| |
| |||||||
Log-Analyse und Auswertung: Internet sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.10.2014, 10:25
| #1 |
 |  Internet sehr langsam Hallo, mein Internet ist manchmal ziemlcih langsam. Es werden nichtmal die Youtube Videos geladen. Ich habe eine 16k Leitung. Hoffe ihr könnt mir helfen Danke shconmal im vorraus. Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2014
Ran by Katharina (administrator) on HEIM on 25-10-2014 09:48:32
Running from C:\Users\Katharina\Desktop
Loaded Profile: Katharina (Available profiles: Katharina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(BitTorrent Inc.) C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2012-11-10] (Realtek Semiconductor)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [uTorrent] => C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe [1045072 2014-10-16] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS
SearchScopes: HKLM-x32 - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn [2014-10-16]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn [2014-10-24]
Chrome:
=======
CHR HomePage: Default -> file:///C:/Users/Nina/Desktop/Meine%20Seite/Meine%20Seite%203.4/Alex%20ich%20liebe%20Dich.html
CHR StartupUrls: Default -> "file:///C:/Users/Katharina/Desktop/mama/Katharina/Desktop/Meine%20Seite%203.4/ti%20durak,%20alex.html"
CHR Profile: C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-16]
CHR Extension: (Google Docs) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-16]
CHR Extension: (Norton Security Toolbar) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-10-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-16]
CHR Extension: (YouTube) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-16]
CHR Extension: (Adblock Plus) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-16]
CHR Extension: (Google-Suche) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-16]
CHR Extension: (Google Tabellen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-16]
CHR Extension: (Uhr) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-10-16]
CHR Extension: (Avast Online Security) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-16]
CHR Extension: (IP-Adresse) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-16]
CHR Extension: (Google Mail) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-10-18]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-23] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20141016.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-10-16] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-10-16] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20141022.002\IDSvia64.sys [633560 2014-10-15] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141022.003\ENG64.SYS [129752 2014-10-16] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20141022.003\EX64.SYS [2137304 2014-10-16] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys [23448 2012-06-20] (Symantec Corporation)
R3 SymEvent; C:\windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2014-10-17] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-25 09:48 - 2014-10-25 09:49 - 00015052 _____ () C:\Users\Katharina\Desktop\FRST.txt
2014-10-25 09:48 - 2014-10-25 09:48 - 00000000 ____D () C:\FRST
2014-10-25 09:47 - 2014-10-25 09:48 - 00000000 ____D () C:\Users\Katharina\Desktop\erste hilfe 2
2014-10-25 09:47 - 2014-10-24 22:17 - 02112000 _____ (Farbar) C:\Users\Katharina\Desktop\FRST64.exe
2014-10-24 21:06 - 2014-10-24 21:06 - 00011633 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264153.torrent
2014-10-24 20:57 - 2014-10-24 20:57 - 00015409 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264305.torrent
2014-10-24 20:55 - 2014-10-24 20:55 - 00014485 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id553857.torrent
2014-10-24 19:03 - 2014-10-24 19:04 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-10-24 19:02 - 2014-10-24 19:02 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-23 11:19 - 2014-10-23 11:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-23 10:49 - 2014-10-25 08:25 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-23 10:49 - 2014-10-23 10:49 - 00000000 __SHD () C:\Recovery
2014-10-23 10:48 - 2014-10-23 10:48 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00000000 ____D () C:\Windows.old
2014-10-23 10:47 - 2014-10-23 10:47 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-23 10:47 - 2014-10-23 10:47 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-23 10:47 - 2014-10-23 10:47 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-23 10:46 - 2014-10-23 10:46 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-23 10:44 - 2014-10-23 10:44 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\inetpub
2014-10-23 10:40 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:48 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-23 10:40 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-23 10:29 - 2014-10-23 10:29 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-10-23 10:23 - 2014-10-23 10:23 - 00001452 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-23 10:23 - 2014-10-23 10:23 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-10-23 10:17 - 2014-10-25 09:48 - 02049222 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-10-23 10:16 - 2014-10-23 10:16 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-23 10:07 - 2014-10-23 10:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-10-23 10:02 - 2014-10-23 10:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-23 10:01 - 2014-10-23 10:23 - 00000000 ____D () C:\Users\Katharina
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-10-23 09:55 - 2014-10-23 10:02 - 00012096 _____ () C:\WINDOWS\iis.log
2014-10-23 09:55 - 2014-10-23 09:55 - 01914374 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-10-23 09:52 - 2014-10-23 09:52 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\Realtek
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-10-23 08:54 - 2014-10-23 10:16 - 00006678 _____ () C:\WINDOWS\comsetup.log
2014-10-18 16:01 - 2014-06-24 09:35 - 00010450 _____ () C:\WINDOWS\system32\autoconfig.cab
2014-10-18 15:12 - 2014-10-18 15:12 - 00000000 ____D () C:\sources
2014-10-17 13:05 - 2014-10-17 13:05 - 00021532 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1159792.torrent
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56277235.txt
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56271198.txt
2014-10-17 12:55 - 2014-10-17 12:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56190140.txt
2014-10-17 12:52 - 2014-10-17 12:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56010832.txt
2014-10-17 01:11 - 2014-10-17 01:11 - 00000000 ____D () C:\ProgramData\Recovery
2014-10-16 21:14 - 2014-10-16 21:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 21:13 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 20:38 - 2014-10-16 20:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-50575.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-49951.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-48937.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-59732.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000136 _____ () C:\WINDOWS\system32\netcfg-53586.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000134 _____ () C:\WINDOWS\system32\netcfg-51698.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000128 _____ () C:\WINDOWS\system32\netcfg-60434.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-69841.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-69264.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-68016.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-76487.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-666093.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-665781.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-516300.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-513633.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-487783.txt
2014-10-16 19:44 - 2014-10-16 19:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-485053.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-363217.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-360112.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-358365.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-357367.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-352421.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-79420.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-78764.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-77563.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-89029.txt
2014-10-16 19:26 - 2014-10-16 19:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6208574.txt
2014-10-16 19:16 - 2014-10-16 19:16 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-10-16 19:09 - 2014-10-24 21:28 - 00000000 ____D () C:\Users\Katharina\Desktop\Kinozal
2014-10-16 18:20 - 2014-10-10 06:47 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-16 17:54 - 2014-10-16 17:54 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Hewlett-Packard
2014-10-16 17:45 - 2014-10-16 17:57 - 00000000 ____D () C:\Users\Katharina\Downloads\Top 25 Country Songs of Faith (2014) MP3
2014-10-16 17:30 - 2014-10-16 17:30 - 00020545 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1263336.torrent
2014-10-16 17:27 - 2014-10-16 17:27 - 00000905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-10-16 17:27 - 2014-10-16 17:27 - 00000881 _____ () C:\Users\Public\Desktop\µTorrent.lnk
2014-10-16 17:26 - 2014-10-25 09:48 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\uTorrent
2014-10-16 17:24 - 2014-10-24 20:55 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\tor
2014-10-16 17:16 - 2014-10-23 10:09 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-10-16 17:16 - 2014-10-16 17:16 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-10-16 17:15 - 2014-10-16 17:15 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-10-16 17:12 - 2014-10-16 17:12 - 00000000 ____D () C:\Users\Katharina\Desktop\OpenOffice 4.1.1 (de) Installation Files
2014-10-16 17:09 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2014-10-16 17:09 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-10-16 17:08 - 2014-10-16 17:08 - 164858324 _____ () C:\Users\Katharina\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-10-16 17:03 - 2014-10-25 09:46 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Skype
2014-10-16 17:03 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 17:02 - 2014-10-16 17:02 - 01677920 _____ (Skype Technologies S.A.) C:\Users\Katharina\Downloads\SkypeSetup.exe
2014-10-16 16:24 - 2014-10-16 16:24 - 00000088 _____ () C:\WINDOWS\system32\netcfg-3215726.txt
2014-10-16 16:23 - 2014-10-16 16:23 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3206241.txt
2014-10-16 16:15 - 2014-10-23 10:14 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-16 16:15 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 16:14 - 2014-10-25 09:19 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 16:14 - 2014-10-25 08:23 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Google
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-16 16:14 - 2014-10-16 16:14 - 00004098 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-16 16:14 - 2014-10-16 16:14 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 16:13 - 2014-10-16 16:13 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Apps\2.0
2014-10-16 15:53 - 2014-10-16 15:53 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-10-16 15:50 - 2013-06-14 19:08 - 01045072 _____ (BitTorrent Inc.) C:\Users\Katharina\Desktop\utorrent.exe
2014-10-16 15:50 - 2011-02-25 00:05 - 02180096 _____ () C:\Users\Katharina\Desktop\tor.exe
2014-10-16 15:47 - 2014-10-24 07:19 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-702799559-3439042313-1217037743-1001
2014-10-16 15:46 - 2014-10-16 15:46 - 00000000 ____D () C:\Users\Katharina\Desktop\mama
2014-10-16 15:43 - 2014-10-16 15:43 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\ATI
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Local\ATI
2014-10-16 15:41 - 2014-10-16 15:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-16 15:40 - 2014-10-23 10:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-10-16 15:40 - 2013-04-13 07:27 - 00002227 _____ () C:\Users\Public\Desktop\Snapfish Fotos.lnk
2014-10-16 15:40 - 2013-04-13 07:27 - 00002195 _____ () C:\Users\Public\Desktop\eBay.lnk
2014-10-16 15:38 - 2014-10-17 13:52 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Hewlett-Packard
2014-10-16 15:38 - 2014-10-16 15:38 - 00000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-10-16 15:37 - 2014-10-23 10:28 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Power2Go8
2014-10-16 15:36 - 2014-10-23 09:31 - 01525485 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-16 15:36 - 2013-04-13 06:40 - 00000000 ___HD () C:\Users\Katharina\Documents\hp.system.package.metadata
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-326042.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-322906.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-316338.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283703.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283516.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-280271.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-279226.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275528.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275372.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-274468.txt
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-25 09:47 - 2013-08-22 16:46 - 00292174 _____ () C:\WINDOWS\setupact.log
2014-10-25 09:39 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-25 09:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-24 21:17 - 2014-09-24 08:17 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-24 21:17 - 2014-09-24 07:43 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-24 21:17 - 2014-09-24 07:43 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-24 19:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-24 19:02 - 2013-04-13 06:43 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-24 19:02 - 2013-04-13 06:40 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-10-23 11:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-23 10:48 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-23 10:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-10-23 10:41 - 2013-08-22 13:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-10-23 10:41 - 2013-08-22 13:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-10-23 10:41 - 2013-08-22 13:18 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 12:03 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-10-23 10:41 - 2013-08-22 05:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-10-23 10:41 - 2013-08-22 05:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-10-23 10:41 - 2013-08-22 05:51 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 04:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-10-23 10:23 - 2013-04-13 07:31 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-10-23 10:23 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-23 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-23 10:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-23 10:17 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-10-23 10:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-23 10:16 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-23 10:10 - 2013-08-22 16:44 - 00377408 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-23 10:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-23 10:09 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-23 10:09 - 2013-04-13 07:30 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-10-23 10:09 - 2013-04-13 07:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-10-23 10:09 - 2013-04-13 07:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-10-23 10:09 - 2013-04-13 06:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-23 10:07 - 2013-08-22 17:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-23 10:07 - 2013-04-13 06:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-23 10:07 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-23 10:06 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-23 10:06 - 2012-08-10 17:06 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-23 10:05 - 2013-04-13 06:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-10-23 10:05 - 2013-04-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-10-23 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-23 09:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-23 09:50 - 2014-09-23 23:06 - 00002482 _____ () C:\WINDOWS\PFRO.log
2014-10-23 08:49 - 2014-09-24 17:19 - 00000000 ___HD () C:\$Windows.~BT
2014-10-23 08:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-21 08:32 - 2013-04-13 07:31 - 00002503 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-10-21 08:32 - 2013-04-13 07:30 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-10-17 20:26 - 2013-04-13 07:31 - 00177312 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-10-17 20:26 - 2013-04-13 07:31 - 00007631 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-10-16 15:40 - 2013-04-13 07:27 - 00000000 ___RD () C:\Program Files\Online Services
2014-10-16 15:40 - 2013-04-13 06:55 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-10-16 15:40 - 2012-12-03 19:57 - 00000000 _RSHD () C:\hp
2014-10-16 15:40 - 2012-10-12 05:24 - 00000000 ____D () C:\SWSETUP
2014-10-16 15:40 - 2012-10-12 05:21 - 00000000 _RSHD () C:\SYSTEM.SAV
2014-10-16 15:37 - 2013-04-13 07:30 - 00000000 ____D () C:\ProgramData\Norton
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-23 09:50
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-10-2014
Ran by Katharina at 2014-10-25 09:51:33
Running from C:\Users\Katharina\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29677 - BitTorrent Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{069BB058-4ED8-D4FC-CA8D-9B44344E8338}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5630 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2.5630 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4605 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.7.4605 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5826 - CyberLink Corp.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-10-2014 09:18:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {025FA17A-3460-4390-928E-CA99E27F8462} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0F08F4B5-FE4C-40FE-8919-34DBFB68C5AE} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {1A79384A-5E3C-4D63-B40E-260059B0BEEB} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {302DB300-7136-4FC0-8182-C41205F89CDD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D0E6EEE-FE26-4CF2-9F34-4B013DE165FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D3CE21F-A31B-4A60-9CC6-8D69E7067F4D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {50F5C122-831C-4B7D-AEAD-F52A776322AC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {61FAF8BC-AD04-4419-B99B-4A057F43EAA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {6A419B1E-C0C9-4EFB-9D71-924C43739F65} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AE3D893-F562-4D35-867D-64E033EA04FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {6B049B28-BEB3-4D06-A582-838FFC44CFD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {6FE36B01-F6A4-4AE0-9E15-1F43A9C9CB68} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77BF4E9F-9F08-406E-845D-BD362148A6F6} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {80BFB5FE-82F5-4AC4-BF04-90D1EE7BAEBE} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B2D1A9F9-6572-41F2-85C6-90C141D67E01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C8E9F645-8C5E-44CC-ABB3-FFFAFEEEC078} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D420007B-EC18-4DC3-ABFA-54BB1BC6B844} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB30CB6B-8CBD-437D-8961-63EE0FDDB8A1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FE551AA5-05F0-4767-95CE-44B986671F13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-10-12 18:22 - 2012-10-12 18:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-10-18 16:30 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll
2013-04-13 07:05 - 2012-06-08 05:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-16 16:15 - 2014-10-10 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-702799559-3439042313-1217037743-500 - Administrator - Disabled)
Gast (S-1-5-21-702799559-3439042313-1217037743-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-702799559-3439042313-1217037743-1005 - Limited - Enabled)
Katharina (S-1-5-21-702799559-3439042313-1217037743-1001 - Administrator - Enabled) => C:\Users\Katharina
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/23/2014 11:18:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.16384, Zeitstempel: 0x52158c02
Name des fehlerhaften Moduls: MSI8295.tmp, Version: 2.0.0.9, Zeitstempel: 0x4d4b089c
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00019d88
ID des fehlerhaften Prozesses: 0x20
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5
Error: (10/23/2014 10:24:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MsiExec.exe, Version: 5.0.9600.16384, Zeitstempel: 0x52158c02
Name des fehlerhaften Moduls: MSI99F0.tmp, Version: 2.0.0.9, Zeitstempel: 0x4d4b089c
Ausnahmecode: 0xc000000d
Fehleroffset: 0x00019d88
ID des fehlerhaften Prozesses: 0x6c4
Startzeit der fehlerhaften Anwendung: 0xMsiExec.exe0
Pfad der fehlerhaften Anwendung: MsiExec.exe1
Pfad des fehlerhaften Moduls: MsiExec.exe2
Berichtskennung: MsiExec.exe3
Vollständiger Name des fehlerhaften Pakets: MsiExec.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MsiExec.exe5
Error: (10/23/2014 09:17:47 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8
Error: (10/23/2014 07:33:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm WWAHost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 588
Startzeit: 01cfee82df8d54b0
Endzeit: 4294967295
Anwendungspfad: C:\Windows\System32\WWAHost.exe
Berichts-ID: 273ac140-5a76-11e4-be78-7054d29664eb
Vollständiger Name des fehlerhaften Pakets: winstore_1.0.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Windows.Store
Error: (10/23/2014 07:33:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Heim)
Description: Die App „winstore_cw5n1h2txyewy!Windows.Store“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Die Registrierungsinformationen der Leistungsindikatoren für WSearchIdxPi für die Instanz konnten wegen des folgenden Fehlers nicht abgerufen werden: Der Vorgang wurde erfolgreich beendet. 0x0.
Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Kontext: Anwendung, SystemIndex Katalog
Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut.
Error: (10/21/2014 08:53:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8
Error: (10/21/2014 07:17:20 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex (1900) Versuch, Datei "C:\Users\Katharina\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.
System errors:
=============
Error: (10/24/2014 07:20:59 AM) (Source: DCOM) (EventID: 10010) (User: Heim)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (10/24/2014 07:20:28 AM) (Source: DCOM) (EventID: 10010) (User: Heim)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (10/23/2014 10:17:17 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (10/23/2014 10:16:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/23/2014 10:16:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/23/2014 10:16:56 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/23/2014 10:16:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/23/2014 10:16:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/23/2014 10:16:54 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (10/23/2014 10:16:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Arbeitsstationsdienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Microsoft Office Sessions:
=========================
Error: (10/23/2014 11:18:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.9600.1638452158c02MSI8295.tmp2.0.0.94d4b089cc000000d00019d882001cfeea23ff59d3ac:\Windows\syswow64\MsiExec.exeC:\WINDOWS\Installer\MSI8295.tmp815b26b1-5a95-11e4-8251-7054d29664eb
Error: (10/23/2014 10:24:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: MsiExec.exe5.0.9600.1638452158c02MSI99F0.tmp2.0.0.94d4b089cc000000d00019d886c401cfee9ac067c332c:\Windows\syswow64\MsiExec.exeC:\WINDOWS\Installer\MSI99F0.tmp1344568d-5a8e-11e4-8251-7054d29664eb
Error: (10/23/2014 09:17:47 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8
Error: (10/23/2014 07:33:51 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: WWAHost.exe6.2.9200.1642058801cfee82df8d54b04294967295C:\Windows\System32\WWAHost.exe273ac140-5a76-11e4-be78-7054d29664ebwinstore_1.0.0.0_neutral_neutral_cw5n1h2txyewyWindows.Store
Error: (10/23/2014 07:33:44 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: Heim)
Description: winstore_cw5n1h2txyewy!Windows.Store
Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: WSearchIdxPiDer Vorgang wurde erfolgreich beendet. 0x0
Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Kontext: Anwendung, SystemIndex Katalog
Error: (10/21/2014 06:56:53 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description:
Error: (10/21/2014 08:53:59 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: .NETFrameworkC:\windows\system32\mscoree.dll8
Error: (10/21/2014 07:17:20 AM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostex1900C:\Users\Katharina\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
==================== Memory info ===========================
Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 36%
Total physical RAM: 5715.87 MB
Available physical RAM: 3622.08 MB
Total Pagefile: 6115.87 MB
Available Pagefile: 4292.41 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.02 GB) (Free:781.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.58 GB) (Free:1.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70FCAD0D)
Partition: GPT Partition Type.
==================== End Of Log ============================
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 25.10.2014 Suchlauf-Zeit: 09:59:27 Logdatei: mbam.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.10.25.01 Rootkit Datenbank: v2014.10.22.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Katharina Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 332272 Verstrichene Zeit: 20 Min, 59 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.001 - Bericht erstellt am 25/10/2014 um 09:59:57
# Aktualisiert 20/10/2014 von Xplode
# Datenbank : 2014-10-23.2
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Katharina - HEIM
# Gestartet von : C:\Users\Katharina\Desktop\erste hilfe 2\2 ADW cleaner\AdwCleaner_4.001.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gefunden : C:\Users\Public\Desktop\eBay.lnk
Ordner Gefunden : C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{06E58E5E-F8CB-4049-991E-A41C03BD419E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{100EB1FD-D03E-47FD-81F3-EE91287F9465}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{258C9770-1713-4021-8D7E-1F184A2BD754}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{31CF9EBE-5755-4A1D-AC25-2834D952D9B4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{43D9E6F0-1776-4897-AE14-ECEDECBAFEC0}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5A074B29-F830-49DE-A31B-5BB9D7F6B407}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{5AA2BA46-9913-4DC7-9620-69AB0FA17AE7}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{77FEF28E-EB96-44FF-B511-3185DEA48697}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{B580CF65-E151-49C3-B73F-70B13FCA8E86}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{C451C08A-EC37-45DF-AAAD-18B51AB5E837}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{DCC70A83-E184-40A3-906B-779AF5E941C4}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Google Chrome v38.0.2125.104
*************************
AdwCleaner[R0].txt - [6031 octets] - [25/10/2014 09:59:57]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6091 octets] ##########
|
|
25.10.2014, 10:51
| #2 |
| /// TB-Ausbilder   | Internet sehr langsam Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
25.10.2014, 11:05
| #3 |
| | Internet sehr langsamCode:
ATTFilter 12:02:51.0114 0x0c48 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:02:51.0115 0x0c48 UEFI system
12:03:06.0572 0x0c48 ============================================================
12:03:06.0572 0x0c48 Current date / time: 2014/10/25 12:03:06.0572
12:03:06.0572 0x0c48 SystemInfo:
12:03:06.0572 0x0c48
12:03:06.0572 0x0c48 OS Version: 6.3.9600 ServicePack: 0.0
12:03:06.0572 0x0c48 Product type: Workstation
12:03:06.0572 0x0c48 ComputerName: HEIM
12:03:06.0572 0x0c48 UserName: Katharina
12:03:06.0572 0x0c48 Windows directory: C:\WINDOWS
12:03:06.0572 0x0c48 System windows directory: C:\WINDOWS
12:03:06.0572 0x0c48 Running under WOW64
12:03:06.0572 0x0c48 Processor architecture: Intel x64
12:03:06.0572 0x0c48 Number of processors: 2
12:03:06.0572 0x0c48 Page size: 0x1000
12:03:06.0572 0x0c48 Boot type: Normal boot
12:03:06.0572 0x0c48 ============================================================
12:03:07.0166 0x0c48 KLMD registered as C:\WINDOWS\system32\drivers\74504461.sys
12:03:08.0385 0x0c48 System UUID: {FBADE9E7-129E-C87E-A2A7-8999EF5570F2}
12:03:09.0244 0x0c48 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:03:09.0275 0x0c48 ============================================================
12:03:09.0275 0x0c48 \Device\Harddisk0\DR0:
12:03:09.0275 0x0c48 GPT partitions:
12:03:09.0275 0x0c48 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {6A4C53B9-57D5-4B88-A622-A83C1127BD7F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1FF800
12:03:09.0275 0x0c48 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {5382BF64-B2DF-41D5-8EEB-1C66ACB2DE82}, Name: EFI system partition, StartLBA 0x200000, BlocksNum 0xB4000
12:03:09.0275 0x0c48 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {DEF5A80F-6412-4D82-AFAE-3EC2762D9326}, Name: Microsoft reserved partition, StartLBA 0x2B4000, BlocksNum 0x40000
12:03:09.0275 0x0c48 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C3780642-F72B-485F-A40D-AF714B188AA0}, Name: Basic data partition, StartLBA 0x2F4000, BlocksNum 0x72C08000
12:03:09.0275 0x0c48 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {7FA33E15-6B06-468B-A295-070BCDB7F27F}, Name: , StartLBA 0x72EFC000, BlocksNum 0xE1000
12:03:09.0275 0x0c48 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {7399D4EA-58FA-4E21-A41D-8C65E8F4AF32}, Name: Basic data partition, StartLBA 0x72FDD000, BlocksNum 0x1729800
12:03:09.0275 0x0c48 MBR partitions:
12:03:09.0275 0x0c48 ============================================================
12:03:09.0290 0x0c48 C: <-> \Device\Harddisk0\DR0\Partition4
12:03:09.0322 0x0c48 D: <-> \Device\Harddisk0\DR0\Partition6
12:03:09.0322 0x0c48 ============================================================
12:03:09.0322 0x0c48 Initialize success
12:03:09.0322 0x0c48 ============================================================
12:03:14.0953 0x1384 ============================================================
12:03:14.0953 0x1384 Scan started
12:03:14.0953 0x1384 Mode: Manual;
12:03:14.0953 0x1384 ============================================================
12:03:14.0953 0x1384 KSN ping started
12:03:17.0517 0x1384 KSN ping finished: true
12:03:20.0050 0x1384 ================ Scan system memory ========================
12:03:20.0051 0x1384 System memory - ok
12:03:20.0052 0x1384 ================ Scan services =============================
12:03:20.0351 0x1384 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
12:03:20.0351 0x1384 1394ohci - ok
12:03:20.0445 0x1384 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
12:03:20.0461 0x1384 3ware - ok
12:03:20.0523 0x1384 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
12:03:20.0554 0x1384 ACPI - ok
12:03:20.0570 0x1384 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
12:03:20.0570 0x1384 acpiex - ok
12:03:20.0586 0x1384 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
12:03:20.0601 0x1384 acpipagr - ok
12:03:20.0632 0x1384 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
12:03:20.0632 0x1384 AcpiPmi - ok
12:03:20.0664 0x1384 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
12:03:20.0664 0x1384 acpitime - ok
12:03:20.0742 0x1384 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
12:03:20.0773 0x1384 ADP80XX - ok
12:03:20.0882 0x1384 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
12:03:20.0898 0x1384 AeLookupSvc - ok
12:03:20.0976 0x1384 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
12:03:20.0976 0x1384 AERTFilters - ok
12:03:21.0023 0x1384 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
12:03:21.0054 0x1384 AFD - ok
12:03:21.0086 0x1384 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
12:03:21.0086 0x1384 agp440 - ok
12:03:21.0117 0x1384 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
12:03:21.0132 0x1384 ahcache - ok
12:03:21.0164 0x1384 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe
12:03:21.0164 0x1384 ALG - ok
12:03:21.0211 0x1384 [ 6CF81DD5083D7F94A7E76E50429A949C, 19240502A6406924F889D1AFA975B975A300776D8B2D0557181DF13649622E2B ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
12:03:21.0226 0x1384 AMD External Events Utility - ok
12:03:21.0257 0x1384 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
12:03:21.0273 0x1384 AmdK8 - ok
12:03:22.0313 0x1384 [ 71F8D8B977ACC5973FA042BF906E709F, 8106C5F5C8E40344CCCDB912845786DF287BDF068D7A6EF9D26B00FA1754C1BC ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
12:03:23.0261 0x1384 amdkmdag - ok
12:03:23.0414 0x1384 [ 4AA027F91A8093B1CDF453B5394F6715, E6D15E959637C102A34F73F66BFDC38436575A2FEFFC3976ACF399A472F126A5 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
12:03:23.0453 0x1384 amdkmdap - ok
12:03:23.0483 0x1384 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
12:03:23.0491 0x1384 AmdPPM - ok
12:03:23.0529 0x1384 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
12:03:23.0537 0x1384 amdsata - ok
12:03:23.0577 0x1384 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
12:03:23.0597 0x1384 amdsbs - ok
12:03:23.0632 0x1384 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
12:03:23.0637 0x1384 amdxata - ok
12:03:23.0692 0x1384 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\WINDOWS\system32\inetsrv\apphostsvc.dll
12:03:23.0699 0x1384 AppHostSvc - ok
12:03:23.0744 0x1384 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys
12:03:23.0754 0x1384 AppID - ok
12:03:23.0789 0x1384 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
12:03:23.0796 0x1384 AppIDSvc - ok
12:03:23.0836 0x1384 [ 7667B9D81EA8FD6540E6CF72F92161A6, 98F3D0E376F715EBE083FE112CAA640BCE0F13DCE0F244D059D7FA019EA3D24C ] Appinfo C:\WINDOWS\System32\appinfo.dll
12:03:23.0846 0x1384 Appinfo - ok
12:03:23.0906 0x1384 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
12:03:23.0940 0x1384 AppReadiness - ok
12:03:24.0044 0x1384 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
12:03:24.0118 0x1384 AppXSvc - ok
12:03:24.0180 0x1384 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
12:03:24.0195 0x1384 arcsas - ok
12:03:24.0303 0x1384 [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:03:24.0303 0x1384 aspnet_state - ok
12:03:24.0397 0x1384 [ 001CFE1AE7A6377D70F654305ED10458, 02319F42082DD01715521BB01C63D93A783890F5EEF4F97E34401D6BF2537075 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
12:03:24.0397 0x1384 aswHwid - ok
12:03:24.0428 0x1384 [ 92E0526D9148DED5E1EB31AFA18F354C, 6B53FDE043163A70C95E6E55F1B672C0A6532749C40880B2B8704729175A3D29 ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
12:03:24.0428 0x1384 aswMonFlt - ok
12:03:24.0459 0x1384 [ 6669541A3566F5B2F64A87ACC9B8821F, DD99968B1D78B55A6A19C8D494B7FB39ADF5175BD223B01E4C833AE10BBD019A ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
12:03:24.0475 0x1384 aswRdr - ok
12:03:24.0490 0x1384 [ 60FED5EA7F14315C319E7FFB3679CC24, 19774A9C0DB86ED99434A194C9138682982EEFEA43CE33AB38985445C72B4C03 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
12:03:24.0506 0x1384 aswRvrt - ok
12:03:24.0584 0x1384 [ 3CEC5CBD6611F35E53BC54E75B6C4612, 1FF4A1F83E5A7BC7C9751D6C024D4C59642152C93C1C1A5527B3B8B64CF906D6 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
12:03:24.0662 0x1384 aswSnx - ok
12:03:24.0725 0x1384 [ 6FC940A01C53BC874F531349E991F2BC, C7D84127217D556D7722B0EBC38057C8DFA173265A6E1DBF89CA47379F061ED7 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
12:03:24.0756 0x1384 aswSP - ok
12:03:24.0803 0x1384 [ 7250DFE069F4CB68F736A12F51AC083E, 7422A030786F777E914E1D6C10BC9B94B03B4AA2A8F888FE948004B91C60CD07 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
12:03:24.0803 0x1384 aswStm - ok
12:03:24.0850 0x1384 [ 5EA98C99B780EE215401658BE5E217CA, A778F2E2414BD0C9C572BEAC1DD0A805ED1827A25D6208D650AEBCCEED4D6994 ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
12:03:24.0867 0x1384 aswVmm - ok
12:03:24.0915 0x1384 [ 3DB7721F06BC2FEDB25029EA23AB27DA, 221861148C66FE53E4D6EE49C6E656479AB5804A2D348A280A1CD8093E8AB788 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:03:24.0920 0x1384 AsyncMac - ok
12:03:24.0950 0x1384 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
12:03:24.0955 0x1384 atapi - ok
12:03:24.0997 0x1384 [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
12:03:25.0013 0x1384 AudioEndpointBuilder - ok
12:03:25.0083 0x1384 [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
12:03:25.0176 0x1384 Audiosrv - ok
12:03:25.0280 0x1384 [ 5CE4F1E7D1BF789919DC7F2E7603C638, 604D4D824B9FE183B82637D212D7804DC88D6475383C1E6EE4269CAAD82E7C13 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
12:03:25.0285 0x1384 avast! Antivirus - ok
12:03:25.0322 0x1384 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
12:03:25.0334 0x1384 AxInstSV - ok
12:03:25.0386 0x1384 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
12:03:25.0419 0x1384 b06bdrv - ok
12:03:25.0448 0x1384 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
12:03:25.0454 0x1384 BasicDisplay - ok
12:03:25.0469 0x1384 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
12:03:25.0474 0x1384 BasicRender - ok
12:03:25.0504 0x1384 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
12:03:25.0509 0x1384 bcmfn2 - ok
12:03:25.0589 0x1384 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
12:03:25.0667 0x1384 BDESVC - ok
12:03:25.0745 0x1384 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
12:03:25.0761 0x1384 Beep - ok
12:03:25.0839 0x1384 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll
12:03:25.0886 0x1384 BFE - ok
12:03:25.0995 0x1384 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll
12:03:26.0386 0x1384 BITS - ok
12:03:26.0448 0x1384 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:03:26.0479 0x1384 Bonjour Service - ok
12:03:26.0511 0x1384 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
12:03:26.0526 0x1384 bowser - ok
12:03:26.0604 0x1384 [ E325BCD68EC0CF2E2EDD0AB7CC17C698, 4DEDEF91F6BD1CC8DBE118AC28CA6BD874449A053B9CDE9FFEB1C7B98501D938 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
12:03:26.0620 0x1384 BrokerInfrastructure - ok
12:03:26.0667 0x1384 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll
12:03:26.0683 0x1384 Browser - ok
12:03:26.0730 0x1384 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
12:03:26.0745 0x1384 BthAvrcpTg - ok
12:03:26.0761 0x1384 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
12:03:26.0761 0x1384 BthHFEnum - ok
12:03:26.0776 0x1384 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
12:03:26.0792 0x1384 bthhfhid - ok
12:03:26.0823 0x1384 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
12:03:26.0823 0x1384 BTHMODEM - ok
12:03:26.0854 0x1384 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll
12:03:26.0870 0x1384 bthserv - ok
12:03:26.0901 0x1384 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
12:03:26.0901 0x1384 cdfs - ok
12:03:26.0933 0x1384 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
12:03:26.0948 0x1384 cdrom - ok
12:03:26.0990 0x1384 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
12:03:27.0004 0x1384 CertPropSvc - ok
12:03:27.0025 0x1384 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
12:03:27.0031 0x1384 circlass - ok
12:03:27.0067 0x1384 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
12:03:27.0096 0x1384 CLFS - ok
12:03:27.0166 0x1384 [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
12:03:27.0177 0x1384 CLVirtualDrive - ok
12:03:27.0207 0x1384 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
12:03:27.0211 0x1384 CmBatt - ok
12:03:27.0277 0x1384 [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
12:03:27.0325 0x1384 CNG - ok
12:03:27.0359 0x1384 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
12:03:27.0363 0x1384 CompositeBus - ok
12:03:27.0377 0x1384 COMSysApp - ok
12:03:27.0401 0x1384 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
12:03:27.0408 0x1384 condrv - ok
12:03:27.0472 0x1384 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
12:03:27.0472 0x1384 CryptSvc - ok
12:03:27.0488 0x1384 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
12:03:27.0503 0x1384 dam - ok
12:03:27.0581 0x1384 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
12:03:27.0628 0x1384 DcomLaunch - ok
12:03:27.0722 0x1384 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
12:03:27.0753 0x1384 defragsvc - ok
12:03:27.0816 0x1384 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
12:03:27.0847 0x1384 DeviceAssociationService - ok
12:03:27.0862 0x1384 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
12:03:27.0894 0x1384 DeviceInstall - ok
12:03:27.0925 0x1384 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
12:03:27.0941 0x1384 Dfsc - ok
12:03:28.0003 0x1384 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
12:03:28.0034 0x1384 Dhcp - ok
12:03:28.0097 0x1384 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
12:03:28.0097 0x1384 disk - ok
12:03:28.0144 0x1384 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
12:03:28.0144 0x1384 dmvsc - ok
12:03:28.0175 0x1384 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
12:03:28.0227 0x1384 Dnscache - ok
12:03:28.0285 0x1384 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll
12:03:28.0307 0x1384 dot3svc - ok
12:03:28.0385 0x1384 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll
12:03:28.0426 0x1384 DPS - ok
12:03:28.0440 0x1384 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
12:03:28.0443 0x1384 drmkaud - ok
12:03:28.0482 0x1384 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
12:03:28.0498 0x1384 DsmSvc - ok
12:03:28.0604 0x1384 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
12:03:28.0701 0x1384 DXGKrnl - ok
12:03:28.0741 0x1384 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll
12:03:28.0756 0x1384 Eaphost - ok
12:03:28.0969 0x1384 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
12:03:29.0186 0x1384 ebdrv - ok
12:03:29.0234 0x1384 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe
12:03:29.0246 0x1384 EFS - ok
12:03:29.0273 0x1384 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
12:03:29.0282 0x1384 EhStorClass - ok
12:03:29.0322 0x1384 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
12:03:29.0334 0x1384 EhStorTcgDrv - ok
12:03:29.0369 0x1384 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
12:03:29.0374 0x1384 ErrDev - ok
12:03:29.0530 0x1384 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll
12:03:29.0570 0x1384 EventSystem - ok
12:03:29.0606 0x1384 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
12:03:29.0620 0x1384 exfat - ok
12:03:29.0647 0x1384 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
12:03:29.0663 0x1384 fastfat - ok
12:03:29.0738 0x1384 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe
12:03:29.0790 0x1384 Fax - ok
12:03:29.0831 0x1384 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
12:03:29.0835 0x1384 fdc - ok
12:03:29.0860 0x1384 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll
12:03:29.0869 0x1384 fdPHost - ok
12:03:29.0892 0x1384 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll
12:03:29.0901 0x1384 FDResPub - ok
12:03:29.0935 0x1384 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll
12:03:29.0951 0x1384 fhsvc - ok
12:03:29.0970 0x1384 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
12:03:29.0981 0x1384 FileInfo - ok
12:03:30.0001 0x1384 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
12:03:30.0006 0x1384 Filetrace - ok
12:03:30.0032 0x1384 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
12:03:30.0037 0x1384 flpydisk - ok
12:03:30.0072 0x1384 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
12:03:30.0095 0x1384 FltMgr - ok
12:03:30.0200 0x1384 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll
12:03:30.0292 0x1384 FontCache - ok
12:03:30.0347 0x1384 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:03:30.0353 0x1384 FontCache3.0.0.0 - ok
12:03:30.0394 0x1384 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
12:03:30.0401 0x1384 FsDepends - ok
12:03:30.0427 0x1384 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:03:30.0432 0x1384 Fs_Rec - ok
12:03:30.0489 0x1384 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
12:03:30.0525 0x1384 fvevol - ok
12:03:30.0553 0x1384 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
12:03:30.0559 0x1384 FxPPM - ok
12:03:30.0587 0x1384 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
12:03:30.0595 0x1384 gagp30kx - ok
12:03:30.0634 0x1384 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
12:03:30.0639 0x1384 gencounter - ok
12:03:30.0669 0x1384 [ 5B1EDAFD02AEA9345C24F0B6537CC8A0, D36D4F20756D19CF0A4C6CD0FDB678F7D79D1AC66D62F55845DFE7E7CB433A2B ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
12:03:30.0680 0x1384 GPIOClx0101 - ok
12:03:30.0820 0x1384 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
12:03:30.0927 0x1384 gpsvc - ok
12:03:31.0039 0x1384 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:03:31.0047 0x1384 gupdate - ok
12:03:31.0062 0x1384 [ 51508F0C2476177E50C31B0BBFBF1BDB, 3F62A05181D54711180C8727AC66D624AFA7FC816A4ACC4DC0CFCF2D2DBE7F87 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:03:31.0070 0x1384 gupdatem - ok
12:03:31.0097 0x1384 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
12:03:31.0105 0x1384 HDAudBus - ok
12:03:31.0120 0x1384 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
12:03:31.0124 0x1384 HidBatt - ok
12:03:31.0201 0x1384 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
12:03:31.0210 0x1384 HidBth - ok
12:03:31.0236 0x1384 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
12:03:31.0242 0x1384 hidi2c - ok
12:03:31.0262 0x1384 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
12:03:31.0267 0x1384 HidIr - ok
12:03:31.0298 0x1384 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll
12:03:31.0309 0x1384 hidserv - ok
12:03:31.0330 0x1384 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
12:03:31.0335 0x1384 HidUsb - ok
12:03:31.0388 0x1384 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
12:03:31.0404 0x1384 hkmsvc - ok
12:03:31.0441 0x1384 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
12:03:31.0464 0x1384 HomeGroupListener - ok
12:03:31.0545 0x1384 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
12:03:31.0580 0x1384 HomeGroupProvider - ok
12:03:31.0663 0x1384 [ BB1FC298BE53AAB1E110F6E786BD8AC5, C2DA2C3CE96D5F8B50013063B5EF7BED7478636896C709A7AF34855B2E69B9F1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
12:03:31.0679 0x1384 HP Support Assistant Service - ok
12:03:31.0694 0x1384 [ 4F88FA114D15504E1B17978A8DA4165E, FB3876525BC82B20D1CD159F1DC2CCBA63CAAA755A97E5C97089B09DEA6DD790 ] HPConnectedRemote c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
12:03:31.0710 0x1384 HPConnectedRemote - ok
12:03:31.0804 0x1384 [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
12:03:31.0874 0x1384 hpqwmiex - ok
12:03:31.0902 0x1384 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
12:03:31.0910 0x1384 HpSAMD - ok
12:03:32.0054 0x1384 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
12:03:32.0128 0x1384 HTTP - ok
12:03:32.0172 0x1384 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
12:03:32.0177 0x1384 hwpolicy - ok
12:03:32.0204 0x1384 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
12:03:32.0209 0x1384 hyperkbd - ok
12:03:32.0237 0x1384 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
12:03:32.0241 0x1384 HyperVideo - ok
12:03:32.0279 0x1384 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
12:03:32.0288 0x1384 i8042prt - ok
12:03:32.0325 0x1384 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
12:03:32.0345 0x1384 iaLPSSi_GPIO - ok
12:03:32.0379 0x1384 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
12:03:32.0388 0x1384 iaLPSSi_I2C - ok
12:03:32.0468 0x1384 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
12:03:32.0533 0x1384 iaStorAV - ok
12:03:32.0577 0x1384 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
12:03:32.0602 0x1384 iaStorV - ok
12:03:32.0824 0x1384 [ ABEFA4BD23329FD9BD47496BF2E58774, 9689D4C6380735EE1CC7F480696CDDC229E0FA511942AC813314D353584D82DD ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:03:32.0958 0x1384 IconMan_R - ok
12:03:32.0983 0x1384 IEEtwCollectorService - ok
12:03:33.0120 0x1384 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll
12:03:33.0199 0x1384 IKEEXT - ok
12:03:33.0550 0x1384 [ 5AB35054EC837E5E2196CA91BCDF8232, 25D881B076162420742B2E0919E0950D05101E7F3127A65BD4B6D9E8507B1150 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
12:03:33.0856 0x1384 IntcAzAudAddService - ok
12:03:33.0937 0x1384 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
12:03:33.0942 0x1384 intelide - ok
12:03:33.0967 0x1384 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
12:03:33.0972 0x1384 intelpep - ok
12:03:34.0003 0x1384 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
12:03:34.0013 0x1384 intelppm - ok
12:03:34.0059 0x1384 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:03:34.0066 0x1384 IpFilterDriver - ok
12:03:34.0217 0x1384 [ ACFEE9487693C2BD573DFCA71D98E17C, A347FD476147CD3568EEE6993B46AFC05A66A4269094CA51572D0FD013FCB535 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
12:03:34.0288 0x1384 iphlpsvc - ok
12:03:34.0334 0x1384 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
12:03:34.0342 0x1384 IPMIDRV - ok
12:03:34.0363 0x1384 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
12:03:34.0375 0x1384 IPNAT - ok
12:03:34.0389 0x1384 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
12:03:34.0393 0x1384 IRENUM - ok
12:03:34.0411 0x1384 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
12:03:34.0416 0x1384 isapnp - ok
12:03:34.0449 0x1384 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
12:03:34.0468 0x1384 iScsiPrt - ok
12:03:34.0496 0x1384 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
12:03:34.0505 0x1384 kbdclass - ok
12:03:34.0530 0x1384 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
12:03:34.0536 0x1384 kbdhid - ok
12:03:34.0556 0x1384 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
12:03:34.0561 0x1384 kdnic - ok
12:03:34.0585 0x1384 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe
12:03:34.0595 0x1384 KeyIso - ok
12:03:34.0613 0x1384 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
12:03:34.0623 0x1384 KSecDD - ok
12:03:34.0653 0x1384 [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
12:03:34.0665 0x1384 KSecPkg - ok
12:03:34.0696 0x1384 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
12:03:34.0702 0x1384 ksthunk - ok
12:03:34.0760 0x1384 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
12:03:34.0790 0x1384 KtmRm - ok
12:03:34.0843 0x1384 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
12:03:34.0874 0x1384 LanmanServer - ok
12:03:34.0923 0x1384 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
12:03:34.0960 0x1384 LanmanWorkstation - ok
12:03:35.0039 0x1384 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
12:03:35.0080 0x1384 lfsvc - ok
12:03:35.0119 0x1384 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
12:03:35.0126 0x1384 lltdio - ok
12:03:35.0178 0x1384 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
12:03:35.0205 0x1384 lltdsvc - ok
12:03:35.0245 0x1384 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
12:03:35.0256 0x1384 lmhosts - ok
12:03:35.0291 0x1384 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
12:03:35.0300 0x1384 LSI_SAS - ok
12:03:35.0330 0x1384 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
12:03:35.0341 0x1384 LSI_SAS2 - ok
12:03:35.0370 0x1384 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
12:03:35.0380 0x1384 LSI_SAS3 - ok
12:03:35.0407 0x1384 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
12:03:35.0415 0x1384 LSI_SSS - ok
12:03:35.0527 0x1384 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll
12:03:35.0605 0x1384 LSM - ok
12:03:35.0636 0x1384 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
12:03:35.0636 0x1384 luafv - ok
12:03:35.0668 0x1384 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
12:03:35.0668 0x1384 megasas - ok
12:03:35.0730 0x1384 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
12:03:35.0761 0x1384 megasr - ok
12:03:35.0853 0x1384 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll
12:03:35.0870 0x1384 MMCSS - ok
12:03:35.0895 0x1384 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
12:03:35.0901 0x1384 Modem - ok
12:03:35.0923 0x1384 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
12:03:35.0928 0x1384 monitor - ok
12:03:35.0956 0x1384 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
12:03:35.0962 0x1384 mouclass - ok
12:03:35.0977 0x1384 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
12:03:35.0982 0x1384 mouhid - ok
12:03:36.0013 0x1384 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
12:03:36.0022 0x1384 mountmgr - ok
12:03:36.0043 0x1384 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
12:03:36.0050 0x1384 mpsdrv - ok
12:03:36.0152 0x1384 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
12:03:36.0210 0x1384 MpsSvc - ok
12:03:36.0236 0x1384 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
12:03:36.0246 0x1384 MRxDAV - ok
12:03:36.0308 0x1384 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:03:36.0339 0x1384 mrxsmb - ok
12:03:36.0384 0x1384 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
12:03:36.0402 0x1384 mrxsmb10 - ok
12:03:36.0428 0x1384 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
12:03:36.0442 0x1384 mrxsmb20 - ok
12:03:36.0478 0x1384 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
12:03:36.0489 0x1384 MsBridge - ok
12:03:36.0526 0x1384 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe
12:03:36.0546 0x1384 MSDTC - ok
12:03:36.0574 0x1384 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
12:03:36.0578 0x1384 Msfs - ok
12:03:36.0594 0x1384 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
12:03:36.0601 0x1384 msgpiowin32 - ok
12:03:36.0654 0x1384 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
12:03:36.0658 0x1384 mshidkmdf - ok
12:03:36.0673 0x1384 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
12:03:36.0676 0x1384 mshidumdf - ok
12:03:36.0700 0x1384 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
12:03:36.0706 0x1384 msisadrv - ok
12:03:36.0748 0x1384 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
12:03:36.0766 0x1384 MSiSCSI - ok
12:03:36.0778 0x1384 msiserver - ok
12:03:36.0805 0x1384 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:03:36.0810 0x1384 MSKSSRV - ok
12:03:36.0862 0x1384 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
12:03:36.0870 0x1384 MsLldp - ok
12:03:36.0892 0x1384 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:03:36.0898 0x1384 MSPCLOCK - ok
12:03:36.0921 0x1384 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
12:03:36.0924 0x1384 MSPQM - ok
12:03:36.0969 0x1384 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
12:03:36.0991 0x1384 MsRPC - ok
12:03:37.0016 0x1384 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
12:03:37.0022 0x1384 mssmbios - ok
12:03:37.0042 0x1384 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
12:03:37.0047 0x1384 MSTEE - ok
12:03:37.0071 0x1384 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
12:03:37.0076 0x1384 MTConfig - ok
12:03:37.0094 0x1384 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
12:03:37.0101 0x1384 Mup - ok
12:03:37.0125 0x1384 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
12:03:37.0132 0x1384 mvumis - ok
12:03:37.0208 0x1384 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll
12:03:37.0242 0x1384 napagent - ok
12:03:37.0308 0x1384 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
12:03:37.0334 0x1384 NativeWifiP - ok
12:03:37.0376 0x1384 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
12:03:37.0394 0x1384 NcaSvc - ok
12:03:37.0429 0x1384 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll
12:03:37.0448 0x1384 NcbService - ok
12:03:37.0474 0x1384 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
12:03:37.0489 0x1384 NcdAutoSetup - ok
12:03:37.0570 0x1384 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
12:03:37.0638 0x1384 NDIS - ok
12:03:37.0658 0x1384 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
12:03:37.0663 0x1384 NdisCap - ok
12:03:37.0685 0x1384 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
12:03:37.0695 0x1384 NdisImPlatform - ok
12:03:37.0723 0x1384 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:03:37.0729 0x1384 NdisTapi - ok
12:03:37.0755 0x1384 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:03:37.0762 0x1384 Ndisuio - ok
12:03:37.0783 0x1384 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
12:03:37.0783 0x1384 NdisVirtualBus - ok
12:03:37.0830 0x1384 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:03:37.0846 0x1384 NdisWan - ok
12:03:37.0877 0x1384 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:03:37.0893 0x1384 NdisWanLegacy - ok
12:03:37.0908 0x1384 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
12:03:37.0924 0x1384 NDProxy - ok
12:03:37.0955 0x1384 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
12:03:37.0955 0x1384 Ndu - ok
12:03:37.0986 0x1384 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
12:03:37.0986 0x1384 NetBIOS - ok
12:03:38.0018 0x1384 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
12:03:38.0049 0x1384 NetBT - ok
12:03:38.0065 0x1384 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe
12:03:38.0080 0x1384 Netlogon - ok
12:03:38.0127 0x1384 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll
12:03:38.0158 0x1384 Netman - ok
12:03:38.0190 0x1384 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
12:03:38.0236 0x1384 netprofm - ok
12:03:38.0408 0x1384 [ 735E4E58539FA0F0B96B7D9599C6C041, 43B603C7EF5B1819FC99776984326C5AA6D2915BA70E12E5366BB456D1F2B7E3 ] netr28x C:\WINDOWS\system32\DRIVERS\netr28x.sys
12:03:38.0580 0x1384 netr28x - ok
12:03:38.0627 0x1384 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:03:38.0721 0x1384 NetTcpPortSharing - ok
12:03:38.0768 0x1384 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
12:03:38.0783 0x1384 netvsc - ok
12:03:38.0830 0x1384 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
12:03:38.0862 0x1384 NlaSvc - ok
12:03:38.0877 0x1384 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
12:03:38.0877 0x1384 Npfs - ok
12:03:38.0893 0x1384 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
12:03:38.0893 0x1384 npsvctrig - ok
12:03:38.0924 0x1384 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll
12:03:38.0940 0x1384 nsi - ok
12:03:38.0955 0x1384 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
12:03:38.0955 0x1384 nsiproxy - ok
12:03:39.0115 0x1384 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
12:03:39.0267 0x1384 Ntfs - ok
12:03:39.0300 0x1384 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
12:03:39.0304 0x1384 Null - ok
12:03:39.0336 0x1384 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
12:03:39.0348 0x1384 nvraid - ok
12:03:39.0382 0x1384 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
12:03:39.0396 0x1384 nvstor - ok
12:03:39.0427 0x1384 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
12:03:39.0437 0x1384 nv_agp - ok
12:03:39.0492 0x1384 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
12:03:39.0524 0x1384 p2pimsvc - ok
12:03:39.0608 0x1384 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
12:03:39.0639 0x1384 p2psvc - ok
12:03:39.0686 0x1384 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
12:03:39.0686 0x1384 Parport - ok
12:03:39.0717 0x1384 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
12:03:39.0733 0x1384 partmgr - ok
12:03:39.0780 0x1384 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
12:03:39.0826 0x1384 PcaSvc - ok
12:03:39.0873 0x1384 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
12:03:39.0889 0x1384 pci - ok
12:03:39.0905 0x1384 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
12:03:39.0905 0x1384 pciide - ok
12:03:39.0936 0x1384 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
12:03:39.0952 0x1384 pcmcia - ok
12:03:39.0983 0x1384 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
12:03:39.0983 0x1384 pcw - ok
12:03:39.0998 0x1384 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
12:03:40.0014 0x1384 pdc - ok
12:03:40.0076 0x1384 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
12:03:40.0123 0x1384 PEAUTH - ok
12:03:40.0217 0x1384 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
12:03:40.0233 0x1384 PerfHost - ok
12:03:40.0358 0x1384 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll
12:03:40.0452 0x1384 pla - ok
12:03:40.0498 0x1384 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
12:03:40.0514 0x1384 PlugPlay - ok
12:03:40.0545 0x1384 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
12:03:40.0565 0x1384 PNRPAutoReg - ok
12:03:40.0617 0x1384 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
12:03:40.0649 0x1384 PNRPsvc - ok
12:03:40.0706 0x1384 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
12:03:40.0735 0x1384 PolicyAgent - ok
12:03:40.0769 0x1384 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll
12:03:40.0788 0x1384 Power - ok
12:03:40.0818 0x1384 [ E075CC071022BD4E9BE7C024717C0E0A, BE65A8C1082AE8DF8C37CA06B2BCC521478AC153EA7388B03F7FAE3913920E75 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:03:40.0827 0x1384 PptpMiniport - ok
12:03:41.0395 0x1384 [ 3C96A45CA3403A276B0F045C448EC27B, C0011DB8C5A85817CAF815CC0095EE2C1CDD5964DCD8EAF4C35A2495D6A873CC ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
12:03:41.0567 0x1384 PrintNotify - ok
12:03:41.0614 0x1384 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
12:03:41.0629 0x1384 Processor - ok
12:03:41.0676 0x1384 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
12:03:41.0692 0x1384 ProfSvc - ok
12:03:41.0723 0x1384 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
12:03:41.0738 0x1384 Psched - ok
12:03:41.0848 0x1384 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll
12:03:41.0879 0x1384 QWAVE - ok
12:03:41.0926 0x1384 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
12:03:41.0926 0x1384 QWAVEdrv - ok
12:03:41.0942 0x1384 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:03:41.0957 0x1384 RasAcd - ok
12:03:41.0988 0x1384 [ 674A4702E4E144E8710ED1A2EC6DD049, 613A921101A6815C9185D5EF3E251A592604E56FADE945BB7E256885CAD473BC ] RasAgileVpn C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
12:03:42.0004 0x1384 RasAgileVpn - ok
12:03:42.0035 0x1384 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll
12:03:42.0051 0x1384 RasAuto - ok
12:03:42.0082 0x1384 [ BBB6272B7F46C4640A8CDB8A70C3450F, 4266C3ABD0D1D0219F715EA0F155744F7C1E3A7B722BE863831B57AE785419A2 ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:03:42.0098 0x1384 Rasl2tp - ok
12:03:42.0145 0x1384 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll
12:03:42.0192 0x1384 RasMan - ok
12:03:42.0223 0x1384 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:03:42.0223 0x1384 RasPppoe - ok
12:03:42.0254 0x1384 [ 2B0F1677CDD08967005F34488559BC6F, FFF168EBD171C0B85A448AD1A04F66534E889AE1DC128F68EA3F35D5996C8D39 ] RasSstp C:\WINDOWS\system32\DRIVERS\rassstp.sys
12:03:42.0270 0x1384 RasSstp - ok
12:03:42.0321 0x1384 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:03:42.0346 0x1384 rdbss - ok
12:03:42.0386 0x1384 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
12:03:42.0391 0x1384 rdpbus - ok
12:03:42.0420 0x1384 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
12:03:42.0435 0x1384 RDPDR - ok
12:03:42.0479 0x1384 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
12:03:42.0485 0x1384 RdpVideoMiniport - ok
12:03:42.0513 0x1384 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
12:03:42.0532 0x1384 rdyboost - ok
12:03:42.0624 0x1384 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
12:03:42.0687 0x1384 ReFS - ok
12:03:42.0759 0x1384 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
12:03:42.0785 0x1384 RemoteAccess - ok
12:03:42.0823 0x1384 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
12:03:42.0844 0x1384 RemoteRegistry - ok
12:03:42.0870 0x1384 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
12:03:42.0888 0x1384 RpcEptMapper - ok
12:03:42.0931 0x1384 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe
12:03:42.0948 0x1384 RpcLocator - ok
12:03:43.0006 0x1384 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll
12:03:43.0061 0x1384 RpcSs - ok
12:03:43.0120 0x1384 [ 7BFDFD1D2244B444D7BBC55087426518, 06DF03A734A8A1956C842E30B4A1F143CD59B2DD09E0F8F01E6B4CE2A3D1D418 ] RSPCIESTOR C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
12:03:43.0142 0x1384 RSPCIESTOR - ok
12:03:43.0176 0x1384 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
12:03:43.0184 0x1384 rspndr - ok
12:03:43.0250 0x1384 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
12:03:43.0288 0x1384 RTL8168 - ok
12:03:43.0324 0x1384 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
12:03:43.0329 0x1384 s3cap - ok
12:03:43.0360 0x1384 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe
12:03:43.0371 0x1384 SamSs - ok
12:03:43.0417 0x1384 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
12:03:43.0419 0x1384 sbp2port - ok
12:03:43.0466 0x1384 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
12:03:43.0497 0x1384 SCardSvr - ok
12:03:43.0513 0x1384 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
12:03:43.0528 0x1384 ScDeviceEnum - ok
12:03:43.0560 0x1384 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
12:03:43.0575 0x1384 scfilter - ok
12:03:43.0700 0x1384 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
12:03:43.0794 0x1384 Schedule - ok
12:03:43.0841 0x1384 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
12:03:43.0862 0x1384 SCPolicySvc - ok
12:03:43.0900 0x1384 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
12:03:43.0917 0x1384 sdbus - ok
12:03:43.0938 0x1384 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
12:03:43.0947 0x1384 sdstor - ok
12:03:43.0963 0x1384 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
12:03:43.0969 0x1384 secdrv - ok
12:03:44.0076 0x1384 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll
12:03:44.0093 0x1384 seclogon - ok
12:03:44.0115 0x1384 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll
12:03:44.0134 0x1384 SENS - ok
12:03:44.0166 0x1384 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
12:03:44.0191 0x1384 SensrSvc - ok
12:03:44.0221 0x1384 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
12:03:44.0228 0x1384 SerCx - ok
12:03:44.0294 0x1384 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
12:03:44.0305 0x1384 SerCx2 - ok
12:03:44.0335 0x1384 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
12:03:44.0341 0x1384 Serenum - ok
12:03:44.0384 0x1384 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
12:03:44.0392 0x1384 Serial - ok
12:03:44.0408 0x1384 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
12:03:44.0413 0x1384 sermouse - ok
12:03:44.0537 0x1384 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
12:03:44.0575 0x1384 SessionEnv - ok
12:03:44.0687 0x1384 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
12:03:44.0692 0x1384 sfloppy - ok
12:03:44.0782 0x1384 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
12:03:44.0814 0x1384 SharedAccess - ok
12:03:45.0048 0x1384 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
12:03:45.0136 0x1384 ShellHWDetection - ok
12:03:45.0224 0x1384 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
12:03:45.0230 0x1384 SiSRaid2 - ok
12:03:45.0251 0x1384 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
12:03:45.0260 0x1384 SiSRaid4 - ok
12:03:45.0325 0x1384 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:03:45.0343 0x1384 SkypeUpdate - ok
12:03:45.0381 0x1384 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll
12:03:45.0397 0x1384 smphost - ok
12:03:45.0428 0x1384 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
12:03:45.0444 0x1384 SNMPTRAP - ok
12:03:45.0491 0x1384 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
12:03:45.0522 0x1384 spaceport - ok
12:03:45.0569 0x1384 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
12:03:45.0569 0x1384 SpbCx - ok
12:03:45.0663 0x1384 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe
12:03:45.0741 0x1384 Spooler - ok
12:03:46.0390 0x1384 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
12:03:46.0967 0x1384 sppsvc - ok
12:03:47.0067 0x1384 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
12:03:47.0096 0x1384 srv - ok
12:03:47.0153 0x1384 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
12:03:47.0218 0x1384 srv2 - ok
12:03:47.0283 0x1384 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
12:03:47.0300 0x1384 srvnet - ok
12:03:47.0345 0x1384 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
12:03:47.0394 0x1384 SSDPSRV - ok
12:03:47.0439 0x1384 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
12:03:47.0466 0x1384 SstpSvc - ok
12:03:47.0547 0x1384 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
12:03:47.0552 0x1384 stexstor - ok
12:03:47.0649 0x1384 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll
12:03:47.0701 0x1384 stisvc - ok
12:03:47.0744 0x1384 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
12:03:47.0752 0x1384 storahci - ok
12:03:47.0781 0x1384 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
12:03:47.0789 0x1384 storflt - ok
12:03:47.0812 0x1384 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
12:03:47.0819 0x1384 stornvme - ok
12:03:47.0853 0x1384 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll
12:03:47.0870 0x1384 StorSvc - ok
12:03:47.0901 0x1384 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
12:03:47.0909 0x1384 storvsc - ok
12:03:47.0941 0x1384 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll
12:03:47.0958 0x1384 svsvc - ok
12:03:47.0991 0x1384 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
12:03:47.0996 0x1384 swenum - ok
12:03:48.0076 0x1384 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll
12:03:48.0130 0x1384 swprv - ok
12:03:48.0239 0x1384 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll
12:03:48.0324 0x1384 SysMain - ok
12:03:48.0384 0x1384 [ FD4EA8E9232ADD51DC31C295DDEF2768, 3EA40D7376AB5AA5DA2BCF4745C79F7BF819363466967ECC3CD15ADECBFD7244 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
12:03:48.0412 0x1384 SystemEventsBroker - ok
12:03:48.0486 0x1384 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
12:03:48.0512 0x1384 TabletInputService - ok
12:03:48.0556 0x1384 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
12:03:48.0611 0x1384 TapiSrv - ok
12:03:49.0050 0x1384 [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
12:03:49.0334 0x1384 Tcpip - ok
12:03:49.0564 0x1384 [ 87F3713E620F62D243A82B3CB66CBDDE, 5C14F43BC5114DB664490DEE5024555149766C2F2430A910AA9DA2210D968063 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:03:49.0758 0x1384 TCPIP6 - ok
12:03:49.0834 0x1384 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
12:03:49.0840 0x1384 tcpipreg - ok
12:03:49.0881 0x1384 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
12:03:49.0892 0x1384 tdx - ok
12:03:49.0922 0x1384 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
12:03:49.0930 0x1384 terminpt - ok
12:03:50.0012 0x1384 [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService C:\WINDOWS\System32\termsrv.dll
12:03:50.0091 0x1384 TermService - ok
12:03:50.0137 0x1384 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll
12:03:50.0155 0x1384 Themes - ok
12:03:50.0196 0x1384 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll
12:03:50.0209 0x1384 THREADORDER - ok
12:03:50.0274 0x1384 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
12:03:50.0334 0x1384 TimeBroker - ok
12:03:50.0375 0x1384 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
12:03:50.0387 0x1384 TPM - ok
12:03:50.0409 0x1384 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll
12:03:50.0432 0x1384 TrkWks - ok
12:03:50.0483 0x1384 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
12:03:50.0492 0x1384 TrustedInstaller - ok
12:03:50.0518 0x1384 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
12:03:50.0524 0x1384 TsUsbFlt - ok
12:03:50.0542 0x1384 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
12:03:50.0550 0x1384 TsUsbGD - ok
12:03:50.0573 0x1384 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
12:03:50.0586 0x1384 tunnel - ok
12:03:50.0617 0x1384 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
12:03:50.0625 0x1384 uagp35 - ok
12:03:50.0659 0x1384 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
12:03:50.0668 0x1384 UASPStor - ok
12:03:50.0696 0x1384 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
12:03:50.0710 0x1384 UCX01000 - ok
12:03:50.0752 0x1384 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
12:03:50.0773 0x1384 udfs - ok
12:03:50.0789 0x1384 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
12:03:50.0795 0x1384 UEFI - ok
12:03:50.0842 0x1384 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
12:03:50.0858 0x1384 UI0Detect - ok
12:03:50.0883 0x1384 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
12:03:50.0891 0x1384 uliagpkx - ok
12:03:50.0921 0x1384 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
12:03:50.0927 0x1384 umbus - ok
12:03:50.0957 0x1384 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
12:03:50.0962 0x1384 UmPass - ok
12:03:51.0035 0x1384 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
12:03:51.0067 0x1384 UmRdpService - ok
12:03:51.0147 0x1384 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll
12:03:51.0215 0x1384 upnphost - ok
12:03:51.0249 0x1384 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
12:03:51.0260 0x1384 usbccgp - ok
12:03:51.0286 0x1384 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
12:03:51.0294 0x1384 usbcir - ok
12:03:51.0323 0x1384 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
12:03:51.0333 0x1384 usbehci - ok
12:03:51.0366 0x1384 [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter C:\WINDOWS\System32\drivers\usbfilter.sys
12:03:51.0373 0x1384 usbfilter - ok
12:03:51.0419 0x1384 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
12:03:51.0446 0x1384 usbhub - ok
12:03:51.0490 0x1384 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
12:03:51.0518 0x1384 USBHUB3 - ok
12:03:51.0553 0x1384 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
12:03:51.0559 0x1384 usbohci - ok
12:03:51.0575 0x1384 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
12:03:51.0581 0x1384 usbprint - ok
12:03:51.0621 0x1384 [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
12:03:51.0632 0x1384 USBSTOR - ok
12:03:51.0661 0x1384 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
12:03:51.0668 0x1384 usbuhci - ok
12:03:51.0694 0x1384 [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
12:03:51.0709 0x1384 usbvideo - ok
12:03:51.0751 0x1384 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
12:03:51.0771 0x1384 USBXHCI - ok
12:03:51.0794 0x1384 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe
12:03:51.0805 0x1384 VaultSvc - ok
12:03:51.0824 0x1384 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
12:03:51.0829 0x1384 vdrvroot - ok
12:03:51.0942 0x1384 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe
12:03:52.0025 0x1384 vds - ok
12:03:52.0056 0x1384 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
12:03:52.0070 0x1384 VerifierExt - ok
12:03:52.0123 0x1384 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
12:03:52.0156 0x1384 vhdmp - ok
12:03:52.0172 0x1384 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
12:03:52.0176 0x1384 viaide - ok
12:03:52.0204 0x1384 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
12:03:52.0213 0x1384 vmbus - ok
12:03:52.0235 0x1384 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
12:03:52.0240 0x1384 VMBusHID - ok
12:03:52.0302 0x1384 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
12:03:52.0346 0x1384 vmicguestinterface - ok
12:03:52.0385 0x1384 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
12:03:52.0418 0x1384 vmicheartbeat - ok
12:03:52.0456 0x1384 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
12:03:52.0490 0x1384 vmickvpexchange - ok
12:03:52.0527 0x1384 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
12:03:52.0561 0x1384 vmicrdv - ok
12:03:52.0600 0x1384 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
12:03:52.0634 0x1384 vmicshutdown - ok
12:03:52.0673 0x1384 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
12:03:52.0707 0x1384 vmictimesync - ok
12:03:52.0746 0x1384 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
12:03:52.0779 0x1384 vmicvss - ok
12:03:52.0799 0x1384 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
12:03:52.0806 0x1384 volmgr - ok
12:03:52.0843 0x1384 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
12:03:52.0868 0x1384 volmgrx - ok
12:03:52.0914 0x1384 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
12:03:52.0934 0x1384 volsnap - ok
12:03:52.0968 0x1384 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
12:03:52.0976 0x1384 vpci - ok
12:03:53.0016 0x1384 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
12:03:53.0028 0x1384 vsmraid - ok
12:03:53.0132 0x1384 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe
12:03:53.0222 0x1384 VSS - ok
12:03:53.0265 0x1384 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
12:03:53.0284 0x1384 VSTXRAID - ok
12:03:53.0327 0x1384 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
12:03:53.0339 0x1384 vwifibus - ok
12:03:53.0392 0x1384 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
12:03:53.0400 0x1384 vwififlt - ok
12:03:53.0426 0x1384 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
12:03:53.0433 0x1384 vwifimp - ok
12:03:53.0487 0x1384 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll
12:03:53.0522 0x1384 W32Time - ok
12:03:53.0598 0x1384 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\WINDOWS\system32\inetsrv\w3logsvc.dll
12:03:53.0606 0x1384 w3logsvc - ok
12:03:53.0644 0x1384 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
12:03:53.0650 0x1384 WacomPen - ok
12:03:53.0671 0x1384 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:03:53.0679 0x1384 Wanarp - ok
12:03:53.0692 0x1384 [ AFCD4054D61BD708B82991348ED1C763, EBDAC0E218F1DFC405DB3C8A2F014D20A17B0690EA381C750BED5C2AFCDFEBE3 ] Wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:03:53.0700 0x1384 Wanarpv6 - ok
12:03:53.0760 0x1384 [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS C:\WINDOWS\system32\inetsrv\iisw3adm.dll
12:03:53.0793 0x1384 WAS - ok
12:03:53.0893 0x1384 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe
12:03:54.0024 0x1384 wbengine - ok
12:03:54.0093 0x1384 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
12:03:54.0132 0x1384 WbioSrvc - ok
12:03:54.0169 0x1384 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
12:03:54.0202 0x1384 Wcmsvc - ok
12:03:54.0263 0x1384 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
12:03:54.0302 0x1384 wcncsvc - ok
12:03:54.0320 0x1384 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
12:03:54.0337 0x1384 WcsPlugInService - ok
12:03:54.0353 0x1384 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
12:03:54.0358 0x1384 WdBoot - ok
12:03:54.0436 0x1384 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
12:03:54.0482 0x1384 Wdf01000 - ok
12:03:54.0515 0x1384 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
12:03:54.0532 0x1384 WdFilter - ok
12:03:54.0559 0x1384 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
12:03:54.0579 0x1384 WdiServiceHost - ok
12:03:54.0594 0x1384 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
12:03:54.0612 0x1384 WdiSystemHost - ok
12:03:54.0641 0x1384 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
12:03:54.0651 0x1384 WdNisDrv - ok
12:03:54.0677 0x1384 WdNisSvc - ok
12:03:54.0717 0x1384 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll
12:03:54.0743 0x1384 WebClient - ok
12:03:54.0778 0x1384 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
12:03:54.0805 0x1384 Wecsvc - ok
12:03:54.0820 0x1384 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
12:03:54.0836 0x1384 WEPHOSTSVC - ok
12:03:54.0855 0x1384 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
12:03:54.0874 0x1384 wercplsupport - ok
12:03:54.0895 0x1384 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll
12:03:54.0915 0x1384 WerSvc - ok
12:03:54.0938 0x1384 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
12:03:54.0948 0x1384 WFPLWFS - ok
12:03:54.0970 0x1384 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
12:03:54.0989 0x1384 WiaRpc - ok
12:03:55.0011 0x1384 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
12:03:55.0017 0x1384 WIMMount - ok
12:03:55.0028 0x1384 WinDefend - ok
12:03:55.0115 0x1384 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
12:03:55.0171 0x1384 WinHttpAutoProxySvc - ok
12:03:55.0228 0x1384 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
12:03:55.0244 0x1384 Winmgmt - ok
12:03:55.0415 0x1384 [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll
12:03:55.0580 0x1384 WinRM - ok
12:03:55.0711 0x1384 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
12:03:55.0811 0x1384 WlanSvc - ok
12:03:55.0931 0x1384 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
12:03:56.0031 0x1384 wlidsvc - ok
12:03:56.0086 0x1384 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
12:03:56.0091 0x1384 WmiAcpi - ok
12:03:56.0134 0x1384 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
12:03:56.0148 0x1384 wmiApSrv - ok
12:03:56.0193 0x1384 WMPNetworkSvc - ok
12:03:56.0222 0x1384 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
12:03:56.0234 0x1384 Wof - ok
12:03:56.0381 0x1384 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
12:03:56.0486 0x1384 workfolderssvc - ok
12:03:56.0526 0x1384 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
12:03:56.0534 0x1384 wpcfltr - ok
12:03:56.0559 0x1384 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
12:03:56.0577 0x1384 WPCSvc - ok
12:03:56.0607 0x1384 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
12:03:56.0627 0x1384 WPDBusEnum - ok
12:03:56.0642 0x1384 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
12:03:56.0647 0x1384 WpdUpFltr - ok
12:03:56.0673 0x1384 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
12:03:56.0679 0x1384 ws2ifsl - ok
12:03:56.0717 0x1384 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll
12:03:56.0740 0x1384 wscsvc - ok
12:03:56.0753 0x1384 WSearch - ok
12:03:57.0008 0x1384 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll
12:03:57.0229 0x1384 WSService - ok
12:03:57.0479 0x1384 [ 9FDD8CD31F3FBA88F050318F32D640E2, BBCAFDA420E11D43BAD5D87D47607F4ADF0D817C1BF86D6389582B56EDD7C246 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
12:03:57.0694 0x1384 wuauserv - ok
12:03:57.0748 0x1384 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
12:03:57.0758 0x1384 WudfPf - ok
12:03:57.0796 0x1384 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
12:03:57.0811 0x1384 WUDFRd - ok
12:03:57.0843 0x1384 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
12:03:57.0866 0x1384 wudfsvc - ok
12:03:57.0891 0x1384 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
12:03:57.0905 0x1384 WUDFWpdFs - ok
12:03:57.0965 0x1384 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
12:03:58.0007 0x1384 WwanSvc - ok
12:03:58.0047 0x1384 ================ Scan global ===============================
12:03:58.0092 0x1384 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
12:03:58.0140 0x1384 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
12:03:58.0206 0x1384 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
12:03:58.0256 0x1384 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
12:03:58.0290 0x1384 [ Global ] - ok
12:03:58.0291 0x1384 ================ Scan MBR ==================================
12:03:58.0304 0x1384 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
12:03:58.0322 0x1384 \Device\Harddisk0\DR0 - ok
12:03:58.0323 0x1384 ================ Scan VBR ==================================
12:03:58.0334 0x1384 [ D4D0D5115062C4E3B9403A0AF9619392 ] \Device\Harddisk0\DR0\Partition1
12:03:58.0402 0x1384 \Device\Harddisk0\DR0\Partition1 - ok
12:03:58.0417 0x1384 [ 50F556C832B6F33B23E0CEA6935A0980 ] \Device\Harddisk0\DR0\Partition2
12:03:58.0464 0x1384 \Device\Harddisk0\DR0\Partition2 - ok
12:03:58.0488 0x1384 [ 113753BCD72FAD254692A52E235370E7 ] \Device\Harddisk0\DR0\Partition3
12:03:58.0496 0x1384 \Device\Harddisk0\DR0\Partition3 - ok
12:03:58.0510 0x1384 [ DF7F43F70D2BCF4AFB0BBBB77D50965F ] \Device\Harddisk0\DR0\Partition4
12:03:58.0547 0x1384 \Device\Harddisk0\DR0\Partition4 - ok
12:03:58.0580 0x1384 [ 524A4DE876D34834D6D17131EF6109F2 ] \Device\Harddisk0\DR0\Partition5
12:03:58.0584 0x1384 \Device\Harddisk0\DR0\Partition5 - ok
12:03:58.0601 0x1384 [ A4EFEE4B858E3FD3AAD9337A6958AA39 ] \Device\Harddisk0\DR0\Partition6
12:03:58.0609 0x1384 \Device\Harddisk0\DR0\Partition6 - ok
12:03:58.0611 0x1384 ================ Scan generic autorun ======================
12:03:59.0097 0x1384 [ D066F5D95B5AC708CD39AD4AB64A244C, B7817CFC3AC33B6C8C0295E0F809E3AC4E33CFDC341524B73C853A15F605D96B ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
12:03:59.0485 0x1384 RTHDVCPL - ok
12:03:59.0631 0x1384 [ DD79A6B15C2F28DE98DF4852AAF6B13B, 0F7E9023E0BA4B40E2DE9A9FA34E85FEAF72B93049AAB3E1D73AD046BB113E05 ] c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe
12:03:59.0634 0x1384 NCPluginUpdater - ok
12:04:00.0011 0x1384 [ 03F7027B0AFB0155956B6C6282C9C4AD, 02141463B6E8E533DA859FDFF9661B81A1BEB364506A0F80220D63D6A03A0EFB ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
12:04:00.0304 0x1384 AvastUI.exe - ok
12:04:00.0339 0x1384 Skype - ok
12:04:00.0507 0x1384 [ AD039BD721859550F23064D42E7DDA44, 918812F078D796ADFE12A67CA802E9DA9D5FD48629A69E479009B9BABC099175 ] C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe
12:04:00.0560 0x1384 uTorrent - ok
12:04:00.0566 0x1384 Waiting for KSN requests completion. In queue: 85
12:04:01.0567 0x1384 Waiting for KSN requests completion. In queue: 85
12:04:02.0583 0x1384 Waiting for KSN requests completion. In queue: 85
12:04:03.0598 0x1384 Waiting for KSN requests completion. In queue: 85
12:04:04.0770 0x1384 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
12:04:04.0786 0x1384 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2206.692 ), 0x42000 ( disabled : updated )
12:04:04.0786 0x1384 Win FW state via NFP2: enabled
12:04:07.0239 0x1384 ============================================================
12:04:07.0239 0x1384 Scan finished
12:04:07.0239 0x1384 ============================================================
12:04:07.0254 0x06b0 Detected object count: 0
12:04:07.0254 0x06b0 Actual detected object count: 0
12:04:31.0377 0x0f6c Deinitialize success
|
|
25.10.2014, 11:11
| #4 |
| /// TB-Ausbilder | Internet sehr langsam Schritt 1 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 2 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
25.10.2014, 11:21
| #5 |
| | Internet sehr langsamCode:
ATTFilter # AdwCleaner v4.001 - Bericht erstellt am 25/10/2014 um 12:12:20
# Aktualisiert 20/10/2014 von Xplode
# Datenbank : 2014-10-23.2
# Betriebssystem : Windows 8.1 (64 bits)
# Benutzername : Katharina - HEIM
# Gestartet von : C:\Users\Katharina\Desktop\erste hilfe 2\2 ADW cleaner\AdwCleaner_4.001.exe
# Option : Suchen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17344
-\\ Google Chrome v38.0.2125.104
*************************
AdwCleaner[R0].txt - [6251 octets] - [25/10/2014 09:59:57]
AdwCleaner[R1].txt - [698 octets] - [25/10/2014 12:12:20]
AdwCleaner[S0].txt - [6304 octets] - [25/10/2014 10:21:32]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [817 octets] ##########
|
|
25.10.2014, 11:23
| #6 | |
| /// TB-Ausbilder | Internet sehr langsamZitat:
 |
|
25.10.2014, 11:53
| #7 |
| | Internet sehr langsam JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.3 (10.21.2014:1)
OS: Windows 8.1 x64
Ran by Katharina on 25.10.2014 at 12:23:08,89
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.10.2014 at 12:39:01,46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
MBAM dauert noch Code:
ATTFilter Suchlauf Datum: 25.10.2014
Suchlauf-Zeit: 12:14:17
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.3.1025
Malware Datenbank: v2014.10.25.02
Rootkit Datenbank: v2014.10.22.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Katharina
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 332890
Verstrichene Zeit: 30 Min, 50 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(Keine schädliche Elemente erkannt)
Module: 0
(Keine schädliche Elemente erkannt)
Registrierungsschlüssel: 0
(Keine schädliche Elemente erkannt)
Registrierungswerte: 0
(Keine schädliche Elemente erkannt)
Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)
Ordner: 0
(Keine schädliche Elemente erkannt)
Dateien: 0
(Keine schädliche Elemente erkannt)
Physische Sektoren: 0
(Keine schädliche Elemente erkannt)
(end)
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2014
Ran by Katharina (administrator) on HEIM on 25-10-2014 12:47:54
Running from C:\Users\Katharina\Desktop
Loaded Profile: Katharina (Available profiles: Katharina)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteUser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteWMPMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6844560 2012-11-10] (Realtek Semiconductor)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5223016 2014-10-25] (AVAST Software)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-10-21] (Hewlett-Packard)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-702799559-3439042313-1217037743-1001\...\Run: [uTorrent] => C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe [1045072 2014-10-16] (BitTorrent Inc.)
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK13/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK13/4
SearchScopes: HKLM - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKLM-x32 - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
SearchScopes: HKCU - {0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-10-25]
Chrome:
=======
CHR HomePage: Default -> file:///C:/Users/Nina/Desktop/Meine%20Seite/Meine%20Seite%203.4/Alex%20ich%20liebe%20Dich.html
CHR StartupUrls: Default -> "file:///C:/Users/Katharina/Desktop/mama/Katharina/Desktop/Meine%20Seite%203.4/ti%20durak,%20alex.html"
CHR Profile: C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-16]
CHR Extension: (Google Docs) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-16]
CHR Extension: (Google Drive) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-16]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-16]
CHR Extension: (YouTube) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-16]
CHR Extension: (Adblock Plus) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-10-16]
CHR Extension: (Google-Suche) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-16]
CHR Extension: (Google Tabellen) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-16]
CHR Extension: (Uhr) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdkjifoifglkpcdffkenpinlbjgephlo [2014-10-16]
CHR Extension: (Avast Online Security) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-16]
CHR Extension: (IP-Adresse) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnjjlbngpejmmhgcaagljaomgnginml [2014-10-16]
CHR Extension: (Google Wallet) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-16]
CHR Extension: (Google Mail) - C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-16]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-10-25]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-10-25] (AVAST Software)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 HPConnectedRemote; c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPConnectedRemoteService.exe [35744 2012-10-12] (Hewlett-Packard)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2451456 2012-07-14] (Realsil Microelectronics Inc.) [File not signed]
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-09-24] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-09-24] (Microsoft Corporation)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-10-23] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-09-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-09-24] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-10-25] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [82768 2014-10-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-10-25] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-10-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049920 2014-10-25] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-10-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-10-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-10-25] ()
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-09-24] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-25 12:47 - 2014-10-25 12:50 - 00012783 _____ () C:\Users\Katharina\Desktop\FRST.txt
2014-10-25 12:47 - 2014-10-25 12:47 - 00000000 ____D () C:\Users\Katharina\Desktop\FRST-OlderVersion
2014-10-25 12:46 - 2014-10-25 12:46 - 00001192 _____ () C:\Users\Katharina\Desktop\mbam.txt
2014-10-25 12:39 - 2014-10-25 12:39 - 00000618 _____ () C:\Users\Katharina\Desktop\JRT.txt
2014-10-25 12:23 - 2014-10-25 12:23 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-10-25 12:22 - 2014-10-25 12:22 - 01706144 _____ (Thisisu) C:\Users\Katharina\Downloads\JRT.exe
2014-10-25 12:02 - 2014-10-25 12:02 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Katharina\Downloads\tdsskiller.exe
2014-10-25 11:45 - 2014-10-25 12:00 - 00000000 ____D () C:\Users\Katharina\Desktop\text
2014-10-25 11:44 - 2014-10-25 11:44 - 00009216 ___SH () C:\Users\Katharina\Desktop\Thumbs.db
2014-10-25 11:02 - 2014-10-25 11:02 - 00001982 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2014-10-25 11:02 - 2014-10-25 11:02 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\AVAST Software
2014-10-25 11:02 - 2014-10-25 11:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-10-25 11:01 - 2014-10-25 11:02 - 00004182 _____ () C:\WINDOWS\System32\Tasks\avast! Emergency Update
2014-10-25 11:01 - 2014-10-25 11:01 - 00436624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00364512 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2014-10-25 11:01 - 2014-10-25 11:01 - 00267632 _____ () C:\WINDOWS\system32\Drivers\aswVmm.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00116728 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00093568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00082768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00065776 _____ () C:\WINDOWS\system32\Drivers\aswRvrt.sys
2014-10-25 11:01 - 2014-10-25 11:01 - 00043152 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2014-10-25 11:01 - 2014-10-25 11:01 - 00029208 _____ () C:\WINDOWS\system32\Drivers\aswHwid.sys
2014-10-25 11:01 - 2014-10-25 11:00 - 01049920 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2014-10-25 10:59 - 2014-10-25 10:59 - 00000000 ____D () C:\Program Files\AVAST Software
2014-10-25 10:58 - 2014-10-25 10:59 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-10-25 10:57 - 2014-10-25 10:57 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-25 10:56 - 2014-10-25 10:58 - 131078000 _____ (AVAST Software) C:\Users\Katharina\Downloads\avast_free_antivirus_setup.exe
2014-10-25 10:52 - 2014-09-30 00:45 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-10-25 10:52 - 2014-09-30 00:45 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-10-25 10:49 - 2014-10-25 10:52 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-10-25 10:26 - 2014-10-25 10:26 - 00001282 _____ () C:\Users\Katharina\Desktop\Revo Uninstaller.lnk
2014-10-25 10:26 - 2014-10-25 10:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-10-25 10:23 - 2014-10-25 10:25 - 00000000 ____D () C:\Users\Katharina\Desktop\Neuer Ordner
2014-10-25 10:14 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-10-25 10:14 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-10-25 10:14 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-10-25 10:14 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-10-25 10:14 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-10-25 10:14 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-10-25 10:14 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-10-25 10:13 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-10-25 10:13 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-10-25 09:59 - 2014-10-25 12:20 - 00000000 ____D () C:\AdwCleaner
2014-10-25 09:58 - 2014-10-25 12:14 - 00129752 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-10-25 09:58 - 2014-10-25 09:58 - 00001116 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-10-25 09:58 - 2014-10-25 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-10-25 09:58 - 2014-10-25 09:58 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-25 09:58 - 2014-10-25 09:58 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-10-25 09:58 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-10-25 09:58 - 2014-10-01 11:11 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-10-25 09:58 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-10-25 09:48 - 2014-10-25 12:47 - 00000000 ____D () C:\FRST
2014-10-25 09:47 - 2014-10-25 12:47 - 02112512 _____ (Farbar) C:\Users\Katharina\Desktop\FRST64.exe
2014-10-25 09:47 - 2014-10-25 09:48 - 00000000 ____D () C:\Users\Katharina\Desktop\erste hilfe 2
2014-10-25 09:46 - 2014-08-02 02:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-10-25 09:46 - 2014-07-15 20:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-10-25 09:46 - 2014-07-15 10:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-10-25 09:46 - 2014-07-15 10:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-10-25 09:46 - 2014-07-15 10:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-10-25 09:45 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-10-25 09:45 - 2014-06-10 00:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-10-25 09:44 - 2014-08-16 06:08 - 21195616 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-10-25 09:44 - 2014-08-16 02:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-10-25 09:43 - 2014-08-16 06:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-10-25 09:43 - 2014-08-16 06:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-10-25 09:43 - 2014-08-16 05:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-10-25 09:43 - 2014-08-16 05:57 - 02498880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-10-25 09:43 - 2014-08-16 05:57 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-10-25 09:43 - 2014-08-16 05:16 - 18722600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-10-25 09:43 - 2014-08-16 05:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-10-25 09:43 - 2014-08-16 05:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-10-25 09:43 - 2014-08-16 03:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-10-25 09:43 - 2014-08-16 03:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-10-25 09:43 - 2014-08-16 02:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-10-25 09:43 - 2014-08-16 02:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-10-25 09:43 - 2014-08-16 02:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-10-25 09:43 - 2014-08-16 02:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-10-25 09:43 - 2014-08-16 02:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-10-25 09:43 - 2014-08-16 02:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-10-25 09:43 - 2014-08-16 02:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-10-25 09:43 - 2014-08-16 02:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-10-25 09:43 - 2014-08-16 02:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 09:43 - 2014-08-16 02:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-10-25 09:43 - 2014-08-16 02:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-10-25 09:43 - 2014-08-16 02:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-10-25 09:43 - 2014-08-16 02:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-10-25 09:43 - 2014-08-16 02:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-10-25 09:43 - 2014-08-16 02:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-10-25 09:43 - 2014-08-16 02:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-10-25 09:43 - 2014-08-16 02:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-10-25 09:43 - 2014-08-16 02:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-10-25 09:43 - 2014-08-16 02:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-10-25 09:43 - 2014-08-16 02:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-10-25 09:43 - 2014-08-16 02:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-10-25 09:43 - 2014-08-16 02:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-10-25 09:43 - 2014-08-01 01:22 - 00388729 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-10-25 09:43 - 2014-07-10 06:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lockscreencn.dll
2014-10-25 09:42 - 2014-05-03 07:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-10-25 09:42 - 2014-05-03 07:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-10-25 09:42 - 2014-05-03 07:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-10-25 09:42 - 2014-05-03 07:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-10-25 09:42 - 2014-05-03 06:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-10-25 09:42 - 2014-05-03 06:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-10-25 09:42 - 2014-05-03 06:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-10-25 09:42 - 2014-05-03 01:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-10-25 09:42 - 2014-04-30 08:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-10-25 09:42 - 2014-04-30 08:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-10-25 09:42 - 2014-04-30 08:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-10-25 09:42 - 2014-04-30 08:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-10-25 09:42 - 2014-04-30 07:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-10-25 09:42 - 2014-04-30 06:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-10-25 09:42 - 2014-04-30 06:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-10-25 09:42 - 2014-04-30 06:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-10-25 09:42 - 2014-04-30 06:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-10-25 09:42 - 2014-04-30 06:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-10-25 09:42 - 2014-04-30 06:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-10-25 09:42 - 2014-04-30 05:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-10-25 09:42 - 2014-04-30 05:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-10-25 09:42 - 2014-04-30 05:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-10-25 09:42 - 2014-04-30 05:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-10-25 09:42 - 2014-04-30 05:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-10-25 09:42 - 2014-04-30 05:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-10-25 09:42 - 2014-04-29 00:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-10-25 09:42 - 2014-04-26 18:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-10-25 09:42 - 2014-04-14 11:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-10-25 09:42 - 2014-04-14 10:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-10-25 09:42 - 2014-04-14 07:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-10-25 09:41 - 2014-10-10 00:16 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-10-25 09:41 - 2014-10-09 00:09 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2014-10-25 09:41 - 2014-09-19 03:24 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-10-25 09:41 - 2014-09-05 04:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-10-25 09:41 - 2014-06-02 04:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-10-25 09:41 - 2014-05-31 08:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-10-25 09:41 - 2014-05-31 08:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-10-25 09:41 - 2014-05-31 06:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-10-25 09:41 - 2014-05-31 06:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-10-25 09:41 - 2014-05-31 06:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-10-25 09:41 - 2014-05-27 11:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-10-25 09:41 - 2014-05-27 11:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-10-25 09:40 - 2014-07-12 06:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-10-24 21:06 - 2014-10-24 21:06 - 00011633 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264153.torrent
2014-10-24 20:57 - 2014-10-24 20:57 - 00015409 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1264305.torrent
2014-10-24 20:55 - 2014-10-24 20:55 - 00014485 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id553857.torrent
2014-10-24 19:03 - 2014-10-25 11:08 - 00000052 _____ () C:\WINDOWS\SysWOW64\DOErrors.log
2014-10-24 19:02 - 2014-10-25 11:05 - 00000000 _____ () C:\WINDOWS\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-23 11:19 - 2014-10-23 11:19 - 00000000 ____D () C:\ProgramData\Package Cache
2014-10-23 10:49 - 2014-10-25 08:25 - 00000000 ___DC () C:\WINDOWS\Panther
2014-10-23 10:49 - 2014-10-23 10:49 - 00000000 __SHD () C:\Recovery
2014-10-23 10:48 - 2014-10-23 10:48 - 03448320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 01702400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00839680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-10-23 10:48 - 2014-10-23 10:48 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-10-23 10:48 - 2014-10-23 10:48 - 00000000 ____D () C:\Windows.old
2014-10-23 10:47 - 2014-10-23 10:47 - 04183040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-10-23 10:47 - 2014-10-23 10:47 - 03117568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02779648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 02321920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-10-23 10:47 - 2014-10-23 10:47 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-10-23 10:47 - 2014-10-23 10:47 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 23631360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 17484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 13619200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 11807232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 05829632 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 04201472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02309632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02187264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 02108416 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 02017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-10-23 10:46 - 2014-10-23 10:46 - 01810944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01447936 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00710656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-10-23 10:46 - 2014-10-23 10:46 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-10-23 10:46 - 2014-10-23 10:46 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-10-23 10:45 - 2014-10-23 10:45 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-10-23 10:44 - 2014-10-23 10:44 - 00262144 _____ () C:\WINDOWS\system32\config\userdiff
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\Reference Assemblies
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\Program Files (x86)\MSBuild
2014-10-23 10:41 - 2014-10-23 10:41 - 00000000 ____D () C:\inetpub
2014-10-23 10:40 - 2013-08-03 06:48 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:48 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2014-10-23 10:40 - 2013-08-03 06:41 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-10-23 10:23 - 2014-10-23 10:23 - 00001452 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-23 10:23 - 2014-10-23 10:23 - 00000020 ___SH () C:\Users\Katharina\ntuser.ini
2014-10-23 10:17 - 2014-10-25 10:48 - 01189066 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Vorlagen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Lokale Einstellungen
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Eigene Dateien
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default\Anwendungsdaten
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-10-23 10:17 - 2014-10-23 10:17 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Anwendungsdaten
2014-10-23 10:16 - 2014-10-23 10:16 - 00022960 _____ () C:\WINDOWS\system32\emptyregdb.dat
2014-10-23 10:07 - 2014-10-23 10:07 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default\Documents\hp.system.package.metadata
2014-10-23 10:07 - 2014-10-23 10:07 - 00000000 ____D () C:\Users\Default User\Documents\hp.system.package.metadata
2014-10-23 10:02 - 2014-10-23 10:02 - 00000000 ____D () C:\WINDOWS\system32\config\bbimigrate
2014-10-23 10:01 - 2014-10-23 10:23 - 00000000 ____D () C:\Users\Katharina
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-10-23 10:01 - 2014-10-23 10:02 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Vorlagen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Startmenü
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Netzwerkumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Lokale Einstellungen
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Eigene Dateien
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Druckumgebung
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Musik
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Documents\Eigene Bilder
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Verlauf
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\AppData\Local\Anwendungsdaten
2014-10-23 10:01 - 2014-10-23 10:01 - 00000000 _SHDL () C:\Users\Katharina\Anwendungsdaten
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-10-23 10:01 - 2014-09-24 08:18 - 00000369 _____ () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-23 10:01 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagwrn.xml
2014-10-23 10:00 - 2014-10-23 10:16 - 00020958 _____ () C:\WINDOWS\diagerr.xml
2014-10-23 09:55 - 2014-10-23 10:02 - 00012096 _____ () C:\WINDOWS\iis.log
2014-10-23 09:55 - 2014-10-23 09:55 - 01914374 _____ () C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2014-10-23 09:52 - 2014-10-23 09:52 - 00001370 _____ () C:\WINDOWS\system32\RaCoInst.log
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\Realtek
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\Program Files\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 ____D () C:\AMD
2014-10-23 09:52 - 2014-10-23 09:52 - 00000000 _____ () C:\WINDOWS\ativpsrm.bin
2014-10-23 08:54 - 2014-10-23 10:16 - 00006678 _____ () C:\WINDOWS\comsetup.log
2014-10-18 16:01 - 2014-06-24 09:35 - 00010450 _____ () C:\WINDOWS\system32\autoconfig.cab
2014-10-18 15:12 - 2014-10-18 15:12 - 00000000 ____D () C:\sources
2014-10-17 13:05 - 2014-10-17 13:05 - 00021532 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1159792.torrent
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56277235.txt
2014-10-17 12:56 - 2014-10-17 12:56 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56271198.txt
2014-10-17 12:55 - 2014-10-17 12:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56190140.txt
2014-10-17 12:52 - 2014-10-17 12:52 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56010832.txt
2014-10-17 01:11 - 2014-10-17 01:11 - 00000000 ____D () C:\ProgramData\Recovery
2014-10-16 21:14 - 2014-10-16 21:18 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-10-16 21:13 - 2014-10-03 10:02 - 103265616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-10-16 20:38 - 2014-10-16 20:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-50575.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-49951.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-48937.txt
2014-10-16 20:38 - 2014-10-16 20:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-59732.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000136 _____ () C:\WINDOWS\system32\netcfg-53586.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000134 _____ () C:\WINDOWS\system32\netcfg-51698.txt
2014-10-16 20:21 - 2014-10-16 20:21 - 00000128 _____ () C:\WINDOWS\system32\netcfg-60434.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-69841.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-69264.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-68016.txt
2014-10-16 20:17 - 2014-10-16 20:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-76487.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-666093.txt
2014-10-16 19:47 - 2014-10-16 19:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-665781.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-516300.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-513633.txt
2014-10-16 19:45 - 2014-10-16 19:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-487783.txt
2014-10-16 19:44 - 2014-10-16 19:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-485053.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-363217.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-360112.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-358365.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-357367.txt
2014-10-16 19:42 - 2014-10-16 19:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-352421.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-79420.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-78764.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-77563.txt
2014-10-16 19:38 - 2014-10-16 19:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-89029.txt
2014-10-16 19:26 - 2014-10-16 19:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6208574.txt
2014-10-16 19:16 - 2014-10-16 19:16 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\OpenOffice
2014-10-16 19:09 - 2014-10-24 21:28 - 00000000 ____D () C:\Users\Katharina\Desktop\Kinozal
2014-10-16 17:54 - 2014-10-16 17:54 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Hewlett-Packard
2014-10-16 17:45 - 2014-10-16 17:57 - 00000000 ____D () C:\Users\Katharina\Downloads\Top 25 Country Songs of Faith (2014) MP3
2014-10-16 17:30 - 2014-10-16 17:30 - 00020545 _____ () C:\Users\Katharina\Downloads\[kinozal.tv]id1263336.torrent
2014-10-16 17:27 - 2014-10-16 17:27 - 00000905 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-10-16 17:27 - 2014-10-16 17:27 - 00000881 _____ () C:\Users\Public\Desktop\µTorrent.lnk
2014-10-16 17:26 - 2014-10-25 12:08 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\uTorrent
2014-10-16 17:24 - 2014-10-24 20:55 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\tor
2014-10-16 17:16 - 2014-10-23 10:09 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-10-16 17:16 - 2014-10-16 17:16 - 00001116 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk
2014-10-16 17:15 - 2014-10-16 17:15 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4
2014-10-16 17:12 - 2014-10-16 17:12 - 00000000 ____D () C:\Users\Katharina\Desktop\OpenOffice 4.1.1 (de) Installation Files
2014-10-16 17:09 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2014-10-16 17:09 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-10-16 17:08 - 2014-10-16 17:08 - 164858324 _____ () C:\Users\Katharina\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
2014-10-16 17:03 - 2014-10-25 12:39 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Skype
2014-10-16 17:03 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Skype
2014-10-16 17:03 - 2014-10-16 17:03 - 00000000 ____D () C:\ProgramData\Skype
2014-10-16 17:02 - 2014-10-16 17:02 - 01677920 _____ (Skype Technologies S.A.) C:\Users\Katharina\Downloads\SkypeSetup.exe
2014-10-16 16:24 - 2014-10-16 16:24 - 00000088 _____ () C:\WINDOWS\system32\netcfg-3215726.txt
2014-10-16 16:23 - 2014-10-16 16:23 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3206241.txt
2014-10-16 16:15 - 2014-10-23 10:14 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-16 16:15 - 2014-10-23 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-16 16:14 - 2014-10-25 12:19 - 00001126 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 16:14 - 2014-10-25 10:52 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Google
2014-10-16 16:14 - 2014-10-16 16:15 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-16 16:14 - 2014-10-16 16:14 - 00004098 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-16 16:14 - 2014-10-16 16:14 - 00003862 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-16 16:13 - 2014-10-16 16:13 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Apps\2.0
2014-10-16 15:53 - 2014-10-16 15:53 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Macromedia
2014-10-16 15:50 - 2013-06-14 19:08 - 01045072 _____ (BitTorrent Inc.) C:\Users\Katharina\Desktop\utorrent.exe
2014-10-16 15:50 - 2011-02-25 00:05 - 02180096 _____ () C:\Users\Katharina\Desktop\tor.exe
2014-10-16 15:47 - 2014-10-25 12:35 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-702799559-3439042313-1217037743-1001
2014-10-16 15:46 - 2014-10-16 15:46 - 00000000 ____D () C:\Users\Katharina\Desktop\mama
2014-10-16 15:43 - 2014-10-16 15:43 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\ATI
2014-10-16 15:42 - 2014-10-16 15:42 - 00000000 ____D () C:\Users\Katharina\AppData\Local\ATI
2014-10-16 15:41 - 2014-10-16 15:41 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-10-16 15:40 - 2014-10-23 10:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\SysWOW64\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 __RSH () C:\WINDOWS\system32\Drivers\103C_HP_cPC_20-b100eg_Y53316J_0U_Q4CH3156S2T_E13CE1AR8603_4A_I2AF0_SPEGATRON CORPORATION_V1.02_B8.09_T121204_W8101-0_L407_M5716_J1000_7AMD_8BFF_91.40_#130413_N10EC8136;1814539B_Z_G10029809_Ohp DVDRAM GT80N.MRK
2014-10-16 15:40 - 2014-10-16 15:40 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Adobe
2014-10-16 15:40 - 2013-04-13 07:27 - 00002227 _____ () C:\Users\Public\Desktop\Snapfish Fotos.lnk
2014-10-16 15:38 - 2014-10-17 13:52 - 00000000 ____D () C:\Users\Katharina\AppData\Roaming\Hewlett-Packard
2014-10-16 15:38 - 2014-10-16 15:38 - 00000141 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
2014-10-16 15:37 - 2014-10-25 10:52 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Packages
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\VirtualStore
2014-10-16 15:37 - 2014-10-16 15:37 - 00000000 ____D () C:\Users\Katharina\AppData\Local\Power2Go8
2014-10-16 15:36 - 2014-10-23 09:31 - 01525485 _____ () C:\WINDOWS\WindowsUpdate (1).log
2014-10-16 15:36 - 2013-04-13 06:40 - 00000000 ___HD () C:\Users\Katharina\Documents\hp.system.package.metadata
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-326042.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-322906.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-316338.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283703.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-283516.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-280271.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-279226.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275528.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-275372.txt
2014-10-16 15:35 - 2014-10-16 15:35 - 00000117 _____ () C:\WINDOWS\system32\netcfg-274468.txt
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Netzwerkumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Lokale Einstellungen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Eigene Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Druckumgebung
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Musik
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Documents\Eigene Bilder
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Verlauf
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Users\Default.migrated\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Vorlagen
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\ProgramData\Anwendungsdaten
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Program Files\Gemeinsame Dateien
2014-10-16 15:31 - 2014-10-16 15:31 - 00000000 _SHDL () C:\Dokumente und Einstellungen
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-25 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-25 10:58 - 2014-09-24 08:17 - 01980934 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-25 10:58 - 2014-09-24 07:43 - 00841326 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-25 10:58 - 2014-09-24 07:43 - 00191558 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-25 10:57 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-25 10:52 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-25 10:49 - 2014-09-24 09:43 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-10-25 10:49 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-10-25 10:49 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-10-25 10:48 - 2014-09-23 23:06 - 00419730 _____ () C:\WINDOWS\PFRO.log
2014-10-25 10:48 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-25 10:48 - 2013-04-13 07:30 - 00000000 ____D () C:\ProgramData\Norton
2014-10-25 10:48 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-10-25 10:29 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-10-25 10:29 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-10-25 09:47 - 2013-08-22 16:46 - 00292174 _____ () C:\WINDOWS\setupact.log
2014-10-24 19:02 - 2013-04-13 06:43 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-24 19:02 - 2013-04-13 06:40 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-10-23 11:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-10-23 10:48 - 2013-08-22 17:36 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-10-23 10:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-10-23 10:47 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\inetsrv
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-10-23 10:41 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\inetsrv
2014-10-23 10:41 - 2013-08-22 13:25 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2014-10-23 10:41 - 2013-08-22 13:22 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2014-10-23 10:41 - 2013-08-22 13:19 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2014-10-23 10:41 - 2013-08-22 13:18 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 12:03 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2014-10-23 10:41 - 2013-08-22 05:58 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2014-10-23 10:41 - 2013-08-22 05:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2014-10-23 10:41 - 2013-08-22 05:53 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2014-10-23 10:41 - 2013-08-22 05:51 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2014-10-23 10:41 - 2013-08-22 04:54 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2014-10-23 10:18 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-10-23 10:17 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Windows NT
2014-10-23 10:17 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2014-10-23 10:16 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Registration
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RSD () C:\WINDOWS\Media
2014-10-23 10:14 - 2013-08-22 17:36 - 00000000 __RHD () C:\Users\Public\Libraries
2014-10-23 10:10 - 2013-08-22 16:44 - 00377408 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-10-23 10:09 - 2013-04-13 07:05 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Productivity and Tools
2014-10-23 10:09 - 2013-04-13 07:01 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Communication and Chat
2014-10-23 10:09 - 2013-04-13 06:50 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\SysWOW64\sysprep
2014-10-23 10:07 - 2014-09-24 07:43 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-10-23 10:07 - 2013-08-22 17:37 - 00004893 _____ () C:\WINDOWS\DtcInstall.log
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\IME
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\WinBioPlugIns
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\spool
2014-10-23 10:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\IME
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\SMI
2014-10-23 10:07 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-10-23 10:07 - 2013-04-13 06:48 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-10-23 10:07 - 2012-07-26 07:37 - 00000000 ____D () C:\Users\Default.migrated
2014-10-23 10:06 - 2013-08-22 17:43 - 00000000 ____D () C:\WINDOWS\DigitalLocker
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\IME
2014-10-23 10:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\Help
2014-10-23 10:06 - 2012-08-10 17:06 - 00000000 ____D () C:\ProgramData\PRICache
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 __SHD () C:\Program Files (x86)\Windows Sidebar
2014-10-23 10:05 - 2013-08-22 17:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-10-23 10:05 - 2013-04-13 06:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security and Protection
2014-10-23 10:05 - 2013-04-13 06:35 - 00000000 ____D () C:\Program Files\Common Files\ATI Technologies
2014-10-23 10:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\Recovery
2014-10-23 09:55 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-10-23 08:49 - 2014-09-24 17:19 - 00000000 ___HD () C:\$Windows.~BT
2014-10-23 08:14 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-10-16 15:40 - 2013-04-13 07:27 - 00000000 ___RD () C:\Program Files\Online Services
2014-10-16 15:40 - 2013-04-13 06:55 - 00000000 ___RD () C:\Program Files (x86)\Online Services
2014-10-16 15:40 - 2012-12-03 19:57 - 00000000 _RSHD () C:\hp
2014-10-16 15:40 - 2012-10-12 05:24 - 00000000 ____D () C:\SWSETUP
2014-10-16 15:40 - 2012-10-12 05:21 - 00000000 _RSHD () C:\SYSTEM.SAV
Some content of TEMP:
====================
C:\Users\Katharina\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-23 09:50
==================== End Of Log ============================
--- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-10-2014
Ran by Katharina at 2014-10-25 12:52:00
Running from C:\Users\Katharina\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29677 - BitTorrent Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{069BB058-4ED8-D4FC-CA8D-9B44344E8338}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2206 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0704.2133.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.1015.1259.21340 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0704.2132.36938 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.1015.1260.21340 - Advanced Micro Devices, Inc.) Hidden
Connected Music powered by Universal Music Group version 1.0 (HKLM-x32\...\{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1) (Version: 1.0 - Snowite)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2.5630 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.2.5630 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.2.2114 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.2.2114 - CyberLink Corp.) Hidden
CyberLink PhotoDirector (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2.3317 - CyberLink Corp.)
CyberLink PhotoDirector (x32 Version: 2.0.2.3317 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.2.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.2.2126 - CyberLink Corp.)
CyberLink PowerDirector 10 (x32 Version: 10.0.2.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.7.4605 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.7.4605 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.104 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: v1.0 - Meridian Audio Ltd)
HP Connected Remote (HKLM-x32\...\{F243A34B-AB7F-4065-B770-B85B767C247C}) (Version: 1.0.1218 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Postscript Converter (Version: 3.1.3591 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{C2E428EB-116E-41C0-9E84-B22DE9CCA42F}) (Version: 1.1.6232.4245 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Ralink RT5390R 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.5.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.7.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6777 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.2.8400.28123 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.5826 - CyberLink Corp.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
23-10-2014 09:18:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
25-10-2014 08:27:31 Revo Uninstaller's restore point - Norton Internet Security
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {025FA17A-3460-4390-928E-CA99E27F8462} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {035792A1-D4EF-4A78-BF9A-AA9628C281A3} - System32\Tasks\Microsoft\Windows\Setup\SetupCleanupTask
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1A79384A-5E3C-4D63-B40E-260059B0BEEB} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {302DB300-7136-4FC0-8182-C41205F89CDD} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D0E6EEE-FE26-4CF2-9F34-4B013DE165FC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4D3CE21F-A31B-4A60-9CC6-8D69E7067F4D} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {50F5C122-831C-4B7D-AEAD-F52A776322AC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2014-10-03] (Microsoft Corporation)
Task: {61FAF8BC-AD04-4419-B99B-4A057F43EAA4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-16] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6AE3D893-F562-4D35-867D-64E033EA04FC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-09-05] (Hewlett-Packard Company)
Task: {6B049B28-BEB3-4D06-A582-838FFC44CFD2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77BF4E9F-9F08-406E-845D-BD362148A6F6} - System32\Tasks\CLVDLauncher => c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {80BFB5FE-82F5-4AC4-BF04-90D1EE7BAEBE} - System32\Tasks\CLMLSvc_P2G8 => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {AA92F3D7-61AE-48B7-B473-6355CE8CE948} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-10-25] (AVAST Software)
Task: {B2D1A9F9-6572-41F2-85C6-90C141D67E01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {C8E9F645-8C5E-44CC-ABB3-FFFAFEEEC078} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-09-24] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D420007B-EC18-4DC3-ABFA-54BB1BC6B844} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB30CB6B-8CBD-437D-8961-63EE0FDDB8A1} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FE551AA5-05F0-4767-95CE-44B986671F13} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-10-12 18:22 - 2012-10-12 18:22 - 00120224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesModule.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00048544 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\HPItunesProxy.dll
2012-10-12 18:22 - 2012-10-12 18:22 - 00180224 _____ () c:\Program Files (x86)\Hewlett-Packard\HP Connected Remote\zxing.dll
2014-10-23 10:24 - 2014-10-23 10:24 - 00120224 _____ () C:\Users\Katharina\AppData\Local\assembly\dl3\3ZDAHY8O.NYV\9D19EPBL.HEK\0e9880cb\004b58b8_95a8cd01\HPItunesModule.DLL
2013-04-13 07:05 - 2012-06-08 05:34 - 00627216 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-10-25 11:03 - 2014-10-25 11:03 - 02896896 _____ () C:\Program Files\AVAST Software\Avast\defs\14102401\algo.dll
2014-10-25 11:01 - 2014-10-25 11:01 - 38561576 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libglesv2.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\libegl.dll
2014-10-16 16:15 - 2014-10-10 04:04 - 08910664 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\pdf.dll
2014-10-16 16:15 - 2014-10-10 04:03 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.104\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-702799559-3439042313-1217037743-500 - Administrator - Disabled)
Gast (S-1-5-21-702799559-3439042313-1217037743-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-702799559-3439042313-1217037743-1005 - Limited - Enabled)
Katharina (S-1-5-21-702799559-3439042313-1217037743-1001 - Administrator - Enabled) => C:\Users\Katharina
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: AMD E1-1200 APU with Radeon(tm) HD Graphics
Percentage of memory in use: 28%
Total physical RAM: 5715.87 MB
Available physical RAM: 4089.99 MB
Total Pagefile: 6115.87 MB
Available Pagefile: 4374.06 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:918.02 GB) (Free:781.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery Image) (Fixed) (Total:11.58 GB) (Free:1.42 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 70FCAD0D)
Partition: GPT Partition Type.
==================== End Of Log ============================
Geändert von Akusmin (25.10.2014 um 11:47 Uhr) |
|
25.10.2014, 11:54
| #8 |
| /// TB-Ausbilder | Internet sehr langsam Servus, dann nochmal FRST bitte. |
|
25.10.2014, 11:56
| #9 |
| | Internet sehr langsam schon da, oben |
|
25.10.2014, 12:00
| #10 |
| /// TB-Ausbilder | Internet sehr langsam Servus, also Malware sehe ich bisher keine, wird wahrscheinlich was anderes sein. Wir kontrollieren nochmal alles. ESET kann länger (> 3 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann. Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
Schritt 2 Lade Dir bitte von hier  Emsisoft Emergency Kit herunter.
Schritt 3 ESET Online Scanner
Schritt 4 Downloade Dir bitte  SecurityCheck und:
Bitte poste mit deiner nächsten Antwort
|
|
25.10.2014, 12:09
| #11 |
| | Internet sehr langsamCode:
ATTFilter
Zoek.exe v5.0.0.0 Updated 24-10-2014
Tool run by Katharina on 25.10.2014 at 13:03:01,22.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Katharina\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
25.10.2014 13:05:05 Zoek.exe System Restore Point Created Succesfully.
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://g.uk.msn.com/HPDSK13/4"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0E6F1A5C-6336-48EA-BF8E-EEA8B02C7F29} Amazon Suchvorschl„ge Url="hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4"
==== Reset Google Chrome ======================
C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Katharina\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Reset IE Proxy ======================
Value(s) before fix:
"ProxyEnable"=dword:00000000
Value(s) after fix:
"ProxyEnable"=dword:00000000
==== C:\zoek_backup content ======================
C:\zoek_backup (files=0 folders=0 0 bytes)
==== EOF on 25.10.2014 at 13:06:26,05 ======================
|
|
25.10.2014, 12:14
| #12 |
| /// TB-Ausbilder | Internet sehr langsam ok, fehlen noch die anderen 3 Schritte. |
|
25.10.2014, 12:44
| #13 |
| | Internet sehr langsam ich muss jetzt weg. lasse die programmen laufen. melde mich abends. |
|
25.10.2014, 14:10
| #14 | |
| /// TB-Ausbilder | Internet sehr langsamZitat:
|
|
26.10.2014, 13:16
| #15 |
| | Internet sehr langsam Hallo, hier sind die restliche Code:
ATTFilter Emsisoft Emergency Kit - Version 9.0
Letztes Update: 25.10.2014 13:16:26
Benutzerkonto: Heim\Katharina
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\
PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 25.10.2014 13:17:45
Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR gefunden: Setting.DisableTaskMgr (A)
Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS gefunden: Setting.DisableRegistryTools (A)
Gescannt 410274
Gefunden 2
Scan Ende: 25.10.2014 17:10:57
Scan Zeit: 3:53:12
Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Gelöscht Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-702799559-3439042313-1217037743-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLETASKMGR Gelöscht Setting.DisableTaskMgr (A)
Gelöscht 2
Code:
ATTFilter Results of screen317's Security Check version 0.99.89
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Google Chrome 38.0.2125.104
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast AvastUI.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5467692026146b4d8d28f33d8992d288
# engine=20774
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-25 10:13:00
# local_time=2014-10-25 12:13:00 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2687371 39113273 0 0
# scanned=70717
# found=0
# cleaned=0
# scan_time=3988
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=5467692026146b4d8d28f33d8992d288
# engine=20777
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-10-25 06:30:19
# local_time=2014-10-25 08:30:19 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 34136 34278 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2717210 39143112 0 0
# scanned=348562
# found=7
# cleaned=0
# scan_time=11562
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\AppData\Roaming\uTorrent\uTorrent.exe"
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\utorrent.exe"
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\AppData\Roaming\uTorrent\uTorrent.exe"
sh=BEAB71118A6D378F78DB2FE16E25172D8D187100 ft=1 fh=8b19bd67e1cb7d43 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\Downloads\avira_free_antivirus884_de.exe"
sh=D8A2FC234CD6C6E2568F17782DB48666FD4E38D6 ft=1 fh=844b0ef62a202621 vn="Variante von Win32/InstallCore.QB evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\Downloads\FileOpenerSetup.exe"
sh=D2408C8A09A2BD9704AF39F818EC7AC9E9CCA46E ft=1 fh=08d2b982dc66508e vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="C:\Users\Katharina\Desktop\mama\Katharina\Downloads\utorrent.exe"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Bunndle potenziell unsichere Anwendung" ac=I fn="${Memory}"
|
|
| Themen zu Internet sehr langsam |
| avast, bonjour, branding, converter, defender, fehlercode 0xc000000d, helper, home, installation, internet, msiexec.exe, registry, security, services.exe, setting.disableregistrytools, setting.disabletaskmgr, starten, svchost.exe, symantec, system, win32/bundled.toolbar.ask.d, win32/installcore.qb, windows |
Linear-Darstellung
