08] (Advanced Micro Devices) R1 ArcCtrl; C:\Windows\System32\drivers\ArcCtrl.sys [3315392 2013-11-20] () R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2013-09-24] (Advanced Micro Devices) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.) R3 cxbu0x64; C:\Windows\system32\DRIVERS\cxbu0x64.sys [147576 2014-04-05] (HID Global Corporation) R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [68960 2013-10-30] (Microsoft Corporation) S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [19456 2013-10-30] (Microsoft Corporation) S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [22016 2013-10-30] (Microsoft Corporation) S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [27136 2013-10-30] (Microsoft Corporation) S3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [47320 2013-07-29] (Realtek Microelectronics) S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [18944 2014-01-27] (Microsoft Corporation) R3 VMSMP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) S3 VMSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) S3 VMSVSF; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) S3 VMSVSP; C:\Windows\system32\DRIVERS\vmswitch.sys [691200 2014-05-27] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-18 02:57 - 2014-08-18 02:57 - 17997824 _____ () C:\Users\Kai\Downloads\Boxcryptor_v2.0.431.403_Setup.msi 2014-08-18 01:48 - 2014-08-18 01:48 - 00044185 _____ () C:\Users\Kai\Downloads\Addition.txt 2014-08-18 01:47 - 2014-08-18 09:14 - 00012232 _____ () C:\Users\Kai\Downloads\FRST.txt 2014-08-18 01:47 - 2014-08-18 09:14 - 00000000 ____D () C:\FRST 2014-08-18 01:46 - 2014-08-18 01:46 - 02101760 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe 2014-08-17 19:58 - 2014-08-17 19:58 - 00000000 _____ () C:\Users\Kai\Desktop\m.txt 2014-08-14 12:54 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-08-14 12:54 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-08-14 12:54 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-08-14 12:54 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-08-14 12:54 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-08-14 12:54 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-08-14 12:54 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-08-14 12:54 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-08-14 12:54 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-08-14 12:54 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-08-14 12:54 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-08-14 12:54 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-08-14 12:54 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-08-14 12:54 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-08-14 12:54 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-08-14 12:54 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-08-14 12:54 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-08-14 12:54 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-08-14 12:54 - 2014-07-25 13:43 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-08-14 12:54 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-08-14 12:54 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-08-14 12:54 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-08-14 12:54 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-08-14 12:54 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-08-14 12:54 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-08-14 12:54 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-08-14 12:54 - 2014-07-25 13:09 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-08-14 12:54 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-08-14 12:54 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-08-14 12:54 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-08-14 12:54 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-08-14 12:54 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-08-14 12:54 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-08-14 12:54 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-08-14 12:54 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-08-14 12:53 - 2014-08-07 04:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-08-14 12:53 - 2014-08-07 00:39 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-14 12:53 - 2014-08-07 00:38 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-14 12:53 - 2014-08-02 07:44 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-14 12:53 - 2014-08-02 05:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-08-14 12:53 - 2014-08-02 05:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-08-14 12:53 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-08-14 12:53 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-08-14 12:53 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-08-14 12:53 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll 2014-08-14 12:53 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-08-14 12:53 - 2014-06-20 03:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll 2014-08-14 12:53 - 2014-06-20 01:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll 2014-08-14 12:53 - 2014-06-13 03:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-08-14 12:53 - 2014-06-13 03:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-08-14 12:53 - 2014-06-13 02:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll 2014-08-14 12:53 - 2014-06-06 13:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-08-14 12:53 - 2014-06-04 11:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-08-14 12:53 - 2014-06-04 07:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll 2014-08-14 12:53 - 2014-06-04 07:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll 2014-08-14 12:53 - 2014-06-04 06:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll 2014-08-14 12:53 - 2014-06-04 06:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll 2014-08-14 12:53 - 2014-06-04 04:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-08-14 12:53 - 2014-06-04 04:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-08-05 21:56 - 2014-08-05 21:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\Program Files (x86)\Java 2014-07-26 11:39 - 2014-07-10 06:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-07-26 11:39 - 2014-07-10 06:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-07-26 11:39 - 2014-07-10 05:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-07-26 11:36 - 2014-07-26 11:36 - 00000000 ____D () C:\ProgramData\ATI 2014-07-26 11:34 - 2014-07-26 11:34 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261134124973.log 2014-07-26 11:34 - 2014-07-26 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-07-26 11:33 - 2014-07-26 11:33 - 00065920 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261133423567.log 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI 2014-07-26 11:32 - 2014-06-05 16:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2014-07-26 11:32 - 2014-06-05 15:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2014-07-26 11:32 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-07-26 11:32 - 2014-05-31 12:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-07-26 11:32 - 2014-05-31 12:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys 2014-07-26 11:32 - 2014-05-31 12:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-07-26 11:32 - 2014-05-31 12:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys 2014-07-26 11:32 - 2014-05-31 12:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys 2014-07-26 11:32 - 2014-05-31 08:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys 2014-07-26 11:32 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys 2014-07-26 11:32 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys 2014-07-26 11:32 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe 2014-07-26 11:32 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll 2014-07-26 11:32 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll 2014-07-26 11:32 - 2014-05-29 08:21 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2014-07-26 11:32 - 2014-05-27 17:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-07-26 11:32 - 2014-05-27 15:15 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wnv.sys 2014-07-26 11:32 - 2014-05-27 15:15 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmswitch.sys 2014-07-26 11:32 - 2014-05-27 12:23 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\vmsif.dll 2014-07-26 11:32 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll 2014-07-26 11:32 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll 2014-07-26 11:32 - 2014-05-17 06:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-07-26 11:32 - 2014-05-17 06:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-07-26 11:32 - 2014-05-13 09:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-07-26 11:32 - 2014-05-13 07:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-07-26 11:32 - 2014-05-13 06:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-07-26 11:32 - 2014-05-13 06:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-07-26 11:32 - 2014-05-13 05:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-07-26 11:32 - 2014-05-13 05:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll 2014-07-26 11:32 - 2014-05-03 13:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-07-26 11:32 - 2014-05-03 11:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2014-07-26 11:32 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-07-26 11:32 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll 2014-07-26 11:32 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll 2014-07-26 11:32 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll 2014-07-26 11:32 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll 2014-07-26 11:32 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll 2014-07-26 11:32 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll 2014-07-26 11:32 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat 2014-07-26 11:32 - 2014-05-01 07:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-07-26 11:32 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys 2014-07-26 11:32 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-07-26 11:32 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys 2014-07-26 11:32 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys 2014-07-26 11:32 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe 2014-07-26 11:32 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe 2014-07-26 11:32 - 2014-04-30 06:30 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2014-07-26 11:32 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll 2014-07-26 11:32 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll 2014-07-26 11:32 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll 2014-07-26 11:32 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll 2014-07-26 11:32 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-07-26 11:32 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-07-26 11:32 - 2014-04-30 05:52 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll 2014-07-26 11:32 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll 2014-07-26 11:32 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll 2014-07-26 11:32 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll 2014-07-26 11:32 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll 2014-07-26 11:32 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll 2014-07-26 11:32 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-07-26 11:32 - 2014-04-27 00:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-07-26 11:32 - 2014-04-26 22:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-07-26 11:32 - 2014-04-26 20:41 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe 2014-07-26 11:32 - 2014-04-26 20:22 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2014-07-26 11:32 - 2014-04-26 20:04 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll 2014-07-26 11:32 - 2014-04-26 19:36 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2014-07-26 11:32 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-07-26 11:32 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll 2014-07-26 11:32 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll 2014-07-26 11:32 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll 2014-07-26 11:32 - 2014-04-09 08:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-07-26 11:32 - 2014-04-09 07:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-07-26 11:31 - 2014-05-31 08:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-07-21 22:05 - 2014-07-21 22:05 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe 2014-07-21 22:05 - 2014-07-21 22:05 - 00135168 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.1001.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00100352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\system32\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-08-18 09:14 - 2014-08-18 01:47 - 00012232 _____ () C:\Users\Kai\Downloads\FRST.txt 2014-08-18 09:14 - 2014-08-18 01:47 - 00000000 ____D () C:\FRST 2014-08-18 09:14 - 2013-10-17 18:57 - 00003950 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9D204474-2CF9-4C35-9030-A2B7CF9F4175} 2014-08-18 09:14 - 2013-09-30 06:14 - 01686150 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-08-18 09:14 - 2013-09-30 05:56 - 00726688 _____ () C:\WINDOWS\system32\perfh007.dat 2014-08-18 09:14 - 2013-09-30 05:56 - 00151380 _____ () C:\WINDOWS\system32\perfc007.dat 2014-08-18 09:11 - 2014-01-16 12:39 - 00000000 ____D () C:\ProgramData\ProductData 2014-08-18 09:11 - 2013-10-30 12:24 - 27590656 _____ () C:\WINDOWS\system32\vmguest.iso 2014-08-18 09:10 - 2013-10-17 18:18 - 00000000 ___DO () C:\Users\Kai\SkyDrive 2014-08-18 09:10 - 2013-10-12 03:07 - 00000000 ____D () C:\Program Files (x86)\SpeedFan 2014-08-18 09:10 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-08-18 09:09 - 2013-08-22 16:44 - 00494912 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-08-18 03:20 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-08-18 03:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-08-18 03:20 - 2013-08-22 15:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI 2014-08-18 03:19 - 2014-03-02 19:34 - 02051663 _____ () C:\WINDOWS\WindowsUpdate.log 2014-08-18 03:11 - 2013-10-12 02:45 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-723429055-607364035-2451921369-1001 2014-08-18 03:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-08-18 02:57 - 2014-08-18 02:57 - 17997824 _____ () C:\Users\Kai\Downloads\Boxcryptor_v2.0.431.403_Setup.msi 2014-08-18 01:48 - 2014-08-18 01:48 - 00044185 _____ () C:\Users\Kai\Downloads\Addition.txt 2014-08-18 01:46 - 2014-08-18 01:46 - 02101760 _____ (Farbar) C:\Users\Kai\Downloads\FRST64.exe 2014-08-18 00:50 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-08-18 00:45 - 2013-10-12 02:37 - 00000000 ____D () C:\Users\Kai\AppData\Local\Packages 2014-08-17 19:58 - 2014-08-17 19:58 - 00000000 _____ () C:\Users\Kai\Desktop\m.txt 2014-08-17 19:55 - 2014-03-02 19:50 - 00004217 _____ () C:\WINDOWS\setupact.log 2014-08-14 14:03 - 2013-10-12 03:09 - 00004260 _____ () C:\WINDOWS\System32\Tasks\AmdMsrTweaker_1.1 2014-08-14 13:30 - 2013-10-12 03:48 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-08-14 13:30 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-08-14 13:29 - 2013-10-12 03:30 - 99218768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-08-14 13:29 - 2013-10-12 03:30 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-08-14 13:28 - 2014-07-10 01:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel 2014-08-14 12:52 - 2014-07-10 01:00 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-08-14 12:52 - 2014-06-27 11:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-08-14 12:52 - 2014-06-27 11:11 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-08-14 12:52 - 2014-04-10 12:34 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-08-14 12:52 - 2014-04-10 12:33 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-08-14 12:52 - 2014-04-09 18:56 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-08-14 12:52 - 2014-04-09 18:56 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-08-14 12:52 - 2014-04-09 18:56 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-08-14 12:52 - 2014-04-09 18:56 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-08-14 12:52 - 2014-04-09 18:56 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-08-14 12:52 - 2014-04-09 18:56 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-08-14 12:52 - 2014-04-09 18:56 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-08-14 12:52 - 2014-04-09 18:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-08-14 12:52 - 2014-04-09 18:56 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-08-14 12:52 - 2014-04-09 18:56 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-08-13 09:41 - 2013-10-12 10:55 - 00002246 ____H () C:\Users\Kai\Documents\Default.rdp 2014-08-11 09:13 - 2013-10-12 04:34 - 00000000 ____D () C:\Users\Kai\Documents\FinePrint-Dateien 2014-08-07 04:12 - 2014-08-14 12:53 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-08-07 00:39 - 2014-08-14 12:53 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-08-07 00:38 - 2014-08-14 12:53 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-08-05 21:56 - 2014-08-05 21:56 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe 2014-08-05 21:56 - 2014-08-05 21:56 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-08-05 21:56 - 2014-08-05 21:56 - 00000000 ____D () C:\Program Files (x86)\Java 2014-08-05 21:56 - 2013-10-12 04:16 - 00000000 ____D () C:\ProgramData\Oracle 2014-08-02 07:44 - 2014-08-14 12:53 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-08-02 05:56 - 2014-08-14 12:53 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2014-08-02 05:11 - 2014-08-14 12:53 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-08-02 02:17 - 2013-08-22 17:38 - 00704480 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2014-08-02 02:17 - 2013-08-22 17:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-26 12:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-07-26 11:41 - 2014-04-09 13:58 - 00032164 _____ () C:\WINDOWS\PFRO.log 2014-07-26 11:41 - 2013-10-12 14:00 - 00000000 ____D () C:\Program Files\Microsoft Silverlight 2014-07-26 11:41 - 2013-10-12 14:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight 2014-07-26 11:39 - 2013-10-12 14:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-07-26 11:36 - 2014-07-26 11:36 - 00000000 ____D () C:\ProgramData\ATI 2014-07-26 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-07-26 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager 2014-07-26 11:35 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera 2014-07-26 11:34 - 2014-07-26 11:34 - 00060817 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261134124973.log 2014-07-26 11:34 - 2014-07-26 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-07-26 11:34 - 2013-10-12 02:56 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-07-26 11:33 - 2014-07-26 11:33 - 00065920 _____ () C:\WINDOWS\SysWOW64\CCCInstall_201407261133423567.log 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default\AppData\Local\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\ATI 2014-07-26 11:33 - 2014-07-26 11:33 - 00000000 ____D () C:\Users\Default User\AppData\Local\ATI 2014-07-26 11:32 - 2013-10-12 02:48 - 00000000 ____D () C:\AMD 2014-07-26 11:31 - 2014-06-11 23:23 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-07-26 11:31 - 2014-04-09 18:56 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-07-25 16:52 - 2014-08-14 12:54 - 23645696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-07-25 15:51 - 2014-08-14 12:54 - 17524224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-07-25 15:28 - 2014-08-14 12:54 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-07-25 15:25 - 2014-08-14 12:54 - 02774528 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-07-25 15:25 - 2014-08-14 12:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-07-25 14:59 - 2014-08-14 12:54 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-07-25 14:40 - 2014-08-14 12:54 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-07-25 14:34 - 2014-08-14 12:54 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-07-25 14:30 - 2014-08-14 12:54 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-07-25 14:28 - 2014-08-14 12:54 - 05824512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-07-25 14:28 - 2014-08-14 12:54 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-07-25 14:21 - 2014-08-14 12:54 - 02184704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-07-25 14:17 - 2014-08-14 12:54 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-07-25 14:10 - 2014-08-14 12:54 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-07-25 14:08 - 2014-08-14 12:54 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-07-25 14:06 - 2014-08-14 12:54 - 04204032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-07-25 13:52 - 2014-08-14 12:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-07-25 13:47 - 2014-08-14 12:54 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-07-25 13:43 - 2014-08-14 12:54 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-07-25 13:43 - 2014-08-14 12:54 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-25 13:42 - 2014-08-14 12:54 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-07-25 13:39 - 2014-08-14 12:54 - 02087936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-07-25 13:34 - 2014-08-14 12:54 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-07-25 13:29 - 2014-08-14 12:54 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-07-25 13:23 - 2014-08-14 12:54 - 13547008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-07-25 13:13 - 2014-08-14 12:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-07-25 13:09 - 2014-08-14 12:54 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-07-25 13:07 - 2014-08-14 12:54 - 02001920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-07-25 13:03 - 2014-08-14 12:54 - 11772928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-07-25 12:52 - 2014-08-14 12:54 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-07-25 12:26 - 2014-08-14 12:54 - 01431040 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-07-25 12:17 - 2014-08-14 12:54 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-07-25 12:09 - 2014-08-14 12:54 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2014-07-25 12:05 - 2014-08-14 12:54 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-07-25 12:00 - 2014-08-14 12:54 - 01169920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00230912 _____ () C:\WINDOWS\system32\clinfo.exe 2014-07-21 22:05 - 2014-07-21 22:05 - 00135168 _____ (AMD) C:\WINDOWS\system32\coinst_13.251.9001.1001.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00100352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OpenVideo64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00086528 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\OVDecode64.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00083968 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OpenVideo.dll 2014-07-21 22:05 - 2014-07-21 22:05 - 00073728 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\OVDecode.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 29382144 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 26352128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 22157824 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 15716352 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 13209088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 08287008 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 06630232 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 03461040 _____ () C:\WINDOWS\SysWOW64\atiumdva.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 03426688 _____ () C:\WINDOWS\system32\atiumd6a.cap 2014-07-21 22:04 - 2014-07-21 22:04 - 00626688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\SysWOW64\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00550472 _____ () C:\WINDOWS\system32\atiapfxx.blb 2014-07-21 22:04 - 2014-07-21 22:04 - 00368640 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2014-07-21 22:04 - 2014-07-21 22:04 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00100352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00098496 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00096768 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00074752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00069632 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00063488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00057344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2014-07-21 22:04 - 2014-07-21 22:04 - 00031232 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2014-07-21 22:04 - 2013-12-07 00:03 - 00115512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2014-07-21 22:04 - 2013-12-06 23:57 - 08927704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2014-07-21 22:04 - 2013-12-06 23:56 - 07751920 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2014-07-21 22:04 - 2013-12-06 22:53 - 00588288 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2014-07-21 22:04 - 2013-12-06 22:53 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2014-07-21 22:04 - 2013-12-06 22:52 - 00239616 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2014-07-21 22:04 - 2013-12-06 22:22 - 01144320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 01318552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 01100216 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 00143304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2014-07-21 22:04 - 2013-07-31 19:53 - 00126336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2014-07-21 22:04 - 2013-07-31 19:52 - 09753752 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2014-07-21 22:04 - 2013-07-31 19:52 - 08406024 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2014-07-21 22:04 - 2013-07-31 18:14 - 00825344 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 24860160 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00412672 _____ () C:\WINDOWS\system32\amdmiracast.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00134656 _____ () C:\WINDOWS\system32\amdhdl64.dll 2014-07-21 22:03 - 2014-07-21 22:03 - 00123392 _____ () C:\WINDOWS\SysWOW64\amdhdl32.dll 2014-07-21 12:37 - 2014-03-30 19:45 - 00000000 ____D () C:\Users\Kai\Desktop\Einkaufsrechnungen 2014 Some content of TEMP: ==================== C:\Users\Kai\AppData\Local\Temp\ICReinstall_COMPUTER_BILD-Download-Manager_fuer_tagscan5.1.648.exe C:\Users\Kai\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe C:\Users\Kai\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe C:\Users\Kai\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe C:\Users\Kai\AppData\Local\Temp\promote-upx.exe C:\Users\Kai\AppData\Local\Temp\sfamcc00001.dll C:\Users\Kai\AppData\Local\Temp\sfareca00001.dll C:\Users\Kai\AppData\Local\Temp\_is71E5.exe C:\Users\Kai\AppData\Local\Temp\_isA06A.exe C:\Users\Kai\AppData\Local\Temp\_isAD2.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-08-15 21:12 ==================== End Of Log ============================ Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01 Ran by Kai at 2014-08-18 01:48:12 Running from C:\Users\Kai\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Install Manager (HKLM\...\{853A112F-241F-E344-4636-103C25D3751E}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2013.1206.1603.28764 - Ihr Firmenname) Hidden AMD Fuel (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden AMD OverDrive (HKLM-x32\...\{34D5220A-58D0-473C-90E4-15136C3FB0E3}) (Version: 4.3.1.0690 - Advanced Micro Devices, Inc.) AMD PSCheck (HKLM-x32\...\{CF5274C3-DB54-4156-BF11-F8526390743A}) (Version: 3.4.1.0277 - Advanced Micro Devices, Inc.) AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD) ArcSoft TotalMedia Theatre 6 (HKLM-x32\...\InstallShield_{5232358C-7C23-4319-8271-E43F924196AC}) (Version: 6.6.1.190 - ArcSoft) ArcSoft TotalMedia Theatre 6 (x32 Version: 6.6.1.190 - ArcSoft) Hidden AVM FRITZ!fax für FRITZ!Box (HKLM-x32\...\FRITZ! 2.0) (Version: - AVM Berlin) Brother MFL-Pro Suite MFC-J4710DW (HKLM-x32\...\{DD98C438-D769-4677-AA87-3481FA32D20C}) (Version: 2.0.0.0 - Brother Industries, Ltd.) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2013.1129.1143.20969 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden CPUID CPU-Z 1.67 (HKLM\...\CPUID CPU-Z_is1) (Version: - ) Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version: - Microsoft) DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.3.0 - CM&V) FinePrint (HKLM\...\FinePrint) (Version: 6.15 - FinePrint Software, LLC) Harmony Browser Plug-in (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 2.0 - Logitech) IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.7.2405 - IObit) Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle) Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden LAV Filters 0.61.2 (HKLM-x32\...\lavfilters_is1) (Version: 0.61.2 - Hendrik Leppkes) Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0407-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation) Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden Microsoft Picture It! Foto 7.0 (HKLM-x32\...\{369B36BE-3D64-4641-9AEA-808D436FE132}) (Version: 7.0.0.0000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) StarMoney (x32 Version: 3.0.0.124 - StarFinanz) Hidden StarMoney (x32 Version: 4.0.0.203 - StarFinanz) Hidden StarMoney Business 5.0 (HKLM-x32\...\{0451283F-76D1-43BF-9325-3160210E0118}) (Version: 5.0 - Star Finanz GmbH) StarMoney Business 6.0 (HKLM-x32\...\{9FD9F9E9-3002-4ED7-8002-8D869BCF6606}) (Version: 6.0 - Star Finanz GmbH) Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft) Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft) Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft) Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft) Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft) Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft) Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft) Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft) Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 26-07-2014 09:32:16 Windows Update 04-08-2014 10:59:48 Geplanter Prüfpunkt 05-08-2014 19:56:14 Installed Java 7 Update 67 14-08-2014 11:28:25 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {1F7023B5-7A5C-4284-BD01-75F399725AE6} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {22400DA6-E1DD-4612-A401-87E633B15A4B} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {29813668-2EB4-4EB4-90A2-AD1D3D0FAC0A} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {2B9F4D2D-96B6-4EA0-A90C-A63A4D351C5E} - System32\Tasks\AmdMsrTweaker_1.1 => C:\Program Files (x86)\AmdMsrTweaker_1.1\x64\AmdMsrTweaker.exe [2013-04-07] () Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {4893B312-C8F7-4518-B2B4-ECC846C3314C} - System32\Tasks\Speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2011-11-03] (Almico Software (www.almico.com)) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {683093C4-2D91-4E3D-8627-F57F183B275E} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {776425FC-4D13-4464-928A-34D75E999304} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {78B6F3E6-A2C4-489C-83E2-584B27B0DC92} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-01-16] (IObit) Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8A986788-A6D4-445D-8290-BBED5B026567} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {8C2B5636-0CAC-4471-B3CC-58F575497E3C} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {900DA9AA-3839-4F78-B590-81746035C55C} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft) Task: {9D64C69D-DC8F-4B5D-9EEC-5AF305C1F17A} - System32\Tasks\MPH => C:\Program Files (x86)\MPH1.0.7\MPH.exe [2014-02-05] (Skwire Empire) Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A317CF7B-6B8C-42C3-A961-D973A43C338D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {DB3DD63C-A65D-4A96-98EF-D6650B1BD732} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation) Task: {E686F5C6-ED55-44D3-88FF-AF21E17FE787} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-08-14] (Microsoft Corporation) Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {E6F5EFA8-66C5-4491-831B-A648BF73D2F2} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ==================== Loaded Modules (whitelisted) ============= 2014-03-01 22:35 - 2006-02-23 12:35 - 00020480 _____ () C:\WINDOWS\System32\FritzColorPort64.dll 2014-03-01 22:35 - 2006-02-22 11:39 - 00020480 _____ () C:\WINDOWS\System32\FritzPort64.dll 2013-12-06 17:06 - 2013-12-06 17:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2013-07-26 06:59 - 2013-07-26 06:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2013-07-26 06:59 - 2013-07-26 06:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2013-10-12 04:02 - 2005-04-22 13:36 - 00143360 ____N () C:\WINDOWS\system32\BrSNMP64.dll 2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2013-12-06 17:06 - 2013-12-06 17:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2013-10-12 04:21 - 2013-10-12 04:21 - 00292352 _____ () C:\Program Files\WindowsApps\21767Katans.gTasks_1.2.0.50_x64__ey1k83fg9dn8w\gTasks.exe 2014-04-10 13:28 - 2014-04-10 13:28 - 01726976 _____ () C:\Users\Kai\AppData\Local\Packages\21767katans.gtasks_ey1k83fg9dn8w\AC\Microsoft\CLR_v4.0\NativeImages\gTasks\acc77cd85e4c9224b077663c798cf58d\gTasks.ni.exe 2014-04-10 13:19 - 2014-04-10 13:19 - 05185024 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI.Xaml\58afb3c922fe504503f07ade2e88ccfb\Windows.UI.Xaml.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 01782784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.App640a3541#\43b92b6dbc9eb61983817ea32346d510\Windows.ApplicationModel.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 01278464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Storage\ba65f033632f4fc480cc45bc72bf25e4\Windows.Storage.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 00363520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Foundation\057b7043f4868b76c209d9c426b80743\Windows.Foundation.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 01459712 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.UI\926020eb508f6968545d6a51fb661fad\Windows.UI.ni.dll 2014-04-10 13:19 - 2014-04-10 13:19 - 00521216 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Windows.Data\d07f690ce5d3a2de7c9089a6200d64db\Windows.Data.ni.dll 2014-04-10 13:28 - 2014-04-10 13:28 - 00086528 _____ () C:\Users\Kai\AppData\Local\Packages\21767katans.gtasks_ey1k83fg9dn8w\AC\Microsoft\CLR_v4.0\NativeImages\CharmFlyoutLibrary\2033c364e283ec4ac7c6c9f89d95f148\CharmFlyoutLibrary.ni.dll 2014-08-18 00:45 - 2014-08-18 00:45 - 00409088 _____ () C:\Program Files\WindowsApps\4659BB81.WEB.DEMail_1.1.0.8_neutral__9r8rjdwa12808\WindowsMailApp.exe 2014-04-09 21:24 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-06-09 11:27 - 2014-08-08 10:56 - 00172032 _____ () C:\Users\Kai\AppData\Local\Temp\sfareca00001.dll 2013-10-17 18:19 - 2014-08-08 10:56 - 00192512 _____ () C:\Users\Kai\AppData\Local\Temp\sfamcc00001.dll 2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf 2013-02-14 15:46 - 2013-02-14 15:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Kai\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\StartupFolder: => "TotalMedia Server.lnk" HKLM\...\StartupApproved\Run32: => "Adobe ARM" HKCU\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk" HKCU\...\StartupApproved\Run: => "Raptr" ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (08/14/2014 01:28:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (08/05/2014 09:56:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:36:13.424]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:36:13.424]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:34:41.342]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWN BrtTWN: [2014/08/04 23:34:41.341]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 00:59:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (08/04/2014 00:47:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. System errors: ============= Error: (08/14/2014 06:04:34 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:03:09 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:03:09 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:31 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/14/2014 06:01:30 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/11/2014 02:06:21 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Error: (08/11/2014 02:06:20 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT) Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus lautet: 252. Microsoft Office Sessions: ========================= Error: (08/14/2014 01:28:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (08/05/2014 09:56:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:36:13.424]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:36:13 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:36:13.424]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:34:41.342]: [00001724]: Initialize TwdsMain Class failed! Error: (08/04/2014 11:34:41 PM) (Source: Brother BrLog) (EventID: 1001) (User: ) Description: TWNBrtTWN: [2014/08/04 23:34:41.341]: [00001724]: ##### Fatal ERROR!! Create STI-device failed! ##### Error: (08/04/2014 00:59:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert Error: (08/04/2014 00:47:51 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174 Error: (07/30/2014 10:49:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: H2O-SEVEN-ONES1) Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147023174 CodeIntegrity Errors: =================================== Date: 2014-07-26 12:02:11.789 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:02:11.664 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.677 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.599 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.412 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.286 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:24.083 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:23.958 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:23.771 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2014-07-26 12:01:23.646 Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: AMD FX(tm)-8120 Eight-Core Processor Percentage of memory in use: 52% Total physical RAM: 8175.15 MB Available physical RAM: 3846.02 MB Total Pagefile: 9455.15 MB Available Pagefile: 2921.8 MB Total Virtual: 131072 MB Available Virtual: 131071.8 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:238.13 GB) (Free:140.3 GB) NTFS Drive f: (H2O-Speicher1) (Fixed) (Total:97.65 GB) (Free:89 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 08810881) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=135.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=97.7 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: F7DCB47E) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=238.1 GB) - (Type=07 NTFS) ==================== End Of Log ============================ |
19.08.2014, 04:30 | #4 |
/// the machine /// TB-Ausbilder | Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen Hmm, wie wir sehen sehen wir nix. Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
25.08.2014, 22:22 | #5 |
| Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen Hallo Schrauber, hat etwas länger gedauert. Ich habe die Scans aber nun machen können aber ohne einen Fund. Anbei die Logs Code:
ATTFilter 22:46:37.0644 0x3e64 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58 22:47:33.0707 0x3e64 ============================================================ 22:47:33.0707 0x3e64 Current date / time: 2014/08/25 22:47:33.0707 22:47:33.0707 0x3e64 SystemInfo: 22:47:33.0707 0x3e64 22:47:33.0707 0x3e64 OS Version: 6.3.9600 ServicePack: 0.0 22:47:33.0707 0x3e64 Product type: Workstation 22:47:33.0707 0x3e64 ComputerName: H2O-SEVEN-ONES1 22:47:33.0707 0x3e64 UserName: Kai 22:47:33.0707 0x3e64 Windows directory: C:\WINDOWS 22:47:33.0707 0x3e64 System windows directory: C:\WINDOWS 22:47:33.0707 0x3e64 Running under WOW64 22:47:33.0707 0x3e64 Processor architecture: Intel x64 22:47:33.0707 0x3e64 Number of processors: 8 22:47:33.0707 0x3e64 Page size: 0x1000 22:47:33.0707 0x3e64 Boot type: Normal boot 22:47:33.0707 0x3e64 ============================================================ 22:47:33.0800 0x3e64 KLMD registered as C:\WINDOWS\system32\drivers\27975895.sys 22:47:33.0988 0x3e64 System UUID: {7BBEA281-671C-23B6-0AD7-047273E20DAD} 22:47:34.0394 0x3e64 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:47:34.0394 0x3e64 Drive \Device\Harddisk1\DR1 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:47:34.0394 0x3e64 ============================================================ 22:47:34.0394 0x3e64 \Device\Harddisk0\DR0: 22:47:34.0394 0x3e64 MBR partitions: 22:47:34.0394 0x3e64 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000 22:47:34.0394 0x3e64 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x10E43000 22:47:34.0394 0x3e64 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x10E75800, BlocksNum 0xC34F000 22:47:34.0394 0x3e64 \Device\Harddisk1\DR1: 22:47:34.0394 0x3e64 MBR partitions: 22:47:34.0394 0x3e64 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000 22:47:34.0394 0x3e64 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1DC43000 22:47:34.0394 0x3e64 ============================================================ 22:47:34.0410 0x3e64 C: <-> \Device\Harddisk1\DR1\Partition2 22:47:34.0441 0x3e64 F: <-> \Device\Harddisk0\DR0\Partition3 22:47:34.0441 0x3e64 ============================================================ 22:47:34.0441 0x3e64 Initialize success 22:47:34.0441 0x3e64 ============================================================ 22:48:28.0019 0x354c ============================================================ 22:48:28.0019 0x354c Scan started 22:48:28.0019 0x354c Mode: Manual; SigCheck; TDLFS; 22:48:28.0019 0x354c ============================================================ 22:48:28.0019 0x354c KSN ping started 22:48:30.0363 0x354c KSN ping finished: true 22:48:30.0582 0x354c ================ Scan system memory ======================== 22:48:30.0582 0x354c System memory - ok 22:48:30.0582 0x354c ================ Scan services ============================= 22:48:30.0644 0x354c [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 22:48:30.0691 0x354c 1394ohci - ok 22:48:30.0707 0x354c [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 22:48:30.0707 0x354c 3ware - ok 22:48:30.0738 0x354c [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 22:48:30.0754 0x354c ACPI - ok 22:48:30.0769 0x354c [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 22:48:30.0769 0x354c acpiex - ok 22:48:30.0785 0x354c [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 22:48:30.0785 0x354c acpipagr - ok 22:48:30.0801 0x354c [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 22:48:30.0816 0x354c AcpiPmi - ok 22:48:30.0816 0x354c [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 22:48:30.0816 0x354c acpitime - ok 22:48:30.0832 0x354c [ EEA4C099FA7DE4FBD54756C33BAF14D5, 9861BFAE0290E0BA7A0B50BBE7593BF36B63E565AEEFBD8980AE22A22BFAE703 ] ADExchange C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe 22:48:30.0863 0x354c ADExchange - ok 22:48:30.0863 0x354c [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe 22:48:30.0879 0x354c AdobeARMservice - ok 22:48:30.0894 0x354c [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 22:48:30.0926 0x354c ADP80XX - ok 22:48:30.0941 0x354c [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 22:48:30.0957 0x354c AeLookupSvc - ok 22:48:30.0972 0x354c [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys 22:48:31.0004 0x354c AFD - ok 22:48:31.0019 0x354c [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 22:48:31.0035 0x354c agp440 - ok 22:48:31.0035 0x354c [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 22:48:31.0050 0x354c ahcache - ok 22:48:31.0050 0x354c [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe 22:48:31.0066 0x354c ALG - ok 22:48:31.0082 0x354c [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe 22:48:31.0129 0x354c AMD External Events Utility - ok 22:48:31.0144 0x354c AMD FUEL Service - ok 22:48:31.0144 0x354c [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 22:48:31.0160 0x354c AmdK8 - ok 22:48:31.0160 0x354c [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys 22:48:31.0176 0x354c amdkmafd - ok 22:48:31.0441 0x354c [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys 22:48:31.0785 0x354c amdkmdag - ok 22:48:31.0832 0x354c [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 22:48:31.0863 0x354c amdkmdap - ok 22:48:31.0879 0x354c [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 22:48:31.0894 0x354c AmdPPM - ok 22:48:31.0894 0x354c [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 22:48:31.0910 0x354c amdsata - ok 22:48:31.0910 0x354c [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 22:48:31.0925 0x354c amdsbs - ok 22:48:31.0941 0x354c [ 2A01C8ED3BD95A025FAF03E35D872CD1, A676216C73998A7066AA6022B1298BE9A02CF404034060A95AA9EA01922F8B81 ] AmdTools64 C:\WINDOWS\System32\drivers\AmdTools64.sys 22:48:31.0941 0x354c AmdTools64 - ok 22:48:31.0957 0x354c [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 22:48:31.0957 0x354c amdxata - ok 22:48:31.0957 0x354c [ B25FB446E6EED2D1DD71251FF28D651C, 8A1E86D92BEEDF31891B225256D34396E2B25C4E1F358097F4FF6CC625D30F32 ] amd_sata C:\WINDOWS\system32\drivers\amd_sata.sys 22:48:31.0972 0x354c amd_sata - ok 22:48:31.0972 0x354c [ DE60139831783EB826E31AE6F63E07B7, 8D2928FED2F82F0F659473A3DA49FB64914CCC6B469F510BF4795902A2D1BCFE ] amd_xata C:\WINDOWS\system32\drivers\amd_xata.sys 22:48:31.0988 0x354c amd_xata - ok 22:48:31.0988 0x354c [ E8CCB797DAF80779C768BD3A9FC8FCAF, 781BD878CA34D8B6D2FE238439CD173E95449260428859BEA92866D41B1284F4 ] AODDriver4.2.0 C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys 22:48:31.0988 0x354c AODDriver4.2.0 - ok 22:48:32.0004 0x354c [ 1FDE3302A17928B999E6BBA6D346F7DB, 186029C1C62842F1FE21AAD445134A3DEDB978D2E27169D5016C3149FCC42E5C ] AODDriver4.3.0 C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys 22:48:32.0019 0x354c AODDriver4.3.0 - ok 22:48:32.0019 0x354c [ 24D5D2C9F24B9B7AF63182F5A444C3F9, 02D781C0FFADD355851D37B5401EFD8798F113BB5BC17A994AC5CF548360C3D2 ] AODService C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe 22:48:32.0035 0x354c AODService - ok 22:48:32.0051 0x354c [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys 22:48:32.0066 0x354c AppID - ok 22:48:32.0066 0x354c [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 22:48:32.0082 0x354c AppIDSvc - ok 22:48:32.0082 0x354c [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll 22:48:32.0097 0x354c Appinfo - ok 22:48:32.0113 0x354c [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 22:48:32.0129 0x354c AppMgmt - ok 22:48:32.0144 0x354c [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 22:48:32.0160 0x354c AppReadiness - ok 22:48:32.0191 0x354c [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 22:48:32.0238 0x354c AppXSvc - ok 22:48:32.0316 0x354c [ F7101A22FB38296FABE70DF90F30FB99, E16255DE6E7F78C88C6B0D86712BE89F53961E21B3065C627BB2C7803A485EC5 ] ArcCtrl C:\WINDOWS\system32\drivers\ArcCtrl.sys 22:48:32.0504 0x354c ArcCtrl - ok 22:48:32.0519 0x354c [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 22:48:32.0535 0x354c arcsas - ok 22:48:32.0535 0x354c [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys 22:48:32.0550 0x354c AsyncMac - ok 22:48:32.0550 0x354c [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 22:48:32.0566 0x354c atapi - ok 22:48:32.0582 0x354c [ 9ECB91E7B64FC6B41ABFDB73F7C7E662, F6AC1F3CEAC6416FEE7938523FF8E0E36210A496EC07E3536388DB84E96C02A5 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys 22:48:32.0613 0x354c AtiHDAudioService - ok 22:48:32.0613 0x354c [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 22:48:32.0629 0x354c AudioEndpointBuilder - ok 22:48:32.0660 0x354c [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 22:48:32.0691 0x354c Audiosrv - ok 22:48:32.0691 0x354c [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 22:48:32.0707 0x354c AxInstSV - ok 22:48:32.0722 0x354c [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 22:48:32.0738 0x354c b06bdrv - ok 22:48:32.0754 0x354c [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 22:48:32.0769 0x354c BasicDisplay - ok 22:48:32.0769 0x354c [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 22:48:32.0785 0x354c BasicRender - ok 22:48:32.0800 0x354c [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys 22:48:32.0816 0x354c bcbtums - ok 22:48:32.0863 0x354c [ ACB44407FF63C3A5A22AB5782F209604, 86BE221F07EB49D2149710CCCE4F0C24677560FEFD41F093C6D2BA0C962CF5C3 ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe 22:48:32.0925 0x354c BcmBtRSupport - ok 22:48:32.0941 0x354c [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 22:48:32.0941 0x354c bcmfn2 - ok 22:48:32.0957 0x354c [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 22:48:32.0972 0x354c BDESVC - ok 22:48:32.0972 0x354c [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 22:48:32.0988 0x354c Beep - ok 22:48:33.0004 0x354c [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll 22:48:33.0035 0x354c BFE - ok 22:48:33.0066 0x354c [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll 22:48:33.0113 0x354c BITS - ok 22:48:33.0113 0x354c [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 22:48:33.0129 0x354c bowser - ok 22:48:33.0144 0x354c [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 22:48:33.0160 0x354c BrokerInfrastructure - ok 22:48:33.0160 0x354c [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser C:\WINDOWS\System32\browser.dll 22:48:33.0175 0x354c Browser - ok 22:48:33.0191 0x354c [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 22:48:33.0269 0x354c BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 ) 22:48:35.0597 0x354c Detect skipped due to KSN trusted 22:48:35.0597 0x354c BrYNSvc - ok 22:48:35.0613 0x354c [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 22:48:35.0629 0x354c BthAvrcpTg - ok 22:48:35.0644 0x354c [ 131F1C8573E7BFB41C54FBF5309CCD94, DAFE51E3BADBD82A33B580F212B2D6520A120877C23F6D675521FEA2F4BA5A1F ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys 22:48:35.0691 0x354c BthEnum - ok 22:48:35.0691 0x354c [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 22:48:35.0722 0x354c BthHFEnum - ok 22:48:35.0738 0x354c [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 22:48:35.0754 0x354c bthhfhid - ok 22:48:35.0769 0x354c [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 22:48:35.0769 0x354c BTHMODEM - ok 22:48:35.0785 0x354c [ 3AFE71D80EDF5D4DE0C5731352905669, 3E370169B8C5D301954D1F1DA302F7A0DB2A034990E10B3D64458C48E5693205 ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys 22:48:35.0801 0x354c BthPan - ok 22:48:35.0847 0x354c [ 92370F46AF28D54B67C135FA8C2AFCFC, B1C0DBF27D392DEA8786AB9479C6CCD5A5DBDF3BE25ABA5FC7C6DB6D3EEE739B ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys 22:48:35.0910 0x354c BTHPORT - ok 22:48:35.0925 0x354c [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll 22:48:35.0941 0x354c bthserv - ok 22:48:35.0941 0x354c [ 23E75BED9076F856B36F5F934BBD5795, CCEB72B788522B7D52A6C07646005EBC68F9599D3714ECACF3A194CA47A1BE85 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys 22:48:35.0957 0x354c BTHUSB - ok 22:48:35.0972 0x354c [ BC279FCEE9FC8CBF991D5DE539771AA9, 5DE007672BFBFA78C44CC08251F495420402AFF4AD01541AA84AD37BD4A58190 ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys 22:48:35.0988 0x354c btwampfl - ok 22:48:35.0988 0x354c [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 22:48:36.0004 0x354c cdfs - ok 22:48:36.0004 0x354c [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 22:48:36.0019 0x354c cdrom - ok 22:48:36.0035 0x354c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 22:48:36.0051 0x354c CertPropSvc - ok 22:48:36.0051 0x354c [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 22:48:36.0066 0x354c circlass - ok 22:48:36.0082 0x354c [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 22:48:36.0097 0x354c CLFS - ok 22:48:36.0113 0x354c [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 22:48:36.0113 0x354c CmBatt - ok 22:48:36.0129 0x354c [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 22:48:36.0160 0x354c CNG - ok 22:48:36.0160 0x354c [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys 22:48:36.0175 0x354c CompositeBus - ok 22:48:36.0175 0x354c COMSysApp - ok 22:48:36.0191 0x354c [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 22:48:36.0191 0x354c condrv - ok 22:48:36.0207 0x354c [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 22:48:36.0222 0x354c CryptSvc - ok 22:48:36.0238 0x354c [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\WINDOWS\system32\drivers\csc.sys 22:48:36.0254 0x354c CSC - ok 22:48:36.0285 0x354c [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\WINDOWS\System32\cscsvc.dll 22:48:36.0316 0x354c CscService - ok 22:48:36.0316 0x354c [ 4CB695AE5CE6BBC2B251E63FB8720B81, F8F1728FC47CB3128D2D18A3B75A4EFA5AFCFB08FD3B82B7BBE1E5AC2FE212E7 ] cxbu0x64 C:\WINDOWS\system32\DRIVERS\cxbu0x64.sys 22:48:36.0332 0x354c cxbu0x64 - ok 22:48:36.0347 0x354c [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys 22:48:36.0347 0x354c dam - ok 22:48:36.0363 0x354c [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d C:\WINDOWS\System32\drivers\dc3d.sys 22:48:36.0363 0x354c dc3d - ok 22:48:36.0394 0x354c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 22:48:36.0425 0x354c DcomLaunch - ok 22:48:36.0441 0x354c [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 22:48:36.0457 0x354c defragsvc - ok 22:48:36.0472 0x354c [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll 22:48:36.0504 0x354c DeviceAssociationService - ok 22:48:36.0504 0x354c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 22:48:36.0519 0x354c DeviceInstall - ok 22:48:36.0535 0x354c [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 22:48:36.0550 0x354c Dfsc - ok 22:48:36.0550 0x354c [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 22:48:36.0582 0x354c Dhcp - ok 22:48:36.0582 0x354c [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys 22:48:36.0597 0x354c disk - ok 22:48:36.0597 0x354c [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 22:48:36.0613 0x354c dmvsc - ok 22:48:36.0629 0x354c [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 22:48:36.0644 0x354c Dnscache - ok 22:48:36.0644 0x354c [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll 22:48:36.0675 0x354c dot3svc - ok 22:48:36.0675 0x354c [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll 22:48:36.0707 0x354c DPS - ok 22:48:36.0707 0x354c [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 22:48:36.0722 0x354c drmkaud - ok 22:48:36.0722 0x354c [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 22:48:36.0738 0x354c DsmSvc - ok 22:48:36.0785 0x354c [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 22:48:36.0832 0x354c DXGKrnl - ok 22:48:36.0847 0x354c [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll 22:48:36.0863 0x354c Eaphost - ok 22:48:36.0926 0x354c [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 22:48:37.0035 0x354c ebdrv - ok 22:48:37.0035 0x354c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe 22:48:37.0050 0x354c EFS - ok 22:48:37.0050 0x354c [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 22:48:37.0066 0x354c EhStorClass - ok 22:48:37.0082 0x354c [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 22:48:37.0082 0x354c EhStorTcgDrv - ok 22:48:37.0097 0x354c [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 22:48:37.0097 0x354c ErrDev - ok 22:48:37.0113 0x354c [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll 22:48:37.0144 0x354c EventSystem - ok 22:48:37.0144 0x354c [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 22:48:37.0175 0x354c exfat - ok 22:48:37.0175 0x354c [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 22:48:37.0191 0x354c fastfat - ok 22:48:37.0207 0x354c [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe 22:48:37.0238 0x354c Fax - ok 22:48:37.0254 0x354c [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 22:48:37.0254 0x354c fdc - ok 22:48:37.0269 0x354c [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll 22:48:37.0269 0x354c fdPHost - ok 22:48:37.0285 0x354c [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll 22:48:37.0300 0x354c FDResPub - ok 22:48:37.0300 0x354c [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll 22:48:37.0316 0x354c fhsvc - ok 22:48:37.0332 0x354c [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 22:48:37.0332 0x354c FileInfo - ok 22:48:37.0347 0x354c [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 22:48:37.0363 0x354c Filetrace - ok 22:48:37.0363 0x354c [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 22:48:37.0379 0x354c flpydisk - ok 22:48:37.0379 0x354c [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 22:48:37.0410 0x354c FltMgr - ok 22:48:37.0441 0x354c [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll 22:48:37.0472 0x354c FontCache - ok 22:48:37.0488 0x354c [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 22:48:37.0488 0x354c FsDepends - ok 22:48:37.0504 0x354c [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:48:37.0504 0x354c Fs_Rec - ok 22:48:37.0519 0x354c [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 22:48:37.0551 0x354c fvevol - ok 22:48:37.0551 0x354c [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 22:48:37.0566 0x354c FxPPM - ok 22:48:37.0566 0x354c [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 22:48:37.0582 0x354c gagp30kx - ok 22:48:37.0582 0x354c [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 22:48:37.0597 0x354c gencounter - ok 22:48:37.0597 0x354c [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 22:48:37.0613 0x354c GPIOClx0101 - ok 22:48:37.0644 0x354c [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc C:\WINDOWS\System32\gpsvc.dll 22:48:37.0691 0x354c gpsvc - ok 22:48:37.0707 0x354c [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 22:48:37.0738 0x354c HdAudAddService - ok 22:48:37.0738 0x354c [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 22:48:37.0754 0x354c HDAudBus - ok 22:48:37.0754 0x354c [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 22:48:37.0769 0x354c HidBatt - ok 22:48:37.0769 0x354c [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 22:48:37.0785 0x354c HidBth - ok 22:48:37.0800 0x354c [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 22:48:37.0800 0x354c hidi2c - ok 22:48:37.0816 0x354c [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 22:48:37.0816 0x354c HidIr - ok 22:48:37.0832 0x354c [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll 22:48:37.0832 0x354c hidserv - ok 22:48:37.0847 0x354c [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 22:48:37.0863 0x354c HidUsb - ok 22:48:37.0863 0x354c [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 22:48:37.0879 0x354c hkmsvc - ok 22:48:37.0894 0x354c [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 22:48:37.0910 0x354c HomeGroupListener - ok 22:48:37.0926 0x354c [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 22:48:37.0941 0x354c HomeGroupProvider - ok 22:48:37.0957 0x354c [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 22:48:37.0957 0x354c HpSAMD - ok 22:48:37.0988 0x354c [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 22:48:38.0019 0x354c HTTP - ok 22:48:38.0035 0x354c [ 61C660874632D2D298B4AF3051A97C82, BE4389E82170A2FE4B82A067B0DB2210BE88CED10C30F8D0089F2BE107DCB4C7 ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys 22:48:38.0051 0x354c hvservice - ok 22:48:38.0051 0x354c [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 22:48:38.0066 0x354c hwpolicy - ok 22:48:38.0066 0x354c [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 22:48:38.0066 0x354c hyperkbd - ok 22:48:38.0082 0x354c [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 22:48:38.0082 0x354c HyperVideo - ok 22:48:38.0097 0x354c [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 22:48:38.0113 0x354c i8042prt - ok 22:48:38.0113 0x354c [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 22:48:38.0113 0x354c iaLPSSi_GPIO - ok 22:48:38.0129 0x354c [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 22:48:38.0129 0x354c iaLPSSi_I2C - ok 22:48:38.0160 0x354c [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 22:48:38.0176 0x354c iaStorAV - ok 22:48:38.0191 0x354c [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 22:48:38.0207 0x354c iaStorV - ok 22:48:38.0207 0x354c IEEtwCollectorService - ok 22:48:38.0238 0x354c [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll 22:48:38.0269 0x354c IKEEXT - ok 22:48:38.0285 0x354c [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 22:48:38.0285 0x354c intelide - ok 22:48:38.0300 0x354c [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 22:48:38.0300 0x354c intelpep - ok 22:48:38.0316 0x354c [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 22:48:38.0316 0x354c intelppm - ok 22:48:38.0332 0x354c [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:48:38.0347 0x354c IpFilterDriver - ok 22:48:38.0363 0x354c [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 22:48:38.0394 0x354c iphlpsvc - ok 22:48:38.0410 0x354c [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 22:48:38.0426 0x354c IPMIDRV - ok 22:48:38.0441 0x354c [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 22:48:38.0457 0x354c IPNAT - ok 22:48:38.0472 0x354c [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 22:48:38.0472 0x354c IRENUM - ok 22:48:38.0488 0x354c [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 22:48:38.0488 0x354c isapnp - ok 22:48:38.0504 0x354c [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 22:48:38.0519 0x354c iScsiPrt - ok 22:48:38.0535 0x354c [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 22:48:38.0535 0x354c kbdclass - ok 22:48:38.0550 0x354c [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 22:48:38.0550 0x354c kbdhid - ok 22:48:38.0550 0x354c [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys 22:48:38.0566 0x354c kbldfltr - ok 22:48:38.0566 0x354c [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 22:48:38.0582 0x354c kdnic - ok 22:48:38.0582 0x354c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe 22:48:38.0597 0x354c KeyIso - ok 22:48:38.0597 0x354c [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 22:48:38.0613 0x354c KSecDD - ok 22:48:38.0629 0x354c [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 22:48:38.0629 0x354c KSecPkg - ok 22:48:38.0644 0x354c [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 22:48:38.0644 0x354c ksthunk - ok 22:48:38.0660 0x354c [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 22:48:38.0676 0x354c KtmRm - ok 22:48:38.0691 0x354c [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 22:48:38.0722 0x354c LanmanServer - ok 22:48:38.0722 0x354c [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 22:48:38.0738 0x354c LanmanWorkstation - ok 22:48:38.0769 0x354c [ A6525C69515C3B5EC3B73D33603AA537, 76F28D33AB06659D2E82A7AFCDB1D0782F58B90F2E299F4A3C29E1F266612F49 ] Launch TotalMedia Theatre 6 Driver C:\Program Files (x86)\ArcSoft\TotalMedia Theatre 6\TMTLaunchDriverServer.exe 22:48:38.0816 0x354c Launch TotalMedia Theatre 6 Driver - detected UnsignedFile.Multi.Generic ( 1 ) 22:48:41.0144 0x354c Detect skipped due to KSN trusted 22:48:41.0144 0x354c Launch TotalMedia Theatre 6 Driver - ok 22:48:41.0175 0x354c [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll 22:48:41.0238 0x354c lfsvc - ok 22:48:41.0363 0x354c [ 1789EFAC865B2A444585F60899FF48C0, B61173620DB2E1CED9AA85D5DB9441AE24C0C428A0FFBC6092CE20C722E91EE4 ] LiveUpdateSvc C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe 22:48:41.0410 0x354c LiveUpdateSvc - ok 22:48:41.0425 0x354c [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 22:48:41.0441 0x354c lltdio - ok 22:48:41.0441 0x354c [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 22:48:41.0472 0x354c lltdsvc - ok 22:48:41.0472 0x354c [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 22:48:41.0488 0x354c lmhosts - ok 22:48:41.0488 0x354c [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 22:48:41.0504 0x354c LSI_SAS - ok 22:48:41.0504 0x354c [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 22:48:41.0519 0x354c LSI_SAS2 - ok 22:48:41.0519 0x354c [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 22:48:41.0535 0x354c LSI_SAS3 - ok 22:48:41.0535 0x354c [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 22:48:41.0551 0x354c LSI_SSS - ok 22:48:41.0566 0x354c [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll 22:48:41.0597 0x354c LSM - ok 22:48:41.0597 0x354c [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 22:48:41.0613 0x354c luafv - ok 22:48:41.0629 0x354c [ 11B7E5BD6EFBB7DB35F7933C3795F050, 28C62C8CE9B13119EDE031E881A4218F89DBFEF9B59975BE6108FBEF7A21E79F ] lunparser C:\WINDOWS\system32\drivers\lunparser.sys 22:48:41.0644 0x354c lunparser - ok 22:48:41.0644 0x354c [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 22:48:41.0660 0x354c megasas - ok 22:48:41.0676 0x354c [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 22:48:41.0691 0x354c megasr - ok 22:48:41.0707 0x354c Microsoft SharePoint Workspace Audit Service - ok 22:48:41.0707 0x354c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll 22:48:41.0722 0x354c MMCSS - ok 22:48:41.0722 0x354c [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 22:48:41.0738 0x354c Modem - ok 22:48:41.0738 0x354c [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 22:48:41.0754 0x354c monitor - ok 22:48:41.0754 0x354c [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 22:48:41.0769 0x354c mouclass - ok 22:48:41.0769 0x354c [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 22:48:41.0785 0x354c mouhid - ok 22:48:41.0785 0x354c [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 22:48:41.0801 0x354c mountmgr - ok 22:48:41.0801 0x354c [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 22:48:41.0816 0x354c mpsdrv - ok 22:48:41.0847 0x354c [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 22:48:41.0879 0x354c MpsSvc - ok 22:48:41.0879 0x354c [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 22:48:41.0910 0x354c MRxDAV - ok 22:48:41.0926 0x354c [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:48:41.0941 0x354c mrxsmb - ok 22:48:41.0957 0x354c [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 22:48:41.0972 0x354c mrxsmb10 - ok 22:48:41.0988 0x354c [ 5C42CEE3E2018E1DFC6E3E17240A432A, 7DFF61686167535125BA376A9BE3DD1C2AC7A2C13455E0FD8E83AAE88E52F987 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 22:48:42.0004 0x354c mrxsmb20 - ok 22:48:42.0004 0x354c [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 22:48:42.0019 0x354c MsBridge - ok 22:48:42.0035 0x354c [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe 22:48:42.0035 0x354c MSDTC - ok 22:48:42.0050 0x354c [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 22:48:42.0066 0x354c Msfs - ok 22:48:42.0066 0x354c [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 22:48:42.0082 0x354c msgpiowin32 - ok 22:48:42.0082 0x354c [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 22:48:42.0082 0x354c mshidkmdf - ok 22:48:42.0097 0x354c [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 22:48:42.0097 0x354c mshidumdf - ok 22:48:42.0113 0x354c [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 22:48:42.0113 0x354c msisadrv - ok 22:48:42.0129 0x354c [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 22:48:42.0144 0x354c MSiSCSI - ok 22:48:42.0144 0x354c msiserver - ok 22:48:42.0144 0x354c [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll 22:48:42.0160 0x354c MsKeyboardFilter - ok 22:48:42.0160 0x354c [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 22:48:42.0176 0x354c MSKSSRV - ok 22:48:42.0176 0x354c [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 22:48:42.0191 0x354c MsLldp - ok 22:48:42.0191 0x354c [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 22:48:42.0207 0x354c MSPCLOCK - ok 22:48:42.0207 0x354c [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 22:48:42.0222 0x354c MSPQM - ok 22:48:42.0238 0x354c [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 22:48:42.0254 0x354c MsRPC - ok 22:48:42.0254 0x354c [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 22:48:42.0269 0x354c mssmbios - ok 22:48:42.0269 0x354c [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 22:48:42.0285 0x354c MSTEE - ok 22:48:42.0285 0x354c [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 22:48:42.0300 0x354c MTConfig - ok 22:48:42.0300 0x354c [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 22:48:42.0316 0x354c Mup - ok 22:48:42.0316 0x354c [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 22:48:42.0332 0x354c mvumis - ok 22:48:42.0332 0x354c [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll 22:48:42.0363 0x354c napagent - ok 22:48:42.0379 0x354c [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 22:48:42.0410 0x354c NativeWifiP - ok 22:48:42.0410 0x354c [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 22:48:42.0425 0x354c NcaSvc - ok 22:48:42.0441 0x354c [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll 22:48:42.0457 0x354c NcbService - ok 22:48:42.0457 0x354c [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 22:48:42.0472 0x354c NcdAutoSetup - ok 22:48:42.0504 0x354c [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 22:48:42.0551 0x354c NDIS - ok 22:48:42.0551 0x354c [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 22:48:42.0566 0x354c NdisCap - ok 22:48:42.0566 0x354c [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys 22:48:42.0582 0x354c NdisImPlatform - ok 22:48:42.0582 0x354c [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:48:42.0597 0x354c NdisTapi - ok 22:48:42.0613 0x354c [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 22:48:42.0613 0x354c Ndisuio - ok 22:48:42.0629 0x354c [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 22:48:42.0629 0x354c NdisVirtualBus - ok 22:48:42.0644 0x354c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:48:42.0660 0x354c NdisWan - ok 22:48:42.0660 0x354c [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:48:42.0675 0x354c NdisWanLegacy - ok 22:48:42.0691 0x354c [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 22:48:42.0707 0x354c NDProxy - ok 22:48:42.0707 0x354c [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 22:48:42.0722 0x354c Ndu - ok 22:48:42.0722 0x354c [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 22:48:42.0738 0x354c NetBIOS - ok 22:48:42.0754 0x354c [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 22:48:42.0769 0x354c NetBT - ok 22:48:42.0769 0x354c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe 22:48:42.0785 0x354c Netlogon - ok 22:48:42.0785 0x354c [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll 22:48:42.0816 0x354c Netman - ok 22:48:42.0816 0x354c [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 22:48:42.0847 0x354c netprofm - ok 22:48:42.0863 0x354c [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:48:42.0879 0x354c NetTcpPortSharing - ok 22:48:42.0879 0x354c [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys 22:48:42.0894 0x354c netvsc - ok 22:48:42.0910 0x354c [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 22:48:42.0926 0x354c NlaSvc - ok 22:48:42.0926 0x354c [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 22:48:42.0941 0x354c Npfs - ok 22:48:42.0941 0x354c [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 22:48:42.0957 0x354c npsvctrig - ok 22:48:42.0957 0x354c [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll 22:48:42.0972 0x354c nsi - ok 22:48:42.0972 0x354c [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 22:48:42.0988 0x354c nsiproxy - ok 22:48:43.0035 0x354c [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 22:48:43.0097 0x354c Ntfs - ok 22:48:43.0113 0x354c [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 22:48:43.0113 0x354c Null - ok 22:48:43.0129 0x354c [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 22:48:43.0144 0x354c nvraid - ok 22:48:43.0144 0x354c [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 22:48:43.0160 0x354c nvstor - ok 22:48:43.0160 0x354c [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 22:48:43.0175 0x354c nv_agp - ok 22:48:43.0191 0x354c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 22:48:43.0191 0x354c ose - ok 22:48:43.0301 0x354c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 22:48:43.0410 0x354c osppsvc - ok 22:48:43.0441 0x354c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 22:48:43.0457 0x354c p2pimsvc - ok 22:48:43.0472 0x354c [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 22:48:43.0504 0x354c p2psvc - ok 22:48:43.0504 0x354c [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 22:48:43.0519 0x354c Parport - ok 22:48:43.0519 0x354c [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 22:48:43.0535 0x354c partmgr - ok 22:48:43.0535 0x354c [ 0D7DA812D815F395BAA113817EC9C094, 5C342BC15B4811B304FC9003553FE52CEA24C31C735B04FD6231AD0950C1DFAC ] passthruparser C:\WINDOWS\system32\drivers\passthruparser.sys 22:48:43.0551 0x354c passthruparser - ok 22:48:43.0566 0x354c [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 22:48:43.0597 0x354c PcaSvc - ok 22:48:43.0597 0x354c [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci C:\WINDOWS\system32\drivers\pci.sys 22:48:43.0629 0x354c pci - ok 22:48:43.0629 0x354c [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 22:48:43.0629 0x354c pciide - ok 22:48:43.0644 0x354c [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 22:48:43.0660 0x354c pcmcia - ok 22:48:43.0660 0x354c [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 22:48:43.0660 0x354c pcw - ok 22:48:43.0675 0x354c [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 22:48:43.0691 0x354c pdc - ok 22:48:43.0707 0x354c [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 22:48:43.0738 0x354c PEAUTH - ok 22:48:43.0785 0x354c [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 22:48:43.0847 0x354c PeerDistSvc - ok 22:48:43.0879 0x354c [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 22:48:43.0894 0x354c PerfHost - ok 22:48:43.0941 0x354c [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll 22:48:43.0988 0x354c pla - ok 22:48:43.0988 0x354c [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 22:48:44.0004 0x354c PlugPlay - ok 22:48:44.0004 0x354c [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 22:48:44.0019 0x354c PNRPAutoReg - ok 22:48:44.0035 0x354c [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 22:48:44.0051 0x354c PNRPsvc - ok 22:48:44.0051 0x354c [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64 C:\WINDOWS\System32\drivers\point64.sys 22:48:44.0066 0x354c Point64 - ok 22:48:44.0082 0x354c [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 22:48:44.0097 0x354c PolicyAgent - ok 22:48:44.0113 0x354c [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll 22:48:44.0129 0x354c Power - ok 22:48:44.0129 0x354c [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys 22:48:44.0144 0x354c PptpMiniport - ok 22:48:44.0207 0x354c [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 22:48:44.0300 0x354c PrintNotify - ok 22:48:44.0316 0x354c [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 22:48:44.0316 0x354c Processor - ok 22:48:44.0332 0x354c [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc C:\WINDOWS\system32\profsvc.dll 22:48:44.0347 0x354c ProfSvc - ok 22:48:44.0363 0x354c [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 22:48:44.0379 0x354c Psched - ok 22:48:44.0379 0x354c [ 523915C4E06522B7AF8B8B3FE3C3F6D0, F68BBD1542D5DE84AE5DED9296258248BDBBA6B97F61716D10B637D3A736A322 ] pvhdparser C:\WINDOWS\system32\drivers\pvhdparser.sys 22:48:44.0394 0x354c pvhdparser - ok 22:48:44.0410 0x354c [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll 22:48:44.0426 0x354c QWAVE - ok 22:48:44.0441 0x354c [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 22:48:44.0441 0x354c QWAVEdrv - ok 22:48:44.0457 0x354c [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:48:44.0472 0x354c RasAcd - ok 22:48:44.0472 0x354c [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys 22:48:44.0488 0x354c RasAgileVpn - ok 22:48:44.0504 0x354c [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll 22:48:44.0519 0x354c RasAuto - ok 22:48:44.0519 0x354c [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 22:48:44.0535 0x354c Rasl2tp - ok 22:48:44.0550 0x354c [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll 22:48:44.0582 0x354c RasMan - ok 22:48:44.0582 0x354c [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:48:44.0597 0x354c RasPppoe - ok 22:48:44.0597 0x354c [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys 22:48:44.0613 0x354c RasSstp - ok 22:48:44.0629 0x354c [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:48:44.0660 0x354c rdbss - ok 22:48:44.0660 0x354c [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 22:48:44.0676 0x354c rdpbus - ok 22:48:44.0676 0x354c [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 22:48:44.0691 0x354c RDPDR - ok 22:48:44.0707 0x354c [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 22:48:44.0707 0x354c RdpVideoMiniport - ok 22:48:44.0722 0x354c [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 22:48:44.0738 0x354c rdyboost - ok 22:48:44.0754 0x354c [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 22:48:44.0801 0x354c ReFS - ok 22:48:44.0801 0x354c [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 22:48:44.0832 0x354c RemoteAccess - ok 22:48:44.0832 0x354c [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 22:48:44.0847 0x354c RemoteRegistry - ok 22:48:44.0863 0x354c [ 0527EF6E23B9FAB37DDCBC479C6CFA28, C004CE600074AC434F8B24A3383F8C0ACFA5476D9E3B1493B40911C78B028D64 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 22:48:44.0879 0x354c RFCOMM - ok 22:48:44.0894 0x354c [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 22:48:44.0910 0x354c RpcEptMapper - ok 22:48:44.0910 0x354c [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe 22:48:44.0926 0x354c RpcLocator - ok 22:48:44.0941 0x354c [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll 22:48:44.0957 0x354c RpcSs - ok 22:48:44.0972 0x354c [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 22:48:44.0988 0x354c rspndr - ok 22:48:44.0988 0x354c [ 7563A39853287906095103FE5C963461, 9DA9DB903659CF2B5BDE844DF1B81463E5BA4D18E98504B6C39F64EDEEA0C437 ] RtkBtFilter C:\WINDOWS\system32\DRIVERS\RtkBtfilter.sys 22:48:45.0004 0x354c RtkBtFilter - ok 22:48:45.0019 0x354c [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 22:48:45.0035 0x354c RTL8168 - ok 22:48:45.0050 0x354c [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 22:48:45.0066 0x354c s3cap - ok 22:48:45.0066 0x354c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe 22:48:45.0082 0x354c SamSs - ok 22:48:45.0082 0x354c [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 22:48:45.0097 0x354c sbp2port - ok 22:48:45.0113 0x354c [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 22:48:45.0129 0x354c SCardSvr - ok 22:48:45.0129 0x354c [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 22:48:45.0144 0x354c ScDeviceEnum - ok 22:48:45.0144 0x354c [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 22:48:45.0160 0x354c scfilter - ok 22:48:45.0191 0x354c [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule C:\WINDOWS\system32\schedsvc.dll 22:48:45.0238 0x354c Schedule - ok 22:48:45.0238 0x354c [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 22:48:45.0254 0x354c SCPolicySvc - ok 22:48:45.0269 0x354c [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 22:48:45.0285 0x354c sdbus - ok 22:48:45.0300 0x354c [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 22:48:45.0300 0x354c sdstor - ok 22:48:45.0316 0x354c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 22:48:45.0316 0x354c secdrv - ok 22:48:45.0332 0x354c [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll 22:48:45.0332 0x354c seclogon - ok 22:48:45.0347 0x354c [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll 22:48:45.0363 0x354c SENS - ok 22:48:45.0379 0x354c [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 22:48:45.0394 0x354c SensrSvc - ok 22:48:45.0394 0x354c [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 22:48:45.0410 0x354c SerCx - ok 22:48:45.0410 0x354c [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 22:48:45.0426 0x354c SerCx2 - ok 22:48:45.0426 0x354c [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 22:48:45.0441 0x354c Serenum - ok 22:48:45.0441 0x354c [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 22:48:45.0457 0x354c Serial - ok 22:48:45.0457 0x354c [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 22:48:45.0472 0x354c sermouse - ok 22:48:45.0488 0x354c [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 22:48:45.0504 0x354c SessionEnv - ok 22:48:45.0504 0x354c [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 22:48:45.0519 0x354c sfloppy - ok 22:48:45.0535 0x354c [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 22:48:45.0551 0x354c SharedAccess - ok 22:48:45.0582 0x354c [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 22:48:45.0613 0x354c ShellHWDetection - ok 22:48:45.0613 0x354c [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 22:48:45.0629 0x354c SiSRaid2 - ok 22:48:45.0629 0x354c [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 22:48:45.0644 0x354c SiSRaid4 - ok 22:48:45.0644 0x354c [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll 22:48:45.0660 0x354c smphost - ok 22:48:45.0660 0x354c [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 22:48:45.0675 0x354c SNMPTRAP - ok 22:48:45.0691 0x354c [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 22:48:45.0722 0x354c spaceport - ok 22:48:45.0722 0x354c [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 22:48:45.0738 0x354c SpbCx - ok 22:48:45.0754 0x354c [ 0FFE35F0B0CD5A324BBE22F02569AE3B, F4EE803EEFDB4EAEEDB3024C3516F1F9A202C77F4870D6B74356BBDE32B3B560 ] speedfan C:\Windows\SysWOW64\speedfan.sys 22:48:45.0769 0x354c speedfan - ok 22:48:45.0785 0x354c [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler C:\WINDOWS\System32\spoolsv.exe 22:48:45.0816 0x354c Spooler - ok 22:48:45.0941 0x354c [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 22:48:46.0144 0x354c sppsvc - ok 22:48:46.0160 0x354c [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 22:48:46.0191 0x354c srv - ok 22:48:46.0207 0x354c [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 22:48:46.0238 0x354c srv2 - ok 22:48:46.0238 0x354c [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 22:48:46.0254 0x354c srvnet - ok 22:48:46.0269 0x354c [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 22:48:46.0285 0x354c SSDPSRV - ok 22:48:46.0301 0x354c [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 22:48:46.0316 0x354c SstpSvc - ok 22:48:46.0316 0x354c [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 22:48:46.0332 0x354c stexstor - ok 22:48:46.0332 0x354c [ 2A997C64F9B2584D81FA6749FE36A887, D26F5BC591ED46B96B2ACFDF555C2BF42F4915A22B12E4139ACEF7DE7AC303A7 ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys 22:48:46.0347 0x354c StillCam - ok 22:48:46.0363 0x354c [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll 22:48:46.0394 0x354c stisvc - ok 22:48:46.0394 0x354c [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 22:48:46.0410 0x354c storahci - ok 22:48:46.0410 0x354c [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys 22:48:46.0426 0x354c storflt - ok 22:48:46.0426 0x354c [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 22:48:46.0441 0x354c stornvme - ok 22:48:46.0441 0x354c [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll 22:48:46.0457 0x354c StorSvc - ok 22:48:46.0457 0x354c [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 22:48:46.0472 0x354c storvsc - ok 22:48:46.0472 0x354c [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys 22:48:46.0488 0x354c storvsp - ok 22:48:46.0488 0x354c [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll 22:48:46.0504 0x354c svsvc - ok 22:48:46.0519 0x354c [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 22:48:46.0519 0x354c swenum - ok 22:48:46.0535 0x354c [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll 22:48:46.0566 0x354c swprv - ok 22:48:46.0597 0x354c [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll 22:48:46.0644 0x354c SysMain - ok 22:48:46.0660 0x354c [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 22:48:46.0675 0x354c SystemEventsBroker - ok 22:48:46.0675 0x354c [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 22:48:46.0691 0x354c TabletInputService - ok 22:48:46.0707 0x354c [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 22:48:46.0722 0x354c TapiSrv - ok 22:48:46.0785 0x354c [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 22:48:46.0863 0x354c Tcpip - ok 22:48:46.0910 0x354c [ 25AC0B50A71938890970E1508F107196, 6FAFBA2DFFFF9916CC304AE7E6AD0F6CE1D6F4AAE6B2C113202D78310EFEBC58 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 22:48:46.0988 0x354c TCPIP6 - ok 22:48:47.0004 0x354c [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 22:48:47.0019 0x354c tcpipreg - ok 22:48:47.0035 0x354c [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 22:48:47.0035 0x354c tdx - ok 22:48:47.0050 0x354c [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 22:48:47.0050 0x354c terminpt - ok 22:48:47.0082 0x354c [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll 22:48:47.0113 0x354c TermService - ok 22:48:47.0129 0x354c [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll 22:48:47.0144 0x354c Themes - ok 22:48:47.0144 0x354c [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 22:48:47.0160 0x354c THREADORDER - ok 22:48:47.0176 0x354c [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 22:48:47.0191 0x354c TimeBroker - ok 22:48:47.0207 0x354c [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys 22:48:47.0207 0x354c TPM - ok 22:48:47.0222 0x354c [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll 22:48:47.0238 0x354c TrkWks - ok 22:48:47.0238 0x354c [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 22:48:47.0254 0x354c TrustedInstaller - ok 22:48:47.0269 0x354c [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 22:48:47.0269 0x354c TsUsbFlt - ok 22:48:47.0285 0x354c [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 22:48:47.0285 0x354c TsUsbGD - ok 22:48:47.0300 0x354c [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 22:48:47.0316 0x354c tunnel - ok 22:48:47.0316 0x354c [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 22:48:47.0332 0x354c uagp35 - ok 22:48:47.0332 0x354c [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 22:48:47.0347 0x354c UASPStor - ok 22:48:47.0347 0x354c [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 22:48:47.0363 0x354c UCX01000 - ok 22:48:47.0379 0x354c [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 22:48:47.0394 0x354c udfs - ok 22:48:47.0410 0x354c [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 22:48:47.0410 0x354c UEFI - ok 22:48:47.0425 0x354c [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 22:48:47.0441 0x354c UI0Detect - ok 22:48:47.0441 0x354c [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 22:48:47.0457 0x354c uliagpkx - ok 22:48:47.0457 0x354c [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 22:48:47.0472 0x354c umbus - ok 22:48:47.0472 0x354c [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 22:48:47.0488 0x354c UmPass - ok 22:48:47.0488 0x354c [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 22:48:47.0504 0x354c UmRdpService - ok 22:48:47.0519 0x354c [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll 22:48:47.0551 0x354c upnphost - ok 22:48:47.0551 0x354c [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 22:48:47.0566 0x354c usbccgp - ok 22:48:47.0582 0x354c [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 22:48:47.0582 0x354c usbcir - ok 22:48:47.0597 0x354c [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 22:48:47.0597 0x354c usbehci - ok 22:48:47.0613 0x354c [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys 22:48:47.0613 0x354c usbfilter - ok 22:48:47.0629 0x354c [ 93435654DCA210298BA0F986EB51C679, 926313A0499100EA5C49C5EC44BB8FE5F8F2A7F57F3EA56D59DA694F8396A409 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 22:48:47.0660 0x354c usbhub - ok 22:48:47.0676 0x354c [ 83C9C45D59C72FEFDAE9A5686BE31FEA, 12FC2C3C3C5CD5F2EFBAA11A1AD06FDD7DDB6EECF6F2684BBAAF88198D976316 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 22:48:47.0691 0x354c USBHUB3 - ok 22:48:47.0707 0x354c [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 22:48:47.0722 0x354c usbohci - ok 22:48:47.0722 0x354c [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 22:48:47.0738 0x354c usbprint - ok 22:48:47.0738 0x354c [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 22:48:47.0754 0x354c USBSTOR - ok 22:48:47.0754 0x354c [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 22:48:47.0785 0x354c usbuhci - ok 22:48:47.0801 0x354c [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 22:48:47.0816 0x354c USBXHCI - ok 22:48:47.0816 0x354c [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe 22:48:47.0832 0x354c VaultSvc - ok 22:48:47.0832 0x354c [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 22:48:47.0847 0x354c vdrvroot - ok 22:48:47.0863 0x354c [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe 22:48:47.0910 0x354c vds - ok 22:48:47.0926 0x354c [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 22:48:47.0941 0x354c VerifierExt - ok 22:48:47.0957 0x354c [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 22:48:47.0988 0x354c vhdmp - ok 22:48:47.0988 0x354c [ 49EF44CB3331381547FD94C36B84FCB5, D93920C63D769F1DC117B11221AE8CAF2782B17CAC6B520E34E2803869FA689B ] vhdparser C:\WINDOWS\system32\drivers\vhdparser.sys 22:48:48.0004 0x354c vhdparser - ok 22:48:48.0019 0x354c [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 22:48:48.0019 0x354c viaide - ok 22:48:48.0035 0x354c [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys 22:48:48.0050 0x354c Vid - ok 22:48:48.0050 0x354c [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 22:48:48.0066 0x354c vmbus - ok 22:48:48.0066 0x354c [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 22:48:48.0082 0x354c VMBusHID - ok 22:48:48.0082 0x354c [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys 22:48:48.0097 0x354c vmbusr - ok 22:48:48.0113 0x354c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 22:48:48.0129 0x354c vmicguestinterface - ok 22:48:48.0144 0x354c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 22:48:48.0160 0x354c vmicheartbeat - ok 22:48:48.0175 0x354c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 22:48:48.0191 0x354c vmickvpexchange - ok 22:48:48.0207 0x354c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 22:48:48.0222 0x354c vmicrdv - ok 22:48:48.0238 0x354c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 22:48:48.0269 0x354c vmicshutdown - ok 22:48:48.0269 0x354c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 22:48:48.0301 0x354c vmictimesync - ok 22:48:48.0301 0x354c [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 22:48:48.0332 0x354c vmicvss - ok 22:48:48.0597 0x354c [ 48FAE3F7C16F2A61A5686609E4A1A36E, 29485D245E30293266CB9B7EA20B25C4A935EA722F0932797F0D614BFF0537D8 ] vmms C:\WINDOWS\system32\vmms.exe 22:48:48.0910 0x354c vmms - ok 22:48:48.0957 0x354c [ 891A00F639288019FA3AAEEFEA837EE8, 65178FE4F19FDF11AA2E537A46EE98229A264831A4C0648A94C98F8A2EBD4FEE ] VMSMP C:\WINDOWS\system32\DRIVERS\vmswitch.sys 22:48:48.0988 0x354c VMSMP - ok 22:48:49.0004 0x354c [ 891A00F639288019FA3AAEEFEA837EE8, 65178FE4F19FDF11AA2E537A46EE98229A264831A4C0648A94C98F8A2EBD4FEE ] VMSP C:\WINDOWS\system32\DRIVERS\vmswitch.sys 22:48:49.0019 0x354c VMSP - ok 22:48:49.0035 0x354c [ 891A00F639288019FA3AAEEFEA837EE8, 65178FE4F19FDF11AA2E537A46EE98229A264831A4C0648A94C98F8A2EBD4FEE ] VMSVSF C:\WINDOWS\system32\DRIVERS\vmswitch.sys 22:48:49.0066 0x354c VMSVSF - ok 22:48:49.0082 0x354c [ 891A00F639288019FA3AAEEFEA837EE8, 65178FE4F19FDF11AA2E537A46EE98229A264831A4C0648A94C98F8A2EBD4FEE ] VMSVSP C:\WINDOWS\system32\DRIVERS\vmswitch.sys 22:48:49.0113 0x354c VMSVSP - ok 22:48:49.0113 0x354c [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 22:48:49.0129 0x354c volmgr - ok 22:48:49.0129 0x354c [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 22:48:49.0160 0x354c volmgrx - ok 22:48:49.0160 0x354c [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 22:48:49.0191 0x354c volsnap - ok 22:48:49.0191 0x354c [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 22:48:49.0207 0x354c vpci - ok 22:48:49.0207 0x354c [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys 22:48:49.0222 0x354c vpcivsp - ok 22:48:49.0222 0x354c [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 22:48:49.0238 0x354c vsmraid - ok 22:48:49.0269 0x354c [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe 22:48:49.0316 0x354c VSS - ok 22:48:49.0332 0x354c [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 22:48:49.0347 0x354c VSTXRAID - ok 22:48:49.0347 0x354c [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 22:48:49.0363 0x354c vwifibus - ok 22:48:49.0379 0x354c [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll 22:48:49.0394 0x354c W32Time - ok 22:48:49.0394 0x354c [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 22:48:49.0410 0x354c WacomPen - ok 22:48:49.0410 0x354c [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] WANARP C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:48:49.0426 0x354c WANARP - ok 22:48:49.0426 0x354c [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys 22:48:49.0441 0x354c Wanarpv6 - ok 22:48:49.0472 0x354c [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe 22:48:49.0535 0x354c wbengine - ok 22:48:49.0551 0x354c [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 22:48:49.0566 0x354c WbioSrvc - ok 22:48:49.0582 0x354c [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 22:48:49.0597 0x354c Wcmsvc - ok 22:48:49.0613 0x354c [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 22:48:49.0660 0x354c wcncsvc - ok 22:48:49.0691 0x354c [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 22:48:49.0707 0x354c WcsPlugInService - ok 22:48:49.0707 0x354c [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 22:48:49.0722 0x354c WdBoot - ok 22:48:49.0738 0x354c [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 22:48:49.0769 0x354c Wdf01000 - ok 22:48:49.0785 0x354c [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 22:48:49.0801 0x354c WdFilter - ok 22:48:49.0801 0x354c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 22:48:49.0816 0x354c WdiServiceHost - ok 22:48:49.0832 0x354c [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 22:48:49.0847 0x354c WdiSystemHost - ok 22:48:49.0847 0x354c [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 22:48:49.0863 0x354c WdNisDrv - ok 22:48:49.0863 0x354c WdNisSvc - ok 22:48:49.0879 0x354c [ D261A12A43D33122CB90E70D3BC1CC68, 1B5237909CDD5DC4982599E94C2AAC37FEA6B1C282249DEB13E84A826C6E4B01 ] WebClient C:\WINDOWS\System32\webclnt.dll 22:48:49.0894 0x354c WebClient - ok 22:48:49.0910 0x354c [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 22:48:49.0925 0x354c Wecsvc - ok 22:48:49.0925 0x354c [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 22:48:49.0941 0x354c WEPHOSTSVC - ok 22:48:49.0941 0x354c [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 22:48:49.0957 0x354c wercplsupport - ok 22:48:49.0972 0x354c [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 22:48:49.0988 0x354c WerSvc - ok 22:48:49.0988 0x354c [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 22:48:50.0004 0x354c WFPLWFS - ok 22:48:50.0004 0x354c [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 22:48:50.0019 0x354c WiaRpc - ok 22:48:50.0019 0x354c [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 22:48:50.0035 0x354c WIMMount - ok 22:48:50.0035 0x354c WinDefend - ok 22:48:50.0066 0x354c [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 22:48:50.0082 0x354c WinHttpAutoProxySvc - ok 22:48:50.0097 0x354c [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 22:48:50.0113 0x354c Winmgmt - ok 22:48:50.0175 0x354c [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll 22:48:50.0238 0x354c WinRM - ok 22:48:50.0254 0x354c [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys 22:48:50.0269 0x354c WinUsb - ok 22:48:50.0316 0x354c [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 22:48:50.0347 0x354c WlanSvc - ok 22:48:50.0394 0x354c [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 22:48:50.0441 0x354c wlidsvc - ok 22:48:50.0441 0x354c [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 22:48:50.0457 0x354c WmiAcpi - ok 22:48:50.0472 0x354c [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 22:48:50.0488 0x354c wmiApSrv - ok 22:48:50.0488 0x354c WMPNetworkSvc - ok 22:48:50.0488 0x354c [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 22:48:50.0504 0x354c Wof - ok 22:48:50.0551 0x354c [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 22:48:50.0597 0x354c workfolderssvc - ok 22:48:50.0597 0x354c [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 22:48:50.0613 0x354c wpcfltr - ok 22:48:50.0613 0x354c [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 22:48:50.0629 0x354c WPCSvc - ok 22:48:50.0644 0x354c [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 22:48:50.0644 0x354c WPDBusEnum - ok 22:48:50.0660 0x354c [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 22:48:50.0660 0x354c WpdUpFltr - ok 22:48:50.0676 0x354c [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 22:48:50.0676 0x354c ws2ifsl - ok 22:48:50.0691 0x354c [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll 22:48:50.0707 0x354c wscsvc - ok 22:48:50.0707 0x354c [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 22:48:50.0722 0x354c WSDPrintDevice - ok 22:48:50.0722 0x354c [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\WINDOWS\System32\drivers\WSDScan.sys 22:48:50.0738 0x354c WSDScan - ok 22:48:50.0738 0x354c WSearch - ok 22:48:50.0816 0x354c [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll 22:48:50.0910 0x354c WSService - ok 22:48:51.0004 0x354c [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv C:\WINDOWS\system32\wuaueng.dll 22:48:51.0097 0x354c wuauserv - ok 22:48:51.0097 0x354c [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 22:48:51.0129 0x354c WudfPf - ok 22:48:51.0129 0x354c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 22:48:51.0160 0x354c WUDFRd - ok 22:48:51.0160 0x354c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFSensorLP C:\WINDOWS\System32\drivers\WUDFRd.sys 22:48:51.0176 0x354c WUDFSensorLP - ok 22:48:51.0191 0x354c [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 22:48:51.0191 0x354c wudfsvc - ok 22:48:51.0207 0x354c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 22:48:51.0222 0x354c WUDFWpdFs - ok 22:48:51.0222 0x354c [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 22:48:51.0238 0x354c WUDFWpdMtp - ok 22:48:51.0254 0x354c [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 22:48:51.0285 0x354c WwanSvc - ok 22:48:51.0301 0x354c ================ Scan global =============================== 22:48:51.0301 0x354c [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll 22:48:51.0316 0x354c [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll 22:48:51.0316 0x354c [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll 22:48:51.0332 0x354c [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe 22:48:51.0347 0x354c [ Global ] - ok 22:48:51.0347 0x354c ================ Scan MBR ================================== 22:48:51.0347 0x354c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 22:48:52.0254 0x354c \Device\Harddisk0\DR0 - ok 22:48:52.0254 0x354c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 22:48:52.0426 0x354c \Device\Harddisk1\DR1 - ok 22:48:52.0426 0x354c ================ Scan VBR ================================== 22:48:52.0426 0x354c [ 880FEB57064C31BE5AF279C0831B8446 ] \Device\Harddisk0\DR0\Partition1 22:48:52.0441 0x354c \Device\Harddisk0\DR0\Partition1 - ok 22:48:52.0441 0x354c [ E94C4BE0912B2A500C81C538210B87C7 ] \Device\Harddisk0\DR0\Partition2 22:48:52.0472 0x354c \Device\Harddisk0\DR0\Partition2 - ok 22:48:52.0472 0x354c [ E24ADC43591C8046791FF02097A9FC81 ] \Device\Harddisk0\DR0\Partition3 22:48:52.0504 0x354c \Device\Harddisk0\DR0\Partition3 - ok 22:48:52.0504 0x354c [ E831E864B4595A3C385ACD2A8CADCF18 ] \Device\Harddisk1\DR1\Partition1 22:48:52.0504 0x354c \Device\Harddisk1\DR1\Partition1 - ok 22:48:52.0519 0x354c [ DD18F95F6070B7E4A27D93AD4EE94F97 ] \Device\Harddisk1\DR1\Partition2 22:48:52.0519 0x354c \Device\Harddisk1\DR1\Partition2 - ok 22:48:52.0519 0x354c ================ Scan generic autorun ====================== 22:48:52.0535 0x354c [ 3E27C683EFB0CA64190D9FA9AD4C6CD2, C5841378E22CEE607BBBD06F8024D0BB6EE05768B78DA0C0B0E2EA887E500F5A ] C:\Program Files (x86)\PDF24\pdf24.exe 22:48:52.0613 0x354c PDFPrint - ok 22:48:52.0660 0x354c [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe 22:48:52.0691 0x354c Adobe ARM - ok 22:48:52.0691 0x354c SMB50StarMoneyRunEntry - ok 22:48:52.0691 0x354c [ 2D0DCEE9E12C986D1ABDFD4ED456F542, 0F59D776C8D1148A845B56EB8B3C4D40CAB82CF3767F07C9444EAF7044B16A2E ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe 22:48:52.0738 0x354c ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 ) 22:48:55.0097 0x354c Detect skipped due to KSN trusted 22:48:55.0097 0x354c ControlCenter4 - ok 22:48:55.0269 0x354c [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe 22:48:55.0676 0x354c BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 ) 22:48:58.0004 0x354c Detect skipped due to KSN trusted 22:48:58.0004 0x354c BrStsMon00 - ok 22:48:58.0004 0x354c SMB60StarMoneyRunEntry - ok 22:48:58.0066 0x354c [ 73F1B07CF82235B25BCC3E9A7522ACCB, 47221B8DFF5A44050AFB0AB5A249FEECE36BE2E000D6529E099128EEDFA647DA ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe 22:48:58.0129 0x354c StartCCC - ok 22:48:58.0144 0x354c [ 308F2EE28005510DE616409148CF077B, A2126CB185B0053086BDD6F0A16A503F6CA629AC677E4B7AE6D43C770061D087 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 22:48:58.0176 0x354c SunJavaUpdateSched - ok 22:48:58.0207 0x354c [ C948AC73822CA662CF44185B909EA18B, 75895AA3AAED47D50D178CF064F939ED1EB345E9ADD12527F9F5737395A9AFB4 ] C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE 22:48:58.0238 0x354c OfficeSyncProcess - ok 22:48:58.0238 0x354c Waiting for KSN requests completion. In queue: 3 22:48:59.0254 0x354c Waiting for KSN requests completion. In queue: 3 22:49:00.0269 0x354c Waiting for KSN requests completion. In queue: 3 22:49:01.0316 0x354c AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x61100 ( enabled : updated ) 22:49:01.0332 0x354c Win FW state via NFP2: enabled 22:49:03.0738 0x354c ============================================================ 22:49:03.0738 0x354c Scan finished 22:49:03.0738 0x354c ============================================================ 22:49:03.0754 0x0e60 Detected object count: 0 22:49:03.0754 0x0e60 Actual detected object count: 0 Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1012 www.malwarebytes.org Database version: v2014.08.25.05 Windows 8.1 x64 NTFS Internet Explorer 11.0.9600.17239 Kai :: H2O-SEVEN-ONES1 [administrator] 25.08.2014 22:55:02 mbar-log-2014-08-25 (22-55-02).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 324874 Time elapsed: 6 minute(s), 28 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) Danke bis hierhin, Ceborat Geändert von ceborat (25.08.2014 um 23:04 Uhr) |
26.08.2014, 18:55 | #6 |
/// the machine /// TB-Ausbilder | Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen Als würde deine Zwischenablage spinnen. Klemm mal alles an Maus und Keyboard ab und nutze die Bildschirmtastatur.
__________________ --> Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen |
27.08.2014, 11:11 | #7 |
| Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen hi, wenn ich die Maus und Tastatur abklemme, dann kann ich mit der Bildschirmtastatur auch nix mehr anfangen. Ich habe eine Filco Tastatur und eine MS SideWinder X8 Maus am PC. Die Filco läuft ja ohne zusätzliche Software, so dass die MS eigene Maussoftware bleibt oder sehe ich das falsch? |
28.08.2014, 07:19 | #8 | |
/// the machine /// TB-Ausbilder | Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 ZeichenZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows schreibt regelmäßig selbstständig einen alten Text mit rund 200 Zeichen |
alten, anzeige, anzeigen, automatisches schreiben, bild, branding, browser, computer_bild-download-manager, cpu-z, cursor, datei, desktop, ebay, fatal error, fehler, fertig, hallo zusammen, icreinstall, launch, natürlich, nervig, phänomen, plötzlich, programm, sache, tastatur, welchem, windows, windowsapps, woche, wochen, würde, zusammen |