|
Log-Analyse und Auswertung: CPU sark beansprucht! Lüfter laut!Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.03.2015, 14:27 | #1 |
| CPU sark beansprucht! Lüfter laut! Hallo zusammen, der Lüfter meines Laptops läuft ständig, auch wenn ich nur ein Programm, wie Word, geöffnet habe. Mein Betriebssytem ist Windows 7 64-bit. Den Anweisungen zu Folge habe ich log Dateien von FRST und GMER, sowie von Spybot an dieses Post gehängt. Kann mir da jemand helfen? Vielen Dank im Voraus! Ben FRST log: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01 Ran by Stephan Blank (administrator) on STEPHANBLANK-PC on 05-03-2015 13:28:38 Running from C:\Users\Stephan Blank\Downloads Loaded Profiles: Stephan Blank (Available profiles: Stephan Blank) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe (Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe () C:\Program Files (x86)\3DataManager\WTGService.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (WebToGo Mobile Internet GmbH) C:\Program Files (x86)\3DataManager\3DataManager.exe () C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-22] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {00490a07-9cac-11e4-bf34-001e101f859f} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {6e697069-a002-11e4-ab98-3859f9ee31e8} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310d93-a189-11e4-9379-3859f9ee31e8} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310dbd-a189-11e4-9379-3859f9ee31e8} - F:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb29f-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb4ac-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7ef47728-97fd-11e4-899c-f0bf9768a697} - F:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {91b7f05d-a172-11e4-b755-001e101f4da1} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {9352db18-9cf9-11e4-9e18-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e16dc10a-a260-11e4-9ab7-3859f9ee31e8} - G:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e31f1bce-9fc2-11e4-8d44-f0bf9768a697} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {eff3f5c1-9a74-11e4-a959-001e101f8aaa} - F:\Startme.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-at/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\..\Interfaces\{8F209CFD-1138-4000-B708-6117B200EA23}: [NameServer] 213.94.78.17 213.94.78.16 Tcpip\..\Interfaces\{BD5E0201-A624-4C66-8AE3-0E68D7A650AA}: [NameServer] 213.94.78.16 213.94.78.17 FireFox: ======== FF ProfilePath: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKU\S-1-5-21-3493849748-3862360928-3587676368-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-maps.xml FF Extension: Cliqz Beta - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\cliqz@cliqz.com.xpi [2015-01-15] FF Extension: Adblock Plus - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-28] FF HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-28] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-28] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-28] (Avast Software) R2 BecHelperService; C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [1740696 2011-03-23] () R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed] R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed] R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [346832 2012-12-12] () R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-28] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-28] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-28] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-28] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-28] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-28] () S2 mdvrmng; C:\Windows\SysWOW64\drivers\mdvrmng.sys [10240 2011-03-23] () [File not signed] S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation) S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation) S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation) S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation) S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation) S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation) S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-28] () R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-28] (Avast Software) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.) S3 avchv; system32\DRIVERS\avchv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-05 13:21 - 2015-03-05 13:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Stephan Blank\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-05 11:49 - 2015-03-05 11:49 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-49-23.062-AvastVBoxSVC.exe-4648.log 2015-03-05 11:46 - 2015-03-05 11:46 - 00000056 _____ () C:\Windows\setupact.log 2015-03-05 11:46 - 2015-03-05 11:46 - 00000000 _____ () C:\Windows\setuperr.log 2015-03-05 11:06 - 2015-03-05 11:06 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-06-25.074-AvastVBoxSVC.exe-4712.log 2015-03-04 21:19 - 2015-03-04 21:19 - 00000197 _____ () C:\Windows\system32\2015-03-04-20-19-14.018-AvastVBoxSVC.exe-3796.log 2015-03-04 10:44 - 2015-03-04 10:44 - 00000197 _____ () C:\Windows\system32\2015-03-04-09-44-05.019-AvastVBoxSVC.exe-3184.log 2015-03-04 09:03 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-08-03-42.054-aswFe.exe-488.log 2015-03-04 08:55 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-07-55-28.024-aswFe.exe-5172.log 2015-03-04 08:55 - 2015-03-04 08:55 - 00000197 _____ () C:\Windows\system32\2015-03-04-07-55-19.052-AvastVBoxSVC.exe-5608.log 2015-03-03 21:28 - 2015-03-03 21:28 - 00000197 _____ () C:\Windows\system32\2015-03-03-20-28-47.001-AvastVBoxSVC.exe-3492.log 2015-03-03 18:04 - 2015-03-03 18:04 - 00000197 _____ () C:\Windows\system32\2015-03-03-17-04-42.022-AvastVBoxSVC.exe-4500.log 2015-03-03 17:45 - 2015-03-03 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2015-03-03 17:42 - 2015-03-03 17:43 - 16342352 _____ (Geek Software GmbH ) C:\Users\Stephan Blank\Downloads\pdf24-creator-6.9.2.exe 2015-03-03 17:12 - 2015-03-04 16:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2015-03-03 17:12 - 2015-03-03 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-03-03 17:12 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\system32\pdfcmnnt.dll 2015-03-03 17:12 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL 2015-03-03 17:12 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL 2015-03-03 17:12 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL 2015-03-03 17:12 - 1998-07-06 00:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL 2015-03-03 17:12 - 1998-06-24 00:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX 2015-03-03 15:17 - 2015-03-03 15:17 - 00000197 _____ () C:\Windows\system32\2015-03-03-14-17-43.089-AvastVBoxSVC.exe-3492.log 2015-03-03 10:54 - 2015-03-03 10:54 - 00000197 _____ () C:\Windows\system32\2015-03-03-09-54-07.085-AvastVBoxSVC.exe-3540.log 2015-03-03 08:23 - 2015-03-03 08:23 - 00000197 _____ () C:\Windows\system32\2015-03-03-07-23-09.086-AvastVBoxSVC.exe-3604.log 2015-03-03 07:31 - 2015-03-03 07:31 - 00000197 _____ () C:\Windows\system32\2015-03-03-06-31-39.003-AvastVBoxSVC.exe-3576.log 2015-03-02 23:00 - 2015-03-02 23:00 - 00000197 _____ () C:\Windows\system32\2015-03-02-22-00-48.075-AvastVBoxSVC.exe-3520.log 2015-03-02 20:05 - 2015-03-02 20:05 - 00000197 _____ () C:\Windows\system32\2015-03-02-19-05-41.014-AvastVBoxSVC.exe-4720.log 2015-03-02 12:53 - 2015-03-02 12:53 - 01728888 _____ (Microsoft Corporation) C:\Users\Stephan Blank\Downloads\proof2010-kb2553272-fullfile-x64-en-us.exe 2015-03-02 12:42 - 2015-03-02 12:42 - 00000197 _____ () C:\Windows\system32\2015-03-02-11-42-28.068-AvastVBoxSVC.exe-3480.log 2015-03-01 18:55 - 2015-03-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-03-01-17-55-48.005-AvastVBoxSVC.exe-3480.log 2015-03-01 12:49 - 2015-03-01 12:49 - 00000197 _____ () C:\Windows\system32\2015-03-01-11-49-42.010-AvastVBoxSVC.exe-4476.log 2015-03-01 00:35 - 2015-03-01 00:35 - 00000197 _____ () C:\Windows\system32\2015-02-28-23-35-52.017-AvastVBoxSVC.exe-3644.log 2015-02-28 19:29 - 2015-02-28 19:29 - 00000197 _____ () C:\Windows\system32\2015-02-28-18-29-27.032-AvastVBoxSVC.exe-3036.log 2015-02-28 12:58 - 2015-03-03 07:44 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\CrashDumps 2015-02-28 12:47 - 2015-02-28 12:47 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2015-02-28 12:47 - 2015-02-28 12:47 - 00000000 ____D () C:\ProgramData\RogueKiller 2015-02-28 12:01 - 2015-02-28 12:01 - 01388274 _____ (Thisisu) C:\Users\Stephan Blank\Downloads\JRT.exe 2015-02-28 12:00 - 2015-02-28 12:01 - 15536728 _____ () C:\Users\Stephan Blank\Downloads\RogueKiller.exe 2015-02-28 11:53 - 2015-02-28 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-28-10-53-27.027-AvastVBoxSVC.exe-3548.log 2015-02-27 23:37 - 2015-02-27 23:38 - 00000197 _____ () C:\Windows\system32\2015-02-27-22-37-58.090-AvastVBoxSVC.exe-3644.log 2015-02-27 18:50 - 2015-02-27 18:50 - 00000247 _____ () C:\Windows\system32\2015-02-27-17-50-21.009-aswFe.exe-5632.log 2015-02-27 18:46 - 2015-02-27 18:46 - 00000197 _____ () C:\Windows\system32\2015-02-27-17-46-55.057-AvastVBoxSVC.exe-5832.log 2015-02-27 11:38 - 2015-02-28 12:40 - 00010661 _____ () C:\Users\Stephan Blank\Documents\Comunio_Marktwerte.xlsx 2015-02-27 11:22 - 2015-02-27 11:23 - 18687064 _____ () C:\Users\Stephan Blank\Downloads\RogueKillerX64.exe 2015-02-27 11:15 - 2015-03-03 11:05 - 00000000 ____D () C:\Sicherung_150227 2015-02-27 11:11 - 2015-03-05 11:50 - 00226783 _____ () C:\Windows\WindowsUpdate.log 2015-02-27 11:11 - 2015-02-27 11:11 - 00000197 _____ () C:\Windows\system32\2015-02-27-10-11-23.058-AvastVBoxSVC.exe-3984.log 2015-02-26 21:16 - 2015-02-26 21:16 - 00000197 _____ () C:\Windows\system32\2015-02-26-20-16-42.091-AvastVBoxSVC.exe-4460.log 2015-02-26 19:39 - 2015-02-26 19:39 - 00000000 ____D () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition 2015-02-26 19:37 - 2015-02-26 19:39 - 14086761 _____ () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition.zip 2015-02-26 18:41 - 2015-02-26 18:41 - 00000197 _____ () C:\Windows\system32\2015-02-26-17-41-36.093-AvastVBoxSVC.exe-4796.log 2015-02-26 14:27 - 2015-02-26 14:27 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-27-51.034-AvastVBoxSVC.exe-4488.log 2015-02-26 14:10 - 2015-02-26 14:10 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-10-20.086-AvastVBoxSVC.exe-3572.log 2015-02-26 12:13 - 2015-02-26 12:13 - 00009608 _____ () C:\Users\Stephan Blank\Documents\Comunio_Spieltag_punkte.xlsx 2015-02-26 12:01 - 2015-02-26 12:01 - 00000197 _____ () C:\Windows\system32\2015-02-26-11-01-19.072-AvastVBoxSVC.exe-4064.log 2015-02-26 11:53 - 2015-02-26 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-26-10-53-07.007-AvastVBoxSVC.exe-3964.log 2015-02-25 22:50 - 2015-02-25 22:50 - 00000197 _____ () C:\Windows\system32\2015-02-25-21-50-52.045-AvastVBoxSVC.exe-4628.log 2015-02-25 15:09 - 2015-02-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-02-25 13:08 - 2015-02-25 13:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-02-25 11:17 - 2015-02-25 11:17 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-17-47.018-AvastVBoxSVC.exe-3720.log 2015-02-25 11:07 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 11:07 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-25 11:00 - 2015-02-25 11:00 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-00-53.059-AvastVBoxSVC.exe-3960.log 2015-02-24 19:24 - 2015-02-24 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-24-18-24-44.078-AvastVBoxSVC.exe-4632.log 2015-02-24 10:44 - 2015-02-24 10:44 - 00000197 _____ () C:\Windows\system32\2015-02-24-09-44-33.000-AvastVBoxSVC.exe-4804.log 2015-02-23 18:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2015-02-23 18:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2015-02-23 18:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2015-02-23 18:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2015-02-23 18:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2015-02-23 18:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2015-02-23 18:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2015-02-23 18:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2015-02-23 18:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2015-02-23 18:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2015-02-23 18:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2015-02-23 18:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2015-02-23 18:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2015-02-23 18:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2015-02-23 18:21 - 2015-02-23 18:21 - 00666160 _____ () C:\Users\Stephan Blank\Downloads\tmnationsforever_setup_CB-DL-Manager.exe 2015-02-23 18:00 - 2015-02-23 18:00 - 00000197 _____ () C:\Windows\system32\2015-02-23-17-00-22.031-AvastVBoxSVC.exe-4492.log 2015-02-23 11:58 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-23 11:58 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-23 11:58 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-23 11:58 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-23 11:09 - 2015-02-23 11:09 - 00000197 _____ () C:\Windows\system32\2015-02-23-10-09-44.024-AvastVBoxSVC.exe-4888.log 2015-02-22 15:43 - 2015-02-22 15:43 - 00000197 _____ () C:\Windows\system32\2015-02-22-14-43-36.013-AvastVBoxSVC.exe-4780.log 2015-02-22 14:07 - 2015-02-22 14:07 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition2.txt 2015-02-22 13:55 - 2015-02-22 13:56 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition.txt 2015-02-22 13:54 - 2015-03-05 13:28 - 00017436 _____ () C:\Users\Stephan Blank\Downloads\FRST.txt 2015-02-22 13:54 - 2015-03-05 13:28 - 00000000 ____D () C:\FRST 2015-02-22 13:49 - 2015-03-05 13:28 - 02092544 _____ (Farbar) C:\Users\Stephan Blank\Downloads\FRST64.exe 2015-02-22 13:37 - 2015-02-23 18:51 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\dlg 2015-02-22 13:07 - 2015-02-22 13:07 - 44240384 _____ () C:\Users\Stephan Blank\Documents\Untitled.avi 2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MonkeyJam 2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonkeyJam 2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Program Files (x86)\MonkeyJam 2015-02-22 12:56 - 2005-02-27 17:11 - 00424960 _____ () C:\Windows\SysWOW64\wavdest.ax 2015-02-22 12:55 - 2015-02-22 12:55 - 00669184 _____ () C:\Users\Stephan Blank\Downloads\MonkeyJamSetup_CB-DL-Manager.exe 2015-02-22 09:57 - 2015-02-22 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-22-08-57-17.056-AvastVBoxSVC.exe-4996.log 2015-02-21 19:44 - 2015-02-21 19:44 - 00000197 _____ () C:\Windows\system32\2015-02-21-18-44-00.009-AvastVBoxSVC.exe-5136.log 2015-02-21 12:48 - 2015-02-21 12:49 - 00000197 _____ () C:\Windows\system32\2015-02-21-11-48-39.033-AvastVBoxSVC.exe-4732.log 2015-02-20 23:48 - 2015-02-20 23:48 - 00000197 _____ () C:\Windows\system32\2015-02-20-22-48-06.023-AvastVBoxSVC.exe-4808.log 2015-02-20 16:16 - 2015-02-20 16:16 - 00000000 ____D () C:\Users\Stephan Blank\Documents\EndNote 2015-02-20 14:00 - 2015-02-20 17:13 - 00000000 ____D () C:\Sicherung_150220 2015-02-20 14:00 - 2015-02-20 14:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-13-00-12.013-AvastVBoxSVC.exe-4648.log 2015-02-20 10:00 - 2015-02-20 10:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-09-00-49.026-AvastVBoxSVC.exe-4848.log 2015-02-19 19:13 - 2015-02-19 19:13 - 00000197 _____ () C:\Windows\system32\2015-02-19-18-13-41.032-AvastVBoxSVC.exe-4420.log 2015-02-19 18:59 - 2015-02-19 18:59 - 00000197 _____ () C:\Windows\system32\2015-02-19-17-59-11.035-AvastVBoxSVC.exe-4384.log 2015-02-19 11:15 - 2015-02-19 11:15 - 00000197 _____ () C:\Windows\system32\2015-02-19-10-15-44.076-AvastVBoxSVC.exe-5312.log 2015-02-19 11:00 - 2015-03-05 11:45 - 00000000 ____D () C:\AdwCleaner 2015-02-19 11:00 - 2015-03-05 11:42 - 02126848 _____ () C:\Users\Stephan Blank\Downloads\AdwCleaner.exe 2015-02-19 10:26 - 2015-02-19 10:26 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\SuperAntiSpyware - CHIP-Installer.exe 2015-02-19 09:40 - 2015-02-19 09:40 - 00000197 _____ () C:\Windows\system32\2015-02-19-08-40-12.013-AvastVBoxSVC.exe-4912.log 2015-02-19 07:44 - 2015-02-19 07:44 - 00000197 _____ () C:\Windows\system32\2015-02-19-06-44-37.007-AvastVBoxSVC.exe-4136.log 2015-02-18 21:04 - 2015-03-05 13:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-18 21:04 - 2015-02-18 22:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-18 21:01 - 2015-02-18 21:01 - 00000197 _____ () C:\Windows\system32\2015-02-18-20-01-27.016-AvastVBoxSVC.exe-4672.log 2015-02-18 10:50 - 2015-02-18 10:50 - 00000197 _____ () C:\Windows\system32\2015-02-18-09-50-38.011-AvastVBoxSVC.exe-5080.log 2015-02-17 21:54 - 2015-02-17 21:54 - 00000197 _____ () C:\Windows\system32\2015-02-17-20-54-53.062-AvastVBoxSVC.exe-3892.log 2015-02-17 20:55 - 2015-02-17 20:55 - 00000000 ____D () C:\Users\Stephan Blank\Documents\My Games 2015-02-17 19:48 - 2015-02-17 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine 2015-02-17 19:46 - 2015-02-19 19:53 - 00000000 ____D () C:\Windows\Panzer Corps 2015-02-17 19:46 - 2015-02-17 19:46 - 00000000 ____D () C:\Program Files (x86)\Slitherine 2015-02-17 18:43 - 2015-02-17 18:43 - 00000197 _____ () C:\Windows\system32\2015-02-17-17-43-17.023-AvastVBoxSVC.exe-4892.log 2015-02-17 16:58 - 2015-02-17 16:58 - 00022833 _____ () C:\Users\Stephan Blank\.recently-used.xbel 2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\Program Files\7-Zip 2015-02-17 12:15 - 2015-02-17 12:15 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\7 Zip 64 Bit - CHIP-Installer.exe 2015-02-17 09:57 - 2015-02-17 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-17-08-57-20.036-AvastVBoxSVC.exe-4472.log 2015-02-16 23:47 - 2015-02-16 23:47 - 00000197 _____ () C:\Windows\system32\2015-02-16-22-47-55.033-AvastVBoxSVC.exe-4364.log 2015-02-16 17:45 - 2015-02-16 17:45 - 00000197 _____ () C:\Windows\system32\2015-02-16-16-45-34.007-AvastVBoxSVC.exe-4508.log 2015-02-16 12:45 - 2015-03-04 16:13 - 00000000 ____D () C:\CC_Registry_Cleaner_Sicherung 2015-02-16 12:42 - 2015-02-16 12:42 - 00002788 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-16 12:17 - 2015-02-16 12:17 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-17-25.063-AvastVBoxSVC.exe-3792.log 2015-02-16 12:12 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-16 12:12 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-16 12:11 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-16 12:11 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-16 12:05 - 2015-02-16 12:05 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-05-03.026-AvastVBoxSVC.exe-4952.log 2015-02-13 13:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-13 13:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-13 13:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-13 13:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-13 13:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-13 13:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-13 13:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-13 13:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-13 13:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-13 13:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-13 13:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-13 13:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-13 13:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-13 13:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-13 13:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-13 13:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-13 13:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-13 13:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-13 13:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-13 13:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-13 13:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-13 13:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-13 13:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-13 13:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-13 13:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-13 13:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-13 13:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-13 13:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-13 13:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-13 13:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-13 13:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-13 13:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-13 13:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-13 13:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-13 13:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-13 13:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-13 13:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-13 13:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-13 13:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-13 13:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-13 13:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-13 13:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-13 13:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-13 13:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-13 13:18 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-13 13:18 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-13 13:18 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-13 13:18 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-13 13:18 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-13 13:18 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-13 13:18 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-13 13:18 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-13 13:18 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-13 13:18 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-13 13:18 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-13 13:18 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-13 13:18 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-13 13:18 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-13 13:18 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-13 13:18 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-13 13:18 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-13 13:18 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-13 13:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-13 13:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-13 13:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-13 13:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-13 13:18 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-13 13:18 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-13 13:18 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-13 13:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-13 13:18 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-13 13:18 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-13 13:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-13 13:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-13 13:17 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-13 13:17 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-13 13:17 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-13 13:17 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-13 13:17 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-13 13:17 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-13 13:17 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-13 13:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-13 13:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-13 13:17 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-13 13:17 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-13 13:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-13 13:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-13 13:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-02-13 13:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-02-13 13:16 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-13 13:16 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-13 13:16 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-13 13:16 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-13 13:16 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-13 13:15 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-13 11:49 - 2015-02-13 11:50 - 00000197 _____ () C:\Windows\system32\2015-02-13-10-49-27.086-AvastVBoxSVC.exe-5248.log 2015-02-12 20:04 - 2015-02-12 20:04 - 00000197 _____ () C:\Windows\system32\2015-02-12-19-04-02.036-AvastVBoxSVC.exe-5068.log 2015-02-12 09:36 - 2015-02-12 09:36 - 00000197 _____ () C:\Windows\system32\2015-02-12-08-36-53.080-AvastVBoxSVC.exe-4912.log 2015-02-11 22:02 - 2015-02-11 22:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-21-02-03.096-AvastVBoxSVC.exe-4948.log 2015-02-11 13:52 - 2015-02-11 13:52 - 00000000 ____D () C:\Users\Stephan Blank\Documents\SigmaPlot 2015-02-11 11:02 - 2015-02-11 11:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-10-02-14.025-AvastVBoxSVC.exe-5088.log 2015-02-10 22:18 - 2015-02-10 22:18 - 00000197 _____ () C:\Windows\system32\2015-02-10-21-18-47.081-AvastVBoxSVC.exe-5508.log 2015-02-10 18:07 - 2015-02-10 18:07 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-07-34.042-AvastVBoxSVC.exe-3116.log 2015-02-10 09:47 - 2015-02-10 09:48 - 00000197 _____ () C:\Windows\system32\2015-02-10-08-47-54.044-AvastVBoxSVC.exe-5356.log 2015-02-09 21:05 - 2015-02-09 21:05 - 00000197 _____ () C:\Windows\system32\2015-02-09-20-05-01.077-AvastVBoxSVC.exe-5312.log 2015-02-09 17:01 - 2015-02-09 16:59 - 00040262 _____ () C:\Users\Stephan Blank\Desktop\Chlorophytes_ML_500Bts_new.mts 2015-02-09 10:47 - 2015-02-09 10:47 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-47-10.007-AvastVBoxSVC.exe-5264.log 2015-02-08 12:39 - 2015-02-23 11:10 - 00003290 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3493849748-3862360928-3587676368-1000 2015-02-08 12:38 - 2015-02-08 12:38 - 00000197 _____ () C:\Windows\system32\2015-02-08-11-38-06.051-AvastVBoxSVC.exe-4388.log 2015-02-07 10:22 - 2015-02-07 10:24 - 19996360 _____ () C:\Users\Stephan Blank\Downloads\DrakensangOnlineSetup.exe 2015-02-07 10:10 - 2015-02-07 10:11 - 00000000 ____D () C:\ProgramData\TuneUp Software 2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\TuneUp Software 2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\TuneUp Software 2015-02-07 10:08 - 2015-02-07 10:10 - 28598072 _____ (TuneUp Software) C:\Users\Stephan Blank\Downloads\TuneUpUtilities2014_34de-DE.exe 2015-02-07 08:24 - 2015-02-07 08:24 - 00000197 _____ () C:\Windows\system32\2015-02-07-07-24-41.003-AvastVBoxSVC.exe-4060.log 2015-02-06 19:37 - 2015-02-06 19:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-18-37-22.058-AvastVBoxSVC.exe-4600.log 2015-02-06 16:44 - 2015-02-06 16:44 - 00000197 _____ () C:\Windows\system32\2015-02-06-15-44-20.081-AvastVBoxSVC.exe-5540.log 2015-02-06 09:36 - 2015-02-06 09:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-08-36-42.058-AvastVBoxSVC.exe-4864.log 2015-02-05 08:36 - 2015-02-05 08:36 - 00000197 _____ () C:\Windows\system32\2015-02-05-07-36-46.016-AvastVBoxSVC.exe-4672.log 2015-02-04 19:24 - 2015-02-04 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-04-18-24-18.086-AvastVBoxSVC.exe-4792.log 2015-02-04 09:38 - 2015-02-04 09:38 - 00000197 _____ () C:\Windows\system32\2015-02-04-08-38-47.084-AvastVBoxSVC.exe-4824.log 2015-02-04 06:03 - 2015-02-04 06:03 - 00000197 _____ () C:\Windows\system32\2015-02-04-05-03-47.086-AvastVBoxSVC.exe-4636.log 2015-02-03 21:28 - 2015-02-03 21:28 - 00000197 _____ () C:\Windows\system32\2015-02-03-20-28-56.007-AvastVBoxSVC.exe-4368.log 2015-02-03 19:44 - 2015-02-03 19:44 - 00000197 _____ () C:\Windows\system32\2015-02-03-18-44-48.043-AvastVBoxSVC.exe-4356.log 2015-02-03 10:55 - 2015-02-03 10:55 - 00000197 _____ () C:\Windows\system32\2015-02-03-09-55-11.031-AvastVBoxSVC.exe-4328.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-05 13:04 - 2015-02-01 13:04 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job 2015-03-05 13:04 - 2015-02-01 13:04 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job 2015-03-05 13:04 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2015-03-05 11:54 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat 2015-03-05 11:54 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat 2015-03-05 11:54 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-05 11:54 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-05 11:54 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-05 11:49 - 2015-01-21 17:32 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\3DataManager 2015-03-05 11:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-05 00:27 - 2015-01-15 23:27 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\vlc 2015-03-03 18:00 - 2015-01-14 13:23 - 00000000 ____D () C:\Program Files (x86)\PDF24 2015-03-03 17:41 - 2015-01-14 13:21 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\PDF24 Creator - CHIP-Installer.exe 2015-03-03 17:11 - 2015-01-14 11:35 - 00000000 ____D () C:\Software 2015-03-03 11:01 - 2015-01-12 17:41 - 00000000 ____D () C:\Biologie_Doktorat 2015-03-01 19:00 - 2015-01-28 10:31 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-03-01 01:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-26 14:14 - 2015-01-09 13:40 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Help 2015-02-26 11:58 - 2015-01-09 13:09 - 00000000 ____D () C:\Program Files (x86)\Sony 2015-02-26 11:57 - 2015-01-08 17:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-26 11:56 - 2015-02-01 12:49 - 00000000 ____D () C:\Program Files (x86)\epson 2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\EPSON 2015-02-25 22:46 - 2015-01-09 14:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-02-25 15:09 - 2015-01-26 23:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox.bak 2015-02-25 14:28 - 2015-01-27 11:49 - 00000000 ____D () C:\Program Files\Java 2015-02-24 19:28 - 2015-01-27 12:25 - 00003866 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422357903 2015-02-24 19:28 - 2015-01-27 12:24 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-02-23 12:01 - 2015-01-28 13:22 - 00000000 ____D () C:\ComputerPflege 2015-02-20 16:26 - 2015-01-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer 2015-02-20 16:14 - 2015-01-14 17:11 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\EndNote 2015-02-19 16:47 - 2015-01-12 17:35 - 00000000 ____D () C:\DETECTIVE_150303 2015-02-19 11:49 - 2015-01-08 18:06 - 00000218 _____ () C:\Windows\SysWOW64\grucp51.tgz 2015-02-19 11:49 - 2015-01-08 18:06 - 00000204 _____ () C:\Windows\SysWOW64\grucp51.dll 2015-02-19 11:49 - 2015-01-08 18:06 - 00000114 _____ () C:\Windows\SysWOW64\prsgrc.tgz 2015-02-19 11:49 - 2015-01-08 18:06 - 00000100 _____ () C:\Windows\SysWOW64\prsgrc.dll 2015-02-19 11:49 - 2015-01-08 18:06 - 00000086 _____ () C:\Windows\SysWOW64\ssprs.tgz 2015-02-18 22:02 - 2015-01-15 22:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-18 22:02 - 2015-01-15 22:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-17 20:30 - 2015-01-21 17:30 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Games 2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Users\Public\Documents\EndNote 2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote 2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Program Files (x86)\EndNote X7 2015-02-17 17:19 - 2015-01-14 16:59 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers 2015-02-17 17:19 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank 2015-02-17 17:01 - 2015-01-20 14:46 - 00000000 ____D () C:\Users\Stephan Blank\.gimp-2.6 2015-02-17 16:58 - 2015-01-20 15:06 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\gtk-2.0 2015-02-17 15:10 - 2015-01-27 13:50 - 00000000 ____D () C:\Windows\pss 2015-02-17 13:35 - 2015-01-19 12:16 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MEGA_Global 2015-02-16 14:19 - 2015-01-12 17:29 - 00000000 ____D () C:\SonstigesAsus 2015-02-16 12:43 - 2015-01-28 06:40 - 00000000 ____D () C:\Windows\Minidump 2015-02-16 12:43 - 2015-01-08 16:12 - 00000000 ____D () C:\Windows\Panther 2015-02-16 12:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2015-02-13 14:32 - 2009-07-14 05:45 - 00341880 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-13 13:30 - 2015-01-09 13:40 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-13 13:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-02-13 13:26 - 2015-01-08 18:56 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-13 13:21 - 2015-01-08 18:56 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-11 10:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-08 13:16 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\VirtualStore 2015-02-07 10:09 - 2015-01-16 13:15 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\DVDVideoSoft 2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft ==================== Files in the root of some directories ======= 2015-01-14 12:55 - 2015-01-14 12:55 - 0000057 _____ () C:\ProgramData\Ament.ini Some content of TEMP: ==================== C:\Users\Stephan Blank\AppData\Local\Temp\Quarantine.exe C:\Users\Stephan Blank\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-02-23 21:22 ==================== End Of Log ============================ GMER log:GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2015-03-05 13:47:10 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 SAMSUNG_ rev.2AC1 465,76GB Running: Gmer-19357.exe; Driver: C:\Users\STEPHA~1\AppData\Local\Temp\uwtiykoc.sys ---- User code sections - GMER 2.1 ---- .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000767b1401 2 bytes JMP 773eb21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000767b1419 2 bytes JMP 773eb346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000767b1431 2 bytes JMP 77468ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000767b144a 2 bytes CALL 773c48ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000767b14dd 2 bytes JMP 774687a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000767b14f5 2 bytes JMP 77468978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000767b150d 2 bytes JMP 77468698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000767b1525 2 bytes JMP 77468a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000767b153d 2 bytes JMP 773dfca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000767b1555 2 bytes JMP 773e68ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000767b156d 2 bytes JMP 77468f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000767b1585 2 bytes JMP 77468ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000767b159d 2 bytes JMP 7746865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000767b15b5 2 bytes JMP 773dfd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000767b15cd 2 bytes JMP 773eb2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000767b16b2 2 bytes JMP 77468e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe[1304] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000767b16bd 2 bytes JMP 774685f1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExW + 17 00000000767b1401 2 bytes JMP 773eb21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!EnumProcessModules + 17 00000000767b1419 2 bytes JMP 773eb346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 17 00000000767b1431 2 bytes JMP 77468ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 42 00000000767b144a 2 bytes CALL 773c48ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!EnumDeviceDrivers + 17 00000000767b14dd 2 bytes JMP 774687a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameA + 17 00000000767b14f5 2 bytes JMP 77468978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!QueryWorkingSetEx + 17 00000000767b150d 2 bytes JMP 77468698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetDeviceDriverBaseNameW + 17 00000000767b1525 2 bytes JMP 77468a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameW + 17 00000000767b153d 2 bytes JMP 773dfca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!EnumProcesses + 17 00000000767b1555 2 bytes JMP 773e68ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetProcessMemoryInfo + 17 00000000767b156d 2 bytes JMP 77468f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetPerformanceInfo + 17 00000000767b1585 2 bytes JMP 77468ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!QueryWorkingSet + 17 00000000767b159d 2 bytes JMP 7746865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleBaseNameA + 17 00000000767b15b5 2 bytes JMP 773dfd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetModuleFileNameExA + 17 00000000767b15cd 2 bytes JMP 773eb2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 20 00000000767b16b2 2 bytes JMP 77468e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe[2772] C:\Windows\syswow64\psapi.dll!GetProcessImageFileNameW + 31 00000000767b16bd 2 bytes JMP 774685f1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 00000000767b1401 2 bytes JMP 773eb21b C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 00000000767b1419 2 bytes JMP 773eb346 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 00000000767b1431 2 bytes JMP 77468ea9 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 00000000767b144a 2 bytes CALL 773c48ad C:\Windows\syswow64\kernel32.dll .text ... * 9 .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 00000000767b14dd 2 bytes JMP 774687a2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 00000000767b14f5 2 bytes JMP 77468978 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 00000000767b150d 2 bytes JMP 77468698 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 00000000767b1525 2 bytes JMP 77468a62 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 00000000767b153d 2 bytes JMP 773dfca8 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 00000000767b1555 2 bytes JMP 773e68ef C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 00000000767b156d 2 bytes JMP 77468f61 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 00000000767b1585 2 bytes JMP 77468ac2 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 00000000767b159d 2 bytes JMP 7746865c C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 00000000767b15b5 2 bytes JMP 773dfd41 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 00000000767b15cd 2 bytes JMP 773eb2dc C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 00000000767b16b2 2 bytes JMP 77468e24 C:\Windows\syswow64\kernel32.dll .text C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe[2860] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 00000000767b16bd 2 bytes JMP 774685f1 C:\Windows\syswow64\kernel32.dll .text C:\Program Files\AVAST Software\Avast\avastui.exe[3588] C:\Windows\syswow64\kernel32.dll!SetUnhandledExceptionFilter 00000000773c8791 8 bytes [31, C0, C2, 04, 00, 90, 90, ...] ---- Threads - GMER 2.1 ---- Thread C:\Windows\SysWOW64\DllHost.exe [3292:3708] 000000006f4428f0 ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\3859f9ee31e8 Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\3859f9ee31e8 (not active ControlSet) ---- EOF - GMER 2.1 ---- spybot: Search results from Spybot - Search & Destroy 05.03.2015 11:40:53 Scan took 00:31:36. 13 items found. Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done) C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar.sol Properties.size=74 Properties.md5=896E6834D2D7C9E2D750A993416E7FA3 Properties.filedate=1425550538 Properties.filedatetext=2015-03-05 11:15:37 Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done) C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar_temp.sol Properties.size=79 Properties.md5=764EFBC25B7B434B13EEC599F272F7BF Properties.filedate=1425550538 Properties.filedatetext=2015-03-05 11:15:37 Macromedia.FlashPlayer.Cookies: [SBI $6AA61750] Text file (File, nothing done) C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggMCvar_1.sol Properties.size=74 Properties.md5=CB280533C96E47084D94C734890276A8 Properties.filedate=1425550991 Properties.filedatetext=2015-03-05 11:23:10 DoubleClick: [SBI $4E2AF2AC] Tracking cookie (Firefox: Stephan Blank (default)) (Browser: Cookie, nothing done) Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources Windows: [SBI $1E4E2003] Drivers installation paths (Registry Change, nothing done) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources Windows Explorer: [SBI $AA0766B5] Stream history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done) HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs Windows Media SDK: [SBI $37AAEDE6] Computer name (Registry Change, nothing done) HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName Windows Media SDK: [SBI $CAA58B6E] Unique ID (Registry Change, nothing done) HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID Windows Media SDK: [SBI $BACCD0DA] Volume serial number (Registry Value, nothing done) HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber Cookie: [SBI $49804B54] Browser: Cookie (116) (Browser: Cookie, nothing done) Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done) --- Spybot - Search & Destroy version: 2.4.40.131 DLL (build: 20140425) --- 2014-06-24 blindman.exe (2.4.40.151) 2014-06-24 explorer.exe (2.4.40.181) 2014-06-24 SDBootCD.exe (2.4.40.109) 2014-06-24 SDCleaner.exe (2.4.40.110) 2014-06-24 SDDelFile.exe (2.4.40.94) 2013-06-18 SDDisableProxy.exe 2014-06-24 SDFiles.exe (2.4.40.135) 2014-06-24 SDFileScanHelper.exe (2.4.40.1) 2014-06-24 SDFSSvc.exe (2.4.40.217) 2014-06-24 SDHelp.exe (2.4.40.1) 2014-04-25 SDHookHelper.exe (2.3.39.2) 2014-04-25 SDHookInst32.exe (2.3.39.2) 2014-04-25 SDHookInst64.exe (2.3.39.2) 2014-06-24 SDImmunize.exe (2.4.40.130) 2014-06-24 SDLogReport.exe (2.4.40.107) 2014-06-24 SDOnAccess.exe (2.4.40.11) 2014-06-24 SDPESetup.exe (2.4.40.3) 2014-06-24 SDPEStart.exe (2.4.40.86) 2014-06-24 SDPhoneScan.exe (2.4.40.28) 2014-06-24 SDPRE.exe (2.4.40.22) 2014-06-24 SDPrepPos.exe (2.4.40.15) 2014-06-24 SDQuarantine.exe (2.4.40.103) 2014-06-24 SDRootAlyzer.exe (2.4.40.116) 2014-06-24 SDSBIEdit.exe (2.4.40.39) 2014-06-24 SDScan.exe (2.4.40.181) 2014-06-24 SDScript.exe (2.4.40.54) 2014-06-24 SDSettings.exe (2.4.40.139) 2014-06-24 SDShell.exe (2.4.40.2) 2014-06-24 SDShred.exe (2.4.40.108) 2014-06-24 SDSysRepair.exe (2.4.40.102) 2014-06-24 SDTools.exe (2.4.40.157) 2014-06-24 SDTray.exe (2.4.40.129) 2014-06-27 SDUpdate.exe (2.4.40.94) 2014-06-27 SDUpdSvc.exe (2.4.40.77) 2014-06-24 SDWelcome.exe (2.4.40.130) 2014-04-25 SDWSCSvc.exe (2.3.39.2) 2014-05-20 spybotsd2-install-bdcore-update.exe (2.3.39.0) 2014-07-31 spybotsd2-translation-esx.exe 2013-06-19 spybotsd2-translation-frx.exe 2014-08-25 spybotsd2-translation-hux2.exe 2014-10-01 spybotsd2-translation-nlx2.exe 2014-11-05 spybotsd2-translation-ukx.exe 2015-01-28 unins000.exe (51.1052.0.0) 1999-12-02 xcacls.exe 2012-08-23 borlndmm.dll (10.0.2288.42451) 2012-09-05 DelZip190.dll (1.9.0.107) 2012-09-10 libeay32.dll (1.0.0.4) 2012-09-10 libssl32.dll (1.0.0.4) 2014-04-25 NotificationSpreader.dll 2014-06-24 SDAdvancedCheckLibrary.dll (2.4.40.98) 2014-04-25 SDAV.dll 2014-06-24 SDECon32.dll (2.4.40.114) 2014-06-24 SDECon64.dll (2.3.39.113) 2014-06-24 SDEvents.dll (2.4.40.2) 2014-06-24 SDFileScanLibrary.dll (2.4.40.14) 2014-04-25 SDHook32.dll (2.3.39.2) 2014-04-25 SDHook64.dll (2.3.39.2) 2014-06-24 SDImmunizeLibrary.dll (2.4.40.2) 2014-06-24 SDLicense.dll (2.4.40.0) 2014-06-24 SDLists.dll (2.4.40.4) 2014-06-24 SDResources.dll (2.4.40.7) 2014-06-24 SDScanLibrary.dll (2.4.40.131) 2014-06-24 SDTasks.dll (2.4.40.15) 2014-06-24 SDWinLogon.dll (2.4.40.0) 2012-08-23 sqlite3.dll 2012-09-10 ssleay32.dll (1.0.0.4) 2014-06-24 Tools.dll (2.4.40.36) 2014-03-05 Includes\Adware-000.sbi (*) 2014-01-08 Includes\Adware-001.sbi (*) 2015-02-25 Includes\Adware-C.sbi (*) 2014-01-13 Includes\Adware.sbi (*) 2014-01-13 Includes\AdwareC.sbi (*) 2010-08-13 Includes\Cookies.sbi (*) 2014-11-14 Includes\Dialer-000.sbi (*) 2014-11-14 Includes\Dialer-001.sbi (*) 2014-01-08 Includes\Dialer-C.sbi (*) 2014-01-13 Includes\Dialer.sbi (*) 2014-01-13 Includes\DialerC.sbi (*) 2014-01-09 Includes\Fraud-000.sbi (*) 2014-01-09 Includes\Fraud-001.sbi (*) 2014-03-31 Includes\Fraud-002.sbi (*) 2014-01-09 Includes\Fraud-003.sbi (*) 2012-11-14 Includes\HeavyDuty.sbi (*) 2014-11-14 Includes\Hijackers-000.sbi (*) 2014-11-14 Includes\Hijackers-001.sbi (*) 2014-01-08 Includes\Hijackers-C.sbi (*) 2014-01-13 Includes\Hijackers.sbi (*) 2014-01-13 Includes\HijackersC.sbi (*) 2014-01-08 Includes\iPhone-000.sbi (*) 2014-01-08 Includes\iPhone.sbi (*) 2014-11-14 Includes\Keyloggers-000.sbi (*) 2014-09-24 Includes\Keyloggers-C.sbi (*) 2014-01-13 Includes\Keyloggers.sbi (*) 2014-01-13 Includes\KeyloggersC.sbi (*) 2014-11-14 Includes\Malware-000.sbi (*) 2014-11-14 Includes\Malware-001.sbi (*) 2014-11-14 Includes\Malware-002.sbi (*) 2014-11-14 Includes\Malware-003.sbi (*) 2014-11-14 Includes\Malware-004.sbi (*) 2014-11-14 Includes\Malware-005.sbi (*) 2014-02-26 Includes\Malware-006.sbi (*) 2014-01-09 Includes\Malware-007.sbi (*) 2015-02-25 Includes\Malware-C.sbi (*) 2014-01-13 Includes\Malware.sbi (*) 2013-12-23 Includes\MalwareC.sbi (*) 2014-11-14 Includes\PUPS-000.sbi (*) 2014-01-15 Includes\PUPS-001.sbi (*) 2014-01-15 Includes\PUPS-002.sbi (*) 2015-02-25 Includes\PUPS-C.sbi (*) 2012-11-14 Includes\PUPS.sbi (*) 2014-01-07 Includes\PUPSC.sbi (*) 2014-01-08 Includes\Security-000.sbi (*) 2014-01-08 Includes\Security-C.sbi (*) 2014-01-21 Includes\Security.sbi (*) 2014-01-21 Includes\SecurityC.sbi (*) 2014-11-14 Includes\Spyware-000.sbi (*) 2014-12-10 Includes\Spyware-001.sbi (*) 2015-01-14 Includes\Spyware-C.sbi (*) 2014-01-21 Includes\Spyware.sbi (*) 2014-01-21 Includes\SpywareC.sbi (*) 2011-06-07 Includes\Tracks.sbi (*) 2012-11-19 Includes\Tracks.uti (*) 2014-01-15 Includes\Trojans-000.sbi (*) 2014-01-15 Includes\Trojans-001.sbi (*) 2014-11-14 Includes\Trojans-002.sbi (*) 2014-01-15 Includes\Trojans-003.sbi (*) 2014-01-15 Includes\Trojans-004.sbi (*) 2014-03-19 Includes\Trojans-005.sbi (*) 2014-07-09 Includes\Trojans-006.sbi (*) 2014-01-15 Includes\Trojans-007.sbi (*) 2014-07-09 Includes\Trojans-008.sbi (*) 2014-07-09 Includes\Trojans-009.sbi (*) 2015-02-25 Includes\Trojans-C.sbi (*) 2014-01-15 Includes\Trojans-OG-000.sbi (*) 2014-01-15 Includes\Trojans-TD-000.sbi (*) 2014-01-15 Includes\Trojans-VM-000.sbi (*) 2014-01-15 Includes\Trojans-VM-001.sbi (*) 2014-01-15 Includes\Trojans-VM-002.sbi (*) 2014-01-15 Includes\Trojans-VM-003.sbi (*) 2014-01-15 Includes\Trojans-VM-004.sbi (*) 2014-01-15 Includes\Trojans-VM-005.sbi (*) 2014-01-15 Includes\Trojans-VM-006.sbi (*) 2014-01-15 Includes\Trojans-VM-007.sbi (*) 2014-01-15 Includes\Trojans-VM-008.sbi (*) 2014-01-15 Includes\Trojans-VM-009.sbi (*) 2014-01-15 Includes\Trojans-VM-010.sbi (*) 2014-01-15 Includes\Trojans-VM-011.sbi (*) 2014-01-15 Includes\Trojans-VM-012.sbi (*) 2014-01-15 Includes\Trojans-VM-013.sbi (*) 2014-01-15 Includes\Trojans-VM-014.sbi (*) 2014-01-15 Includes\Trojans-VM-015.sbi (*) 2014-01-15 Includes\Trojans-VM-016.sbi (*) 2014-01-15 Includes\Trojans-VM-017.sbi (*) 2014-01-15 Includes\Trojans-VM-018.sbi (*) 2014-01-15 Includes\Trojans-VM-019.sbi (*) 2014-01-15 Includes\Trojans-VM-020.sbi (*) 2014-01-15 Includes\Trojans-VM-021.sbi (*) 2014-01-15 Includes\Trojans-VM-022.sbi (*) 2014-01-15 Includes\Trojans-VM-023.sbi (*) 2014-01-15 Includes\Trojans-VM-024.sbi (*) 2014-01-15 Includes\Trojans-ZB-000.sbi (*) 2014-01-15 Includes\Trojans-ZL-000.sbi (*) 2014-01-09 Includes\Trojans.sbi (*) 2014-01-16 Includes\TrojansC-01.sbi (*) 2014-01-16 Includes\TrojansC-02.sbi (*) 2014-01-16 Includes\TrojansC-03.sbi (*) 2014-01-16 Includes\TrojansC-04.sbi (*) 2014-01-16 Includes\TrojansC-05.sbi (*) 2014-01-09 Includes\TrojansC.sbi (*) [i] 15-03-05 11:41:20 [i] 15-03-05 11:41:20 Product Macromedia.FlashPlayer.Cookies [+] 15-03-05 11:41:20 Moving into quarantine C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar.sol [+] 15-03-05 11:41:20 Moving into quarantine C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar_temp.sol [+] 15-03-05 11:41:20 Moving into quarantine C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggMCvar_1.sol [+] 15-03-05 11:41:20 Successfully cleaned C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar.sol [+] 15-03-05 11:41:20 Successfully cleaned C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggCvar_temp.sol [+] 15-03-05 11:41:20 Successfully cleaned C:\Users\Stephan Blank\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U5CQZUFD\secure-uk.imrworldwide.com\_ggMCvar_1.sol [i] 15-03-05 11:41:20 [i] 15-03-05 11:41:20 Product DoubleClick [+] 15-03-05 11:41:20 Moving into quarantine Cookie (Firefox: Stephan Blank (default)).doubleclick.net/ (test_cookie) [+] 15-03-05 11:41:20 Successfully cleaned Cookie (Firefox: Stephan Blank (default)).doubleclick.net/ (test_cookie) [i] 15-03-05 11:41:20 [i] 15-03-05 11:41:20 Product Windows [+] 15-03-05 11:41:20 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources [+] 15-03-05 11:41:20 Moving into quarantine HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources [+] 15-03-05 11:41:20 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources [+] 15-03-05 11:41:20 Successfully cleaned HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\Installation Sources [i] 15-03-05 11:41:20 [i] 15-03-05 11:41:20 Product Windows Explorer [+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU [+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs [+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU [+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs [i] 15-03-05 11:41:20 [i] 15-03-05 11:41:20 Product Windows Media SDK [+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName [+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID [+] 15-03-05 11:41:20 Moving into quarantine HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber [+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\ComputerName [+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\UniqueID [+] 15-03-05 11:41:20 Successfully cleaned HKEY_USERS\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Windows Media\WMSDK\General\VolumeSerialNumber [i] 15-03-05 11:41:20 [i] 15-03-05 11:41:20 Product Cookie [+] 15-03-05 11:41:20 Moving into quarantine Firefox (Stephan Blank (default))Cookies [+] 15-03-05 11:41:20 Moving into quarantine Thunderbird (Stephan Blank (default))Cookies [+] 15-03-05 11:41:20 Successfully cleaned Firefox (Stephan Blank (default))Cookies [+] 15-03-05 11:41:20 Successfully cleaned Thunderbird (Stephan Blank (default))Cookies [i] 15-03-05 11:41:20 [i] 15-03-05 11:41:20 Summary [i] 15-03-05 11:41:20 Errors while cleaning 0 [i] 15-03-05 11:41:20 Files moved into quarantine 13 [i] 15-03-05 11:41:20 Files successfully cleaned 13 |
05.03.2015, 15:31 | #2 |
/// the machine /// TB-Ausbilder | CPU sark beansprucht! Lüfter laut! HI,
__________________Addition.txt fehlt noch.
__________________ |
05.03.2015, 16:44 | #3 |
| CPU sark beansprucht! Lüfter laut! Hallo,
__________________danke für die Antwort. Leider konnte ich den Addition.txt nicht finden. Kann ich den denn irgendwo noch aufspüren? |
06.03.2015, 10:12 | #4 |
/// the machine /// TB-Ausbilder | CPU sark beansprucht! Lüfter laut! FRST öffnen, Haken setzen bei Addition und scannen, poste bitte beide Logs.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
06.03.2015, 13:16 | #5 |
| CPU sark beansprucht! Lüfter laut! Hallo Schrauber, gut dass es nochmal geht. War kein Problem. Vielen Dank! Gruß Stephan Hier ist der neue FRST-logs: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-03-2015 01 Ran by Stephan Blank (administrator) on STEPHANBLANK-PC on 06-03-2015 12:45:06 Running from C:\Users\Stephan Blank\Downloads Loaded Profiles: Stephan Blank (Available profiles: Stephan Blank) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe () C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe (Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe (CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe (Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbService.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe () C:\Program Files (x86)\3DataManager\WTGService.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe (Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe (Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (WebToGo Mobile Internet GmbH) C:\Program Files (x86)\3DataManager\3DataManager.exe () C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1933584 2011-01-05] (Intel(R) Corporation) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-12-22] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2015-01-28] (AVAST Software) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [193568 2014-11-28] (Geek Software GmbH) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: F - F:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {00490a07-9cac-11e4-bf34-001e101f859f} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {6e697069-a002-11e4-ab98-3859f9ee31e8} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310d93-a189-11e4-9379-3859f9ee31e8} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7a310dbd-a189-11e4-9379-3859f9ee31e8} - F:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb29f-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7d9bb4ac-9749-11e4-9612-a28eab9fc5b2} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {7ef47728-97fd-11e4-899c-f0bf9768a697} - F:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {91b7f05d-a172-11e4-b755-001e101f4da1} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {9352db18-9cf9-11e4-9e18-806e6f6e6963} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e16dc10a-a260-11e4-9ab7-3859f9ee31e8} - G:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {e31f1bce-9fc2-11e4-8d44-f0bf9768a697} - E:\AutoRun.exe HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\MountPoints2: {eff3f5c1-9a74-11e4-a959-001e101f8aaa} - F:\Startme.exe ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Österreich - jetzt mit dem Hotmail-Nachfolger Outlook und Skype SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Tcpip\..\Interfaces\{8F209CFD-1138-4000-B708-6117B200EA23}: [NameServer] 213.94.78.17 213.94.78.16 Tcpip\..\Interfaces\{BD5E0201-A624-4C66-8AE3-0E68D7A650AA}: [NameServer] 213.94.78.16 213.94.78.17 FireFox: ======== FF ProfilePath: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll () FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll () FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin HKU\S-1-5-21-3493849748-3862360928-3587676368-1000: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.) FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-images.xml FF SearchPlugin: C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\searchplugins\google-maps.xml FF Extension: Cliqz Beta - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\cliqz@cliqz.com.xpi [2015-01-15] FF Extension: Adblock Plus - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-09] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-01-28] FF HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Stephan Blank\AppData\Roaming\Mozilla\Firefox\Profiles\tfhq71zo.default\extensions\cliqz@cliqz.com Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-01-28] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-01-28] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2015-01-28] (AVAST Software) R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2015-01-28] (Avast Software) R2 BecHelperService; C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe [1740696 2011-03-23] () R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed] R2 CobianBackup11; C:\Program Files (x86)\Cobian Backup 11\cbService.exe [1131008 2013-03-07] (Luis Cobian, CobianSoft) [File not signed] R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-01-05] () R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WTGService; C:\Program Files (x86)\3DataManager\WTGService.exe [346832 2012-12-12] () R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2015-01-28] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2015-01-28] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2015-01-28] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2015-01-28] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2015-01-28] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2015-01-28] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2015-01-28] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2015-01-28] () S2 mdvrmng; C:\Windows\SysWOW64\drivers\mdvrmng.sys [10240 2011-03-23] () [File not signed] S3 s1029bus; C:\Windows\System32\DRIVERS\s1029bus.sys [116264 2009-05-25] (MCCI Corporation) S3 s1029mdfl; C:\Windows\System32\DRIVERS\s1029mdfl.sys [19496 2009-05-25] (MCCI Corporation) S3 s1029mdm; C:\Windows\System32\DRIVERS\s1029mdm.sys [158760 2009-05-25] (MCCI Corporation) S3 s1029mgmt; C:\Windows\System32\DRIVERS\s1029mgmt.sys [139304 2009-05-25] (MCCI Corporation) S3 s1029nd5; C:\Windows\System32\DRIVERS\s1029nd5.sys [34856 2009-05-25] (MCCI Corporation) S3 s1029obex; C:\Windows\System32\DRIVERS\s1029obex.sys [135208 2009-05-25] (MCCI Corporation) S3 s1029unic; C:\Windows\System32\DRIVERS\s1029unic.sys [151592 2009-05-25] (MCCI Corporation) U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-28] () R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2015-01-28] (Avast Software) R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.) S3 avchv; system32\DRIVERS\avchv.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-06 12:33 - 2015-03-06 12:33 - 00000197 _____ () C:\Windows\system32\2015-03-06-11-33-34.016-AvastVBoxSVC.exe-3456.log 2015-03-06 12:31 - 2015-03-06 12:31 - 00000056 _____ () C:\Windows\setupact.log 2015-03-06 12:31 - 2015-03-06 12:31 - 00000000 _____ () C:\Windows\setuperr.log 2015-03-06 09:14 - 2015-03-06 09:14 - 00000197 _____ () C:\Windows\system32\2015-03-06-08-14-11.074-AvastVBoxSVC.exe-4788.log 2015-03-06 03:32 - 2015-03-06 03:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2015-03-06 03:08 - 2015-03-06 03:08 - 00000197 _____ () C:\Windows\system32\2015-03-06-02-08-27.065-AvastVBoxSVC.exe-3544.log 2015-03-05 19:42 - 2015-03-05 19:42 - 00000197 _____ () C:\Windows\system32\2015-03-05-18-42-20.017-AvastVBoxSVC.exe-4324.log 2015-03-05 14:45 - 2015-03-05 14:45 - 00002092 _____ () C:\Users\Stephan Blank\Desktop\Prime95 - CHIP Downloader.lnk 2015-03-05 14:44 - 2015-03-05 14:44 - 00000000 ____D () C:\Users\Stephan Blank\Downloads\p95v285.win64 2015-03-05 14:42 - 2015-03-05 14:42 - 05378177 _____ () C:\Users\Stephan Blank\Downloads\p95v285.win64.zip 2015-03-05 14:41 - 2015-03-05 14:41 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\Prime95 - CHIP-Installer.exe 2015-03-05 14:17 - 2015-03-05 11:41 - 00004442 _____ () C:\Users\Stephan Blank\Desktop\150305-110916.xml.cleaning.log 2015-03-05 14:17 - 2015-03-05 11:40 - 00009697 _____ () C:\Users\Stephan Blank\Desktop\Checks.150305-1140.txt 2015-03-05 13:57 - 2015-03-05 13:57 - 00000197 _____ () C:\Windows\system32\2015-03-05-12-57-46.087-AvastVBoxSVC.exe-3476.log 2015-03-05 13:47 - 2015-03-05 13:47 - 00012196 _____ () C:\Users\Stephan Blank\Desktop\GMER.log 2015-03-05 13:37 - 2015-03-05 13:37 - 00380416 _____ () C:\Users\Stephan Blank\Downloads\Gmer-19357.exe 2015-03-05 13:21 - 2015-03-05 13:21 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Stephan Blank\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-05 11:49 - 2015-03-05 11:49 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-49-23.062-AvastVBoxSVC.exe-4648.log 2015-03-05 11:06 - 2015-03-05 11:06 - 00000197 _____ () C:\Windows\system32\2015-03-05-10-06-25.074-AvastVBoxSVC.exe-4712.log 2015-03-04 21:19 - 2015-03-04 21:19 - 00000197 _____ () C:\Windows\system32\2015-03-04-20-19-14.018-AvastVBoxSVC.exe-3796.log 2015-03-04 10:44 - 2015-03-04 10:44 - 00000197 _____ () C:\Windows\system32\2015-03-04-09-44-05.019-AvastVBoxSVC.exe-3184.log 2015-03-04 09:03 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-08-03-42.054-aswFe.exe-488.log 2015-03-04 08:55 - 2015-03-04 09:03 - 00000247 _____ () C:\Windows\system32\2015-03-04-07-55-28.024-aswFe.exe-5172.log 2015-03-04 08:55 - 2015-03-04 08:55 - 00000197 _____ () C:\Windows\system32\2015-03-04-07-55-19.052-AvastVBoxSVC.exe-5608.log 2015-03-03 21:28 - 2015-03-03 21:28 - 00000197 _____ () C:\Windows\system32\2015-03-03-20-28-47.001-AvastVBoxSVC.exe-3492.log 2015-03-03 18:04 - 2015-03-03 18:04 - 00000197 _____ () C:\Windows\system32\2015-03-03-17-04-42.022-AvastVBoxSVC.exe-4500.log 2015-03-03 17:45 - 2015-03-03 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 2015-03-03 17:42 - 2015-03-03 17:43 - 16342352 _____ (Geek Software GmbH ) C:\Users\Stephan Blank\Downloads\pdf24-creator-6.9.2.exe 2015-03-03 17:12 - 2015-03-04 16:12 - 00000000 ____D () C:\Program Files (x86)\PDFCreator 2015-03-03 17:12 - 2015-03-03 17:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator 2015-03-03 17:12 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\system32\pdfcmnnt.dll 2015-03-03 17:12 - 1998-07-06 17:56 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL 2015-03-03 17:12 - 1998-07-06 17:55 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL 2015-03-03 17:12 - 1998-07-06 17:55 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCC2DE.DLL 2015-03-03 17:12 - 1998-07-06 00:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMPIDE.DLL 2015-03-03 17:12 - 1998-06-24 00:00 - 00137000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSMAPI32.OCX 2015-03-03 15:17 - 2015-03-03 15:17 - 00000197 _____ () C:\Windows\system32\2015-03-03-14-17-43.089-AvastVBoxSVC.exe-3492.log 2015-03-03 10:54 - 2015-03-03 10:54 - 00000197 _____ () C:\Windows\system32\2015-03-03-09-54-07.085-AvastVBoxSVC.exe-3540.log 2015-03-03 08:23 - 2015-03-03 08:23 - 00000197 _____ () C:\Windows\system32\2015-03-03-07-23-09.086-AvastVBoxSVC.exe-3604.log 2015-03-03 07:31 - 2015-03-03 07:31 - 00000197 _____ () C:\Windows\system32\2015-03-03-06-31-39.003-AvastVBoxSVC.exe-3576.log 2015-03-02 23:00 - 2015-03-02 23:00 - 00000197 _____ () C:\Windows\system32\2015-03-02-22-00-48.075-AvastVBoxSVC.exe-3520.log 2015-03-02 20:05 - 2015-03-02 20:05 - 00000197 _____ () C:\Windows\system32\2015-03-02-19-05-41.014-AvastVBoxSVC.exe-4720.log 2015-03-02 12:53 - 2015-03-02 12:53 - 01728888 _____ (Microsoft Corporation) C:\Users\Stephan Blank\Downloads\proof2010-kb2553272-fullfile-x64-en-us.exe 2015-03-02 12:42 - 2015-03-02 12:42 - 00000197 _____ () C:\Windows\system32\2015-03-02-11-42-28.068-AvastVBoxSVC.exe-3480.log 2015-03-01 18:55 - 2015-03-01 18:55 - 00000197 _____ () C:\Windows\system32\2015-03-01-17-55-48.005-AvastVBoxSVC.exe-3480.log 2015-03-01 12:49 - 2015-03-01 12:49 - 00000197 _____ () C:\Windows\system32\2015-03-01-11-49-42.010-AvastVBoxSVC.exe-4476.log 2015-03-01 00:35 - 2015-03-01 00:35 - 00000197 _____ () C:\Windows\system32\2015-02-28-23-35-52.017-AvastVBoxSVC.exe-3644.log 2015-02-28 19:29 - 2015-02-28 19:29 - 00000197 _____ () C:\Windows\system32\2015-02-28-18-29-27.032-AvastVBoxSVC.exe-3036.log 2015-02-28 12:58 - 2015-03-05 18:08 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\CrashDumps 2015-02-28 12:47 - 2015-02-28 12:47 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2015-02-28 12:47 - 2015-02-28 12:47 - 00000000 ____D () C:\ProgramData\RogueKiller 2015-02-28 12:01 - 2015-02-28 12:01 - 01388274 _____ (Thisisu) C:\Users\Stephan Blank\Downloads\JRT.exe 2015-02-28 12:00 - 2015-02-28 12:01 - 15536728 _____ () C:\Users\Stephan Blank\Downloads\RogueKiller.exe 2015-02-28 11:53 - 2015-02-28 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-28-10-53-27.027-AvastVBoxSVC.exe-3548.log 2015-02-27 23:37 - 2015-02-27 23:38 - 00000197 _____ () C:\Windows\system32\2015-02-27-22-37-58.090-AvastVBoxSVC.exe-3644.log 2015-02-27 18:50 - 2015-02-27 18:50 - 00000247 _____ () C:\Windows\system32\2015-02-27-17-50-21.009-aswFe.exe-5632.log 2015-02-27 18:46 - 2015-02-27 18:46 - 00000197 _____ () C:\Windows\system32\2015-02-27-17-46-55.057-AvastVBoxSVC.exe-5832.log 2015-02-27 11:38 - 2015-03-06 11:04 - 00011800 _____ () C:\Users\Stephan Blank\Documents\Comunio_Marktwerte.xlsx 2015-02-27 11:22 - 2015-02-27 11:23 - 18687064 _____ () C:\Users\Stephan Blank\Downloads\RogueKillerX64.exe 2015-02-27 11:15 - 2015-03-03 11:05 - 00000000 ____D () C:\Sicherung_150227 2015-02-27 11:11 - 2015-03-06 12:44 - 00265772 _____ () C:\Windows\WindowsUpdate.log 2015-02-27 11:11 - 2015-02-27 11:11 - 00000197 _____ () C:\Windows\system32\2015-02-27-10-11-23.058-AvastVBoxSVC.exe-3984.log 2015-02-26 21:16 - 2015-02-26 21:16 - 00000197 _____ () C:\Windows\system32\2015-02-26-20-16-42.091-AvastVBoxSVC.exe-4460.log 2015-02-26 19:39 - 2015-02-26 19:39 - 00000000 ____D () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition 2015-02-26 19:37 - 2015-02-26 19:39 - 14086761 _____ () C:\Users\Stephan Blank\Downloads\the-settlers-ii-gold-edition.zip 2015-02-26 18:41 - 2015-02-26 18:41 - 00000197 _____ () C:\Windows\system32\2015-02-26-17-41-36.093-AvastVBoxSVC.exe-4796.log 2015-02-26 14:27 - 2015-02-26 14:27 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-27-51.034-AvastVBoxSVC.exe-4488.log 2015-02-26 14:10 - 2015-02-26 14:10 - 00000197 _____ () C:\Windows\system32\2015-02-26-13-10-20.086-AvastVBoxSVC.exe-3572.log 2015-02-26 12:13 - 2015-02-26 12:13 - 00009608 _____ () C:\Users\Stephan Blank\Documents\Comunio_Spieltag_punkte.xlsx 2015-02-26 12:01 - 2015-02-26 12:01 - 00000197 _____ () C:\Windows\system32\2015-02-26-11-01-19.072-AvastVBoxSVC.exe-4064.log 2015-02-26 11:53 - 2015-02-26 11:53 - 00000197 _____ () C:\Windows\system32\2015-02-26-10-53-07.007-AvastVBoxSVC.exe-3964.log 2015-02-25 22:50 - 2015-02-25 22:50 - 00000197 _____ () C:\Windows\system32\2015-02-25-21-50-52.045-AvastVBoxSVC.exe-4628.log 2015-02-25 15:09 - 2015-02-25 15:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird 2015-02-25 11:17 - 2015-02-25 11:17 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-17-47.018-AvastVBoxSVC.exe-3720.log 2015-02-25 11:07 - 2015-01-09 00:44 - 00419936 _____ () C:\Windows\SysWOW64\locale.nls 2015-02-25 11:07 - 2015-01-09 00:43 - 00419936 _____ () C:\Windows\system32\locale.nls 2015-02-25 11:00 - 2015-02-25 11:00 - 00000197 _____ () C:\Windows\system32\2015-02-25-10-00-53.059-AvastVBoxSVC.exe-3960.log 2015-02-24 19:24 - 2015-02-24 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-24-18-24-44.078-AvastVBoxSVC.exe-4632.log 2015-02-24 10:44 - 2015-02-24 10:44 - 00000197 _____ () C:\Windows\system32\2015-02-24-09-44-33.000-AvastVBoxSVC.exe-4804.log 2015-02-23 18:46 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_29.dll 2015-02-23 18:46 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_29.dll 2015-02-23 18:46 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xactengine2_0.dll 2015-02-23 18:46 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\x3daudio1_0.dll 2015-02-23 18:46 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_28.dll 2015-02-23 18:46 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_28.dll 2015-02-23 18:46 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_27.dll 2015-02-23 18:46 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_27.dll 2015-02-23 18:46 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_26.dll 2015-02-23 18:46 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_26.dll 2015-02-23 18:46 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_25.dll 2015-02-23 18:46 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll 2015-02-23 18:45 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_24.dll 2015-02-23 18:45 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_24.dll 2015-02-23 18:21 - 2015-02-23 18:21 - 00666160 _____ () C:\Users\Stephan Blank\Downloads\tmnationsforever_setup_CB-DL-Manager.exe 2015-02-23 18:00 - 2015-02-23 18:00 - 00000197 _____ () C:\Windows\system32\2015-02-23-17-00-22.031-AvastVBoxSVC.exe-4492.log 2015-02-23 11:58 - 2015-01-23 05:42 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-02-23 11:58 - 2015-01-23 05:41 - 06041600 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-02-23 11:58 - 2015-01-23 04:43 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-02-23 11:58 - 2015-01-23 04:17 - 04300800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-02-23 11:09 - 2015-02-23 11:09 - 00000197 _____ () C:\Windows\system32\2015-02-23-10-09-44.024-AvastVBoxSVC.exe-4888.log 2015-02-22 15:43 - 2015-02-22 15:43 - 00000197 _____ () C:\Windows\system32\2015-02-22-14-43-36.013-AvastVBoxSVC.exe-4780.log 2015-02-22 14:07 - 2015-02-22 14:07 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition2.txt 2015-02-22 13:55 - 2015-02-22 13:56 - 00030924 _____ () C:\Users\Stephan Blank\Downloads\Addition.txt 2015-02-22 13:54 - 2015-03-06 12:45 - 00017308 _____ () C:\Users\Stephan Blank\Downloads\FRST.txt 2015-02-22 13:54 - 2015-03-06 12:45 - 00000000 ____D () C:\FRST 2015-02-22 13:49 - 2015-03-05 13:28 - 02092544 _____ (Farbar) C:\Users\Stephan Blank\Downloads\FRST64.exe 2015-02-22 13:37 - 2015-02-23 18:51 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\dlg 2015-02-22 13:07 - 2015-02-22 13:07 - 44240384 _____ () C:\Users\Stephan Blank\Documents\Untitled.avi 2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MonkeyJam 2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MonkeyJam 2015-02-22 12:56 - 2015-02-22 12:56 - 00000000 ____D () C:\Program Files (x86)\MonkeyJam 2015-02-22 12:56 - 2005-02-27 17:11 - 00424960 _____ () C:\Windows\SysWOW64\wavdest.ax 2015-02-22 12:55 - 2015-02-22 12:55 - 00669184 _____ () C:\Users\Stephan Blank\Downloads\MonkeyJamSetup_CB-DL-Manager.exe 2015-02-22 09:57 - 2015-02-22 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-22-08-57-17.056-AvastVBoxSVC.exe-4996.log 2015-02-21 19:44 - 2015-02-21 19:44 - 00000197 _____ () C:\Windows\system32\2015-02-21-18-44-00.009-AvastVBoxSVC.exe-5136.log 2015-02-21 12:48 - 2015-02-21 12:49 - 00000197 _____ () C:\Windows\system32\2015-02-21-11-48-39.033-AvastVBoxSVC.exe-4732.log 2015-02-20 23:48 - 2015-02-20 23:48 - 00000197 _____ () C:\Windows\system32\2015-02-20-22-48-06.023-AvastVBoxSVC.exe-4808.log 2015-02-20 16:16 - 2015-02-20 16:16 - 00000000 ____D () C:\Users\Stephan Blank\Documents\EndNote 2015-02-20 14:00 - 2015-02-20 17:13 - 00000000 ____D () C:\Sicherung_150220 2015-02-20 14:00 - 2015-02-20 14:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-13-00-12.013-AvastVBoxSVC.exe-4648.log 2015-02-20 10:00 - 2015-02-20 10:00 - 00000197 _____ () C:\Windows\system32\2015-02-20-09-00-49.026-AvastVBoxSVC.exe-4848.log 2015-02-19 19:13 - 2015-02-19 19:13 - 00000197 _____ () C:\Windows\system32\2015-02-19-18-13-41.032-AvastVBoxSVC.exe-4420.log 2015-02-19 18:59 - 2015-02-19 18:59 - 00000197 _____ () C:\Windows\system32\2015-02-19-17-59-11.035-AvastVBoxSVC.exe-4384.log 2015-02-19 11:15 - 2015-02-19 11:15 - 00000197 _____ () C:\Windows\system32\2015-02-19-10-15-44.076-AvastVBoxSVC.exe-5312.log 2015-02-19 11:00 - 2015-03-05 11:45 - 00000000 ____D () C:\AdwCleaner 2015-02-19 11:00 - 2015-03-05 11:42 - 02126848 _____ () C:\Users\Stephan Blank\Downloads\AdwCleaner.exe 2015-02-19 10:26 - 2015-02-19 10:26 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\SuperAntiSpyware - CHIP-Installer.exe 2015-02-19 09:40 - 2015-02-19 09:40 - 00000197 _____ () C:\Windows\system32\2015-02-19-08-40-12.013-AvastVBoxSVC.exe-4912.log 2015-02-19 07:44 - 2015-02-19 07:44 - 00000197 _____ () C:\Windows\system32\2015-02-19-06-44-37.007-AvastVBoxSVC.exe-4136.log 2015-02-18 21:04 - 2015-03-06 12:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-02-18 21:04 - 2015-02-18 22:02 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-02-18 21:01 - 2015-02-18 21:01 - 00000197 _____ () C:\Windows\system32\2015-02-18-20-01-27.016-AvastVBoxSVC.exe-4672.log 2015-02-18 10:50 - 2015-02-18 10:50 - 00000197 _____ () C:\Windows\system32\2015-02-18-09-50-38.011-AvastVBoxSVC.exe-5080.log 2015-02-17 21:54 - 2015-02-17 21:54 - 00000197 _____ () C:\Windows\system32\2015-02-17-20-54-53.062-AvastVBoxSVC.exe-3892.log 2015-02-17 20:55 - 2015-02-17 20:55 - 00000000 ____D () C:\Users\Stephan Blank\Documents\My Games 2015-02-17 19:48 - 2015-02-17 19:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine 2015-02-17 19:46 - 2015-02-19 19:53 - 00000000 ____D () C:\Windows\Panzer Corps 2015-02-17 19:46 - 2015-02-17 19:46 - 00000000 ____D () C:\Program Files (x86)\Slitherine 2015-02-17 18:43 - 2015-02-17 18:43 - 00000197 _____ () C:\Windows\system32\2015-02-17-17-43-17.023-AvastVBoxSVC.exe-4892.log 2015-02-17 16:58 - 2015-02-17 16:58 - 00022833 _____ () C:\Users\Stephan Blank\.recently-used.xbel 2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip 2015-02-17 12:16 - 2015-02-17 12:16 - 00000000 ____D () C:\Program Files\7-Zip 2015-02-17 12:15 - 2015-02-17 12:15 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\7 Zip 64 Bit - CHIP-Installer.exe 2015-02-17 09:57 - 2015-02-17 09:57 - 00000197 _____ () C:\Windows\system32\2015-02-17-08-57-20.036-AvastVBoxSVC.exe-4472.log 2015-02-16 23:47 - 2015-02-16 23:47 - 00000197 _____ () C:\Windows\system32\2015-02-16-22-47-55.033-AvastVBoxSVC.exe-4364.log 2015-02-16 17:45 - 2015-02-16 17:45 - 00000197 _____ () C:\Windows\system32\2015-02-16-16-45-34.007-AvastVBoxSVC.exe-4508.log 2015-02-16 12:45 - 2015-03-04 16:13 - 00000000 ____D () C:\CC_Registry_Cleaner_Sicherung 2015-02-16 12:42 - 2015-02-16 12:42 - 00002788 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2015-02-16 12:42 - 2015-02-16 12:42 - 00000000 ____D () C:\Program Files\CCleaner 2015-02-16 12:17 - 2015-02-16 12:17 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-17-25.063-AvastVBoxSVC.exe-3792.log 2015-02-16 12:12 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\Windows\system32\perftrack.dll 2015-02-16 12:12 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\Windows\system32\powertracker.dll 2015-02-16 12:11 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\wdi.dll 2015-02-16 12:11 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdi.dll 2015-02-16 12:05 - 2015-02-16 12:05 - 00000197 _____ () C:\Windows\system32\2015-02-16-11-05-03.026-AvastVBoxSVC.exe-4952.log 2015-02-13 13:19 - 2015-01-14 06:47 - 00389808 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-02-13 13:19 - 2015-01-14 06:09 - 00342712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-02-13 13:19 - 2015-01-12 04:05 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-02-13 13:19 - 2015-01-12 04:05 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-02-13 13:19 - 2015-01-12 03:49 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-02-13 13:19 - 2015-01-12 03:48 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-02-13 13:19 - 2015-01-12 03:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-02-13 13:19 - 2015-01-12 03:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-02-13 13:19 - 2015-01-12 03:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-02-13 13:19 - 2015-01-12 03:36 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-02-13 13:19 - 2015-01-12 03:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-02-13 13:19 - 2015-01-12 03:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-02-13 13:19 - 2015-01-12 03:25 - 19740160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-02-13 13:19 - 2015-01-12 03:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-02-13 13:19 - 2015-01-12 03:21 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-02-13 13:19 - 2015-01-12 03:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-02-13 13:19 - 2015-01-12 03:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-02-13 13:19 - 2015-01-12 03:08 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-02-13 13:19 - 2015-01-12 03:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-02-13 13:19 - 2015-01-12 03:07 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-02-13 13:19 - 2015-01-12 03:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-02-13 13:19 - 2015-01-12 03:04 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-02-13 13:19 - 2015-01-12 03:02 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-02-13 13:19 - 2015-01-12 03:00 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-02-13 13:19 - 2015-01-12 02:59 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-02-13 13:19 - 2015-01-12 02:57 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-02-13 13:19 - 2015-01-12 02:55 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-02-13 13:19 - 2015-01-12 02:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-02-13 13:19 - 2015-01-12 02:48 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-02-13 13:19 - 2015-01-12 02:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-02-13 13:19 - 2015-01-12 02:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-02-13 13:19 - 2015-01-12 02:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-02-13 13:19 - 2015-01-12 02:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-02-13 13:19 - 2015-01-12 02:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-02-13 13:19 - 2015-01-12 02:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-02-13 13:19 - 2015-01-12 02:23 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-02-13 13:19 - 2015-01-12 02:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-02-13 13:19 - 2015-01-12 02:22 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-02-13 13:19 - 2015-01-12 02:14 - 12829184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-02-13 13:19 - 2015-01-12 02:14 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-02-13 13:19 - 2015-01-12 02:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-02-13 13:19 - 2015-01-12 02:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-02-13 13:19 - 2015-01-12 01:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-02-13 13:19 - 2015-01-12 01:55 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-02-13 13:18 - 2015-01-15 09:14 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-02-13 13:18 - 2015-01-15 09:14 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-02-13 13:18 - 2015-01-15 09:09 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-02-13 13:18 - 2015-01-15 09:09 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-02-13 13:18 - 2015-01-15 09:09 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-02-13 13:18 - 2015-01-15 09:09 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-02-13 13:18 - 2015-01-15 09:09 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-02-13 13:18 - 2015-01-15 09:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-02-13 13:18 - 2015-01-15 09:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-02-13 13:18 - 2015-01-15 09:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-02-13 13:18 - 2015-01-15 09:04 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-02-13 13:18 - 2015-01-15 08:42 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-02-13 13:18 - 2015-01-15 08:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-02-13 13:18 - 2015-01-15 08:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-02-13 13:18 - 2015-01-15 08:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-02-13 13:18 - 2015-01-15 08:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-02-13 13:18 - 2015-01-15 08:37 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-02-13 13:18 - 2015-01-15 05:22 - 00458824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-02-13 13:18 - 2015-01-12 04:09 - 25056256 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-02-13 13:18 - 2015-01-12 03:48 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-02-13 13:18 - 2015-01-12 03:47 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-02-13 13:18 - 2015-01-12 03:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-02-13 13:18 - 2015-01-12 03:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-02-13 13:18 - 2015-01-12 02:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-02-13 13:18 - 2015-01-12 02:43 - 14401024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-02-13 13:18 - 2015-01-12 02:27 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-02-13 13:18 - 2015-01-10 07:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-02-13 13:18 - 2015-01-10 07:27 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-02-13 13:18 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll 2015-02-13 13:18 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2015-02-13 13:17 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2015-02-13 13:17 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2015-02-13 13:17 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2015-02-13 13:17 - 2015-01-14 07:09 - 05554112 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-02-13 13:17 - 2015-01-14 07:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-02-13 13:17 - 2015-01-14 07:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-02-13 13:17 - 2015-01-14 07:04 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-02-13 13:17 - 2015-01-14 06:44 - 03972544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-02-13 13:17 - 2015-01-14 06:44 - 03917760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-02-13 13:17 - 2015-01-14 06:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-02-13 13:17 - 2015-01-13 04:10 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2015-02-13 13:17 - 2015-01-13 03:49 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2015-02-13 13:17 - 2014-12-12 06:31 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll 2015-02-13 13:17 - 2014-12-12 06:07 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll 2015-02-13 13:17 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll 2015-02-13 13:17 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll 2015-02-13 13:17 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll 2015-02-13 13:17 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll 2015-02-13 13:16 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll 2015-02-13 13:16 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll 2015-02-13 13:16 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2015-02-13 13:16 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll 2015-02-13 13:16 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll 2015-02-13 13:15 - 2015-01-09 03:03 - 03201536 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-02-13 11:49 - 2015-02-13 11:50 - 00000197 _____ () C:\Windows\system32\2015-02-13-10-49-27.086-AvastVBoxSVC.exe-5248.log 2015-02-12 20:04 - 2015-02-12 20:04 - 00000197 _____ () C:\Windows\system32\2015-02-12-19-04-02.036-AvastVBoxSVC.exe-5068.log 2015-02-12 09:36 - 2015-02-12 09:36 - 00000197 _____ () C:\Windows\system32\2015-02-12-08-36-53.080-AvastVBoxSVC.exe-4912.log 2015-02-11 22:02 - 2015-02-11 22:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-21-02-03.096-AvastVBoxSVC.exe-4948.log 2015-02-11 13:52 - 2015-02-11 13:52 - 00000000 ____D () C:\Users\Stephan Blank\Documents\SigmaPlot 2015-02-11 11:02 - 2015-02-11 11:02 - 00000197 _____ () C:\Windows\system32\2015-02-11-10-02-14.025-AvastVBoxSVC.exe-5088.log 2015-02-10 22:18 - 2015-02-10 22:18 - 00000197 _____ () C:\Windows\system32\2015-02-10-21-18-47.081-AvastVBoxSVC.exe-5508.log 2015-02-10 18:07 - 2015-02-10 18:07 - 00000197 _____ () C:\Windows\system32\2015-02-10-17-07-34.042-AvastVBoxSVC.exe-3116.log 2015-02-10 09:47 - 2015-02-10 09:48 - 00000197 _____ () C:\Windows\system32\2015-02-10-08-47-54.044-AvastVBoxSVC.exe-5356.log 2015-02-09 21:05 - 2015-02-09 21:05 - 00000197 _____ () C:\Windows\system32\2015-02-09-20-05-01.077-AvastVBoxSVC.exe-5312.log 2015-02-09 17:01 - 2015-02-09 16:59 - 00040262 _____ () C:\Users\Stephan Blank\Desktop\Chlorophytes_ML_500Bts_new.mts 2015-02-09 10:47 - 2015-02-09 10:47 - 00000197 _____ () C:\Windows\system32\2015-02-09-09-47-10.007-AvastVBoxSVC.exe-5264.log 2015-02-08 12:39 - 2015-02-23 11:10 - 00003290 _____ () C:\Windows\System32\Tasks\avastBCLRestartS-1-5-21-3493849748-3862360928-3587676368-1000 2015-02-08 12:38 - 2015-02-08 12:38 - 00000197 _____ () C:\Windows\system32\2015-02-08-11-38-06.051-AvastVBoxSVC.exe-4388.log 2015-02-07 10:22 - 2015-02-07 10:24 - 19996360 _____ () C:\Users\Stephan Blank\Downloads\DrakensangOnlineSetup.exe 2015-02-07 10:10 - 2015-02-07 10:11 - 00000000 ____D () C:\ProgramData\TuneUp Software 2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} 2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\TuneUp Software 2015-02-07 10:10 - 2015-02-07 10:10 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\TuneUp Software 2015-02-07 10:08 - 2015-02-07 10:10 - 28598072 _____ (TuneUp Software) C:\Users\Stephan Blank\Downloads\TuneUpUtilities2014_34de-DE.exe 2015-02-07 08:24 - 2015-02-07 08:24 - 00000197 _____ () C:\Windows\system32\2015-02-07-07-24-41.003-AvastVBoxSVC.exe-4060.log 2015-02-06 19:37 - 2015-02-06 19:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-18-37-22.058-AvastVBoxSVC.exe-4600.log 2015-02-06 16:44 - 2015-02-06 16:44 - 00000197 _____ () C:\Windows\system32\2015-02-06-15-44-20.081-AvastVBoxSVC.exe-5540.log 2015-02-06 09:36 - 2015-02-06 09:37 - 00000197 _____ () C:\Windows\system32\2015-02-06-08-36-42.058-AvastVBoxSVC.exe-4864.log 2015-02-05 08:36 - 2015-02-05 08:36 - 00000197 _____ () C:\Windows\system32\2015-02-05-07-36-46.016-AvastVBoxSVC.exe-4672.log 2015-02-04 19:24 - 2015-02-04 19:24 - 00000197 _____ () C:\Windows\system32\2015-02-04-18-24-18.086-AvastVBoxSVC.exe-4792.log 2015-02-04 09:38 - 2015-02-04 09:38 - 00000197 _____ () C:\Windows\system32\2015-02-04-08-38-47.084-AvastVBoxSVC.exe-4824.log 2015-02-04 06:03 - 2015-02-04 06:03 - 00000197 _____ () C:\Windows\system32\2015-02-04-05-03-47.086-AvastVBoxSVC.exe-4636.log ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2015-03-06 12:44 - 2015-01-21 17:32 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\3DataManager 2015-03-06 12:38 - 2011-04-12 08:43 - 00698926 _____ () C:\Windows\system32\perfh007.dat 2015-03-06 12:38 - 2011-04-12 08:43 - 00149034 _____ () C:\Windows\system32\perfc007.dat 2015-03-06 12:38 - 2009-07-14 06:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-03-06 12:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-03-06 12:38 - 2009-07-14 05:45 - 00021888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-03-06 12:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-03-06 12:30 - 2015-01-09 14:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2015-03-06 11:04 - 2015-02-01 13:04 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job 2015-03-06 11:04 - 2015-02-01 13:04 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job 2015-03-06 11:04 - 2009-07-14 06:32 - 00000000 ____D () C:\Windows\system32\FxsTmp 2015-03-05 00:27 - 2015-01-15 23:27 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\vlc 2015-03-03 18:00 - 2015-01-14 13:23 - 00000000 ____D () C:\Program Files (x86)\PDF24 2015-03-03 17:41 - 2015-01-14 13:21 - 01203488 _____ () C:\Users\Stephan Blank\Downloads\PDF24 Creator - CHIP-Installer.exe 2015-03-03 17:11 - 2015-01-14 11:35 - 00000000 ____D () C:\Software 2015-03-03 11:01 - 2015-01-12 17:41 - 00000000 ____D () C:\Biologie_Doktorat 2015-03-01 19:00 - 2015-01-28 10:31 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2015-03-01 01:05 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache 2015-02-26 14:14 - 2015-01-09 13:40 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Help 2015-02-26 11:58 - 2015-01-09 13:09 - 00000000 ____D () C:\Program Files (x86)\Sony 2015-02-26 11:57 - 2015-01-08 17:09 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2015-02-26 11:56 - 2015-02-01 12:49 - 00000000 ____D () C:\Program Files (x86)\epson 2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON 2015-02-26 11:56 - 2015-02-01 12:43 - 00000000 ____D () C:\ProgramData\EPSON 2015-02-25 14:28 - 2015-01-27 11:49 - 00000000 ____D () C:\Program Files\Java 2015-02-24 19:28 - 2015-01-27 12:25 - 00003866 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1422357903 2015-02-24 19:28 - 2015-01-27 12:24 - 00000000 ____D () C:\Program Files (x86)\Opera 2015-02-23 12:01 - 2015-01-28 13:22 - 00000000 ____D () C:\ComputerPflege 2015-02-20 16:26 - 2015-01-14 11:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF-XChange PDF Viewer 2015-02-20 16:14 - 2015-01-14 17:11 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\EndNote 2015-02-19 16:47 - 2015-01-12 17:35 - 00000000 ____D () C:\DETECTIVE_150303 2015-02-19 11:49 - 2015-01-08 18:06 - 00000218 _____ () C:\Windows\SysWOW64\grucp51.tgz 2015-02-19 11:49 - 2015-01-08 18:06 - 00000204 _____ () C:\Windows\SysWOW64\grucp51.dll 2015-02-19 11:49 - 2015-01-08 18:06 - 00000114 _____ () C:\Windows\SysWOW64\prsgrc.tgz 2015-02-19 11:49 - 2015-01-08 18:06 - 00000100 _____ () C:\Windows\SysWOW64\prsgrc.dll 2015-02-19 11:49 - 2015-01-08 18:06 - 00000086 _____ () C:\Windows\SysWOW64\ssprs.tgz 2015-02-18 22:02 - 2015-01-15 22:12 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-02-18 22:02 - 2015-01-15 22:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-02-17 20:30 - 2015-01-21 17:30 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\Microsoft Games 2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Users\Public\Documents\EndNote 2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EndNote 2015-02-17 17:19 - 2015-01-14 17:01 - 00000000 ____D () C:\Program Files (x86)\EndNote X7 2015-02-17 17:19 - 2015-01-14 16:59 - 00000000 ____D () C:\ProgramData\Thomson.ResearchSoft.Installers 2015-02-17 17:19 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank 2015-02-17 17:01 - 2015-01-20 14:46 - 00000000 ____D () C:\Users\Stephan Blank\.gimp-2.6 2015-02-17 16:58 - 2015-01-20 15:06 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\gtk-2.0 2015-02-17 15:10 - 2015-01-27 13:50 - 00000000 ____D () C:\Windows\pss 2015-02-17 13:35 - 2015-01-19 12:16 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\MEGA_Global 2015-02-16 14:19 - 2015-01-12 17:29 - 00000000 ____D () C:\SonstigesAsus 2015-02-16 12:43 - 2015-01-28 06:40 - 00000000 ____D () C:\Windows\Minidump 2015-02-16 12:43 - 2015-01-08 16:12 - 00000000 ____D () C:\Windows\Panther 2015-02-16 12:13 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\tracing 2015-02-13 14:32 - 2009-07-14 05:45 - 00341880 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ___SD () C:\Windows\system32\CompatTel 2015-02-13 14:31 - 2015-01-08 23:35 - 00000000 ____D () C:\Windows\system32\appraiser 2015-02-13 13:30 - 2015-01-09 13:40 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-02-13 13:27 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2015-02-13 13:26 - 2015-01-08 18:56 - 00000000 ____D () C:\Windows\system32\MRT 2015-02-13 13:21 - 2015-01-08 18:56 - 116773704 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-02-11 10:59 - 2009-07-14 06:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-02-08 13:16 - 2015-01-08 16:39 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Local\VirtualStore 2015-02-07 10:09 - 2015-01-16 13:15 - 00000000 ____D () C:\Users\Stephan Blank\AppData\Roaming\DVDVideoSoft 2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\Free Codec Pack 2015-02-07 10:08 - 2015-01-16 13:18 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft ==================== Files in the root of some directories ======= 2015-01-14 12:55 - 2015-01-14 12:55 - 0000057 _____ () C:\ProgramData\Ament.ini ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-03-05 21:29 ==================== End Of Log ============================ Und hier ist der FRST addition.txt:FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-03-2015 01 Ran by Stephan Blank at 2015-03-06 12:46:26 Running from C:\Users\Stephan Blank\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736} FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 3Connect (HKLM-x32\...\{A899DA1F-D626-401C-8651-F2921E3B4CB3}) (Version: 3.0.0 - 3 Mobile Broadband) 3DataManager (HKLM-x32\...\3DataManager) (Version: 3.5 - 3DataManager) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated) Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated) ATI Catalyst Install Manager (HKLM\...\{158BEEC4-CC30-BF2F-248D-B52AF953E9C1}) (Version: 3.0.829.0 - ATI Technologies, Inc.) Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software) BioEdit (HKLM-x32\...\{AF6D9313-E338-48F0-9B0C-7DE20EDB99CF}) (Version: 7.2.5.0 - Tom Hall) Canoco 5 (HKLM\...\Canoco5) (Version: 5.00 - Biometris and Petr Smilauer) CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.55 - Cliqz.com) Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - ) EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.2.1.8311 - Thomson Reuters) Epson Event Manager (HKLM-x32\...\{0F13C24A-FFE2-4CD0-8E0B-DC804E0A0E0B}) (Version: 3.10.0035 - Seiko Epson Corporation) EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version: - SEIKO EPSON Corporation) Free YouTube Download version 3.2.53.128 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.53.128 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.53.113 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.53.113 - DVDVideoSoft Ltd.) GIMP 2.6.11 (HKLM-x32\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team) HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.) HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard) HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP) HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard) Huawei modem (HKLM-x32\...\Huawei Modems) (Version: - ) ImageMagick 6.7.5-7 Q16 (2012-03-01) (HKLM-x32\...\ImageMagick 6.7.5 Q16_is1) (Version: 6.7.5 - ImageMagick Studio LLC) Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3086 - Intel Corporation) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel(R) PROSet/Wireless WiFi-Software (HKLM\...\{1927E640-A2C6-4BA7-8F43-FFD2AE3DFCF3}) (Version: 14.0.2000 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) MEGA6 .06 (HKLM-x32\...\{EE7E4984-0208-48E7-959C-A5F5F06F0DE0}_is1) (Version: .06 - Center for Evolutionary Medicine and Informatics) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MonkeyJam 3_050529 (HKLM-x32\...\MonkeyJam_is1) (Version: - GiantScreamingRobotMonkeys) Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.3.0 - Mozilla) Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla) Opera Stable 27.0.1689.76 (HKLM-x32\...\Opera 27.0.1689.76) (Version: 27.0.1689.76 - Opera Software ASA) Panzer Corps (HKLM-x32\...\Panzer Corps1.03) (Version: 1.03 - Slitherine) PDF24 Creator 6.9.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.1.0 - Frank Heindörfer, Philip Chinery) PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.311.0 - Tracker Software Products Ltd) PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek) Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.) Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.34.0 - Renesas Electronics Corporation) Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.34.0 - Renesas Electronics Corporation) Hidden ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters) Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft) SigmaPlot 12.5 (HKLM-x32\...\{730E22C0-A5A9-4A1B-AE66-570573DCA0E8}) (Version: 12.5 - Systat Software, Inc.) Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.) Software Updater (HKLM-x32\...\{FA7EE274-7370-43B7-9A45-A39B17CCCDC5}) (Version: 4.3.3 - SEIKO EPSON CORPORATION) Sony Ericsson PC Companion 1.60.13 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 1.60.13 - Sony Ericsson) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden VAIO Event Service (HKLM-x32\...\{73D8886A-D416-4687-B609-0D3836BA410C}) (Version: 5.5.0.03040 - Sony Corporation) VESx64 (Version: 1.0.0 - Sony Corporation) Hidden VESx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN) VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation) ZoneAlarm Firewall (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.052.000 - Check Point) ZoneAlarm Security (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden ZoneAlarm Security Toolbar (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD) ZoneAlarm Security Toolbar (HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 27-01-2015 11:49:18 Installed Java SE Development Kit 8 Update 31 (64-bit) 27-01-2015 11:56:34 Removed Java 8 Update 31 (64-bit) 28-01-2015 09:49:49 AA11 28-01-2015 10:29:28 avast! antivirus system restore point 28-01-2015 11:55:35 Windows-Sicherung 29-01-2015 18:08:59 Windows Update 01-02-2015 12:54:58 Installed Software Updater 01-02-2015 12:56:03 Installed Software Updater 01-02-2015 13:03:32 Gerätetreiber-Paketinstallation: EPSON Drucker 01-02-2015 13:04:10 Installed Epson Event Manager 03-02-2015 10:58:45 Windows Update 07-02-2015 08:27:18 Windows Update 10-02-2015 22:19:25 TuneUp Utilities 2014 wird entfernt 10-02-2015 22:20:26 TuneUp Utilities 2014 (de-DE) wird entfernt 11-02-2015 11:04:14 Windows Update 13-02-2015 13:19:31 Windows Update 16-02-2015 12:12:06 Windows Update 17-02-2015 12:15:56 Installed 7-Zip 9.20 (x64 edition) 23-02-2015 11:58:28 Windows Update 23-02-2015 18:45:33 DirectX wurde installiert 25-02-2015 11:07:24 Windows Update 25-02-2015 14:26:59 Removed Java SE Development Kit 8 Update 31 (64-bit) 26-02-2015 11:56:44 Entfernt VAIO Control Center 04-03-2015 08:39:16 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {0A4ED209-8A24-4F0C-8200-FAED06D630F5} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {1082E2F1-E5D2-4B8D-A0C0-F46EEA70C8C2} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {420E405D-ACFC-42CE-9B6E-91FAE8F2A029} - System32\Tasks\avastBCLRestartS-1-5-21-3493849748-3862360928-3587676368-1000 => Firefox.exe Task: {4767FAFE-60A8-4BC9-8006-2FAF7ED25573} - System32\Tasks\{27899F27-867F-4E42-8BB4-A1701B588687} => pcalua.exe -a "C:\Users\Stephan Blank\Downloads\IFAOTH-00231600-0042\IFAOTH-00231600-0042.EXE" -d "C:\Users\Stephan Blank\Downloads\IFAOTH-00231600-0042" Task: {545BA2A2-8696-4C36-8BCA-0AEEAAA76D61} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe Task: {5C48DB24-A4D5-4EA7-9980-8835B92B81FC} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Month => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation) Task: {5F179B82-1CE6-472B-AC2A-3A46ED557ED2} - System32\Tasks\Opera scheduled Autoupdate 1422357903 => C:\Program Files (x86)\Opera\launcher.exe [2015-02-23] (Opera Software) Task: {892F8FCD-501F-4C6B-B938-BB4855FB33C7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation) Task: {8F1DB272-D065-4D17-B840-687CA4DFFF3D} - System32\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [2013-02-28] (SEIKO EPSON CORPORATION) Task: {8F433845-CF51-4441-BF4C-ABC0B69F1A07} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-01-28] (AVAST Software) Task: {9B15A5DF-4928-42E3-998E-069BD0C27E27} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation) Task: {A2C02124-3F9E-4ABD-9E20-4BC50E945AAA} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe Task: {B55B91AE-A744-41F2-A135-9F7B559961D4} - System32\Tasks\{925A250A-9998-425D-94A5-23A0C12C8416} => pcalua.exe -a "C:\Users\Stephan Blank\Downloads\SODFEP-00224384-0042\SODFEP-00224384-0042.EXE" -d "C:\Users\Stephan Blank\Downloads\SODFEP-00224384-0042" Task: {B71FA479-5A42-401E-9A59-269837BF716A} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-02-14] (Sony Corporation) Task: {BF6A1DE2-CFD5-433F-9CC2-C655318972E9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc Task: {D8305A3D-7F4A-4D3F-AC21-5C481B117794} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-18] (Adobe Systems Incorporated) Task: {FD6EC84C-9579-44B2-893E-7D6B868A57F5} - System32\Tasks\Sony Corporation\VAIO Event Service\Level4Daily => C:\Program Files (x86)\Sony\VAIO Event Service\WBCBatteryCare.exe [2011-03-05] (Sony Corporation) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {6E7111F9-907E-4B79-A32C-3CF8061D7EF0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{6E7111F9-907E-4B79-A32C-3CF8061D7EF0} /F:UpdateSYSTEM Searches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Loaded Modules (whitelisted) ============== 2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll 2015-03-03 17:12 - 2005-03-12 00:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll 2015-01-15 22:08 - 2011-03-23 16:32 - 01740696 _____ () C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe 2015-01-21 17:30 - 2012-12-12 11:41 - 00346832 ____N () C:\Program Files (x86)\3DataManager\WTGService.exe 2015-01-28 10:30 - 2015-01-28 10:30 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll 2015-01-28 10:30 - 2015-01-28 10:30 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll 2015-01-08 17:37 - 2011-04-17 13:28 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll 2011-01-05 12:53 - 2011-01-05 12:53 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll 2011-11-09 10:55 - 2011-11-09 10:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2011-12-22 02:53 - 2011-12-22 02:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll 2015-01-21 17:30 - 2012-12-12 11:41 - 00506576 ____N () C:\Program Files (x86)\3DataManager\3DataManager_Launcher.exe 2015-03-06 09:20 - 2015-03-06 09:20 - 02918400 _____ () C:\Program Files\AVAST Software\Avast\defs\15030600\algo.dll 2015-01-28 10:30 - 2015-01-28 10:30 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll 2015-01-28 11:00 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-01-28 11:00 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-01-28 11:00 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-01-28 11:00 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-01-28 11:00 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-01-09 13:12 - 2011-03-05 16:42 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll 2015-01-09 12:30 - 2015-01-09 12:30 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93182e9779b8be0f688fd0784df6d7fb\IsdiInterop.ni.dll 2015-01-09 12:30 - 2010-11-05 23:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll 2015-01-28 10:30 - 2015-01-28 10:30 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00073728 ____N () C:\Program Files (x86)\3DataManager\WtgDriverInstall.dll 2015-01-21 17:30 - 2012-12-12 11:37 - 00749568 ____N () C:\Program Files (x86)\3DataManager\WtgCore.dll 2015-01-21 17:30 - 2012-12-12 11:37 - 00139264 ____N () C:\Program Files (x86)\3DataManager\WtgBluetooth.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00086016 ____N () C:\Program Files (x86)\3DataManager\WtgDialup.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgUtil.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00098304 ____N () C:\Program Files (x86)\3DataManager\WtgPorts.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00110592 ____N () C:\Program Files (x86)\3DataManager\WtgDatabase.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00212992 ____N () C:\Program Files (x86)\3DataManager\WtgDetection.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00012288 ____N () C:\Program Files (x86)\3DataManager\WTGDebugs.dll 2015-01-21 17:30 - 2012-09-04 11:48 - 01105920 ____N () C:\Program Files (x86)\3DataManager\NDISAPI.dll 2015-01-21 17:30 - 2012-12-05 11:38 - 00598016 ____N () C:\Program Files (x86)\3DataManager\WTGXMLUtil.dll 2015-01-21 17:30 - 2012-12-12 11:36 - 00278528 ____N () C:\Program Files (x86)\3DataManager\WTGSMSPCClient.Dll 2015-01-21 17:30 - 2012-12-12 11:37 - 00012800 ____N () C:\Program Files (x86)\3DataManager\WTGDriverInstallX.Dll 2015-01-21 17:30 - 2012-12-12 11:40 - 00274432 ____N () C:\Program Files (x86)\3DataManager\WtgMobileBroadband7.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service" ==================== EXE Association (whitelisted) =============== (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3493849748-3862360928-3587676368-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Stephan Blank\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 213.94.78.17 - 213.94.78.16 ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: VAIO Power Management => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Stephan Blank^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk => C:\Windows\pss\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series.lnk.Startup MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Sony Ericsson PC Companion => "C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe" /systray /nologon MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" ==================== Accounts: ============================= Administrator (S-1-5-21-3493849748-3862360928-3587676368-500 - Administrator - Disabled) Gast (S-1-5-21-3493849748-3862360928-3587676368-501 - Limited - Disabled) Stephan Blank (S-1-5-21-3493849748-3862360928-3587676368-1000 - Administrator - Enabled) => C:\Users\Stephan Blank ==================== Faulty Device Manager Devices ============= Name: TCP/IP-Protokolltreiber Description: TCP/IP-Protokolltreiber Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1} Manufacturer: Service: Tcpip Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Der Index kann nicht initialisiert werden. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Die Anwendung kann nicht initialisiert werden. Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Das Gatherer-Objekt kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden. Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben. Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden. Details: 0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800)) Error: (03/06/2015 00:33:45 PM) (Source: ESENT) (EventID: 455) (User: ) Description: Windows (3312) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS002DF.log. System errors: ============= Error: (03/06/2015 00:33:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (03/06/2015 00:33:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535. Error: (03/06/2015 00:31:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Mobile IP Route Manager" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (03/06/2015 00:31:01 PM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mdvrmng.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (03/06/2015 00:00:45 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (03/06/2015 09:10:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Mobile IP Route Manager" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (03/06/2015 09:10:35 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mdvrmng.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Error: (03/06/2015 06:01:10 AM) (Source: DCOM) (EventID: 10010) (User: ) Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} Error: (03/06/2015 03:05:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Mobile IP Route Manager" wurde aufgrund folgenden Fehlers nicht gestartet: %%1275 Error: (03/06/2015 03:05:55 AM) (Source: Application Popup) (EventID: 1060) (User: ) Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Windows\SysWow64\drivers\mdvrmng.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten. Microsoft Office Sessions: ========================= Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 7010) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: Kontext: Windows Anwendung Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Error: (03/06/2015 00:33:48 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490) Search.TripoliIndexer Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) Search.JetPropStore Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9002) (User: ) Description: Kontext: Windows Anwendung, SystemIndex Katalog Details: Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800) Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7042) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) The catalog is corrupt Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 7040) (User: ) Description: Details: Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801) 4700 Error: (03/06/2015 00:33:46 PM) (Source: Windows Search Service) (EventID: 9000) (User: ) Description: Details: 0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800)) Error: (03/06/2015 00:33:45 PM) (Source: ESENT) (EventID: 455) (User: ) Description: Windows3312Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS002DF.log-1811 ==================== Memory info =========================== Processor: Intel(R) Core(TM) i3-2310M CPU @ 2.10GHz Percentage of memory in use: 29% Total physical RAM: 8107.86 MB Available physical RAM: 5691.36 MB Total Pagefile: 16213.91 MB Available Pagefile: 13423.72 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.76 GB) (Free:162.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive e: (H2SD) (Removable) (Total:3.68 GB) (Free:3.1 GB) FAT32 Drive g: (3Connect) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 000796F5) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 3.7 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ |
06.03.2015, 16:41 | #6 |
/// the machine /// TB-Ausbilder | CPU sark beansprucht! Lüfter laut! hi, Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> CPU sark beansprucht! Lüfter laut! |
07.03.2015, 10:08 | #7 |
| CPU sark beansprucht! Lüfter laut! Hallo Schrauber, die Scans habe ich nun durchgeführt. Beide Programme fanden keine Bedrohungen. Deswegen habe ich mit dem MBAR kein Clean up gemacht. Das Report-log des TDSSKiller folgt hier: Code:
ATTFilter 09:56:39.0793 0x0bd0 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04 09:57:12.0054 0x0bd0 ============================================================ 09:57:12.0054 0x0bd0 Current date / time: 2015/03/07 09:57:12.0054 09:57:12.0054 0x0bd0 SystemInfo: 09:57:12.0054 0x0bd0 09:57:12.0054 0x0bd0 OS Version: 6.1.7601 ServicePack: 1.0 09:57:12.0054 0x0bd0 Product type: Workstation 09:57:12.0054 0x0bd0 ComputerName: STEPHANBLANK-PC 09:57:12.0054 0x0bd0 UserName: Stephan Blank 09:57:12.0054 0x0bd0 Windows directory: C:\Windows 09:57:12.0054 0x0bd0 System windows directory: C:\Windows 09:57:12.0054 0x0bd0 Running under WOW64 09:57:12.0054 0x0bd0 Processor architecture: Intel x64 09:57:12.0054 0x0bd0 Number of processors: 4 09:57:12.0054 0x0bd0 Page size: 0x1000 09:57:12.0054 0x0bd0 Boot type: Normal boot 09:57:12.0054 0x0bd0 ============================================================ 09:57:12.0194 0x0bd0 KLMD registered as C:\Windows\system32\drivers\81699228.sys 09:57:12.0678 0x0bd0 System UUID: {5CA27604-2563-CEDE-C7EE-D76F167AAD0F} 09:57:13.0489 0x0bd0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 09:57:14.0581 0x0bd0 Drive \Device\Harddisk1\DR1 - Size: 0xEC400000 ( 3.69 Gb ), SectorSize: 0x200, Cylinders: 0x1E1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 09:57:14.0581 0x0bd0 ============================================================ 09:57:14.0581 0x0bd0 \Device\Harddisk0\DR0: 09:57:14.0581 0x0bd0 MBR partitions: 09:57:14.0581 0x0bd0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x3A385800 09:57:14.0581 0x0bd0 \Device\Harddisk1\DR1: 09:57:14.0581 0x0bd0 MBR partitions: 09:57:14.0581 0x0bd0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x2000, BlocksNum 0x760000 09:57:14.0581 0x0bd0 ============================================================ 09:57:14.0628 0x0bd0 C: <-> \Device\Harddisk0\DR0\Partition1 09:57:14.0628 0x0bd0 ============================================================ 09:57:14.0628 0x0bd0 Initialize success 09:57:14.0628 0x0bd0 ============================================================ 09:58:19.0321 0x10a4 ============================================================ 09:58:19.0321 0x10a4 Scan started 09:58:19.0321 0x10a4 Mode: Manual; SigCheck; TDLFS; 09:58:19.0321 0x10a4 ============================================================ 09:58:19.0321 0x10a4 KSN ping started 09:58:19.0852 0x10a4 KSN ping finished: true 09:58:20.0444 0x10a4 ================ Scan system memory ======================== 09:58:20.0444 0x10a4 System memory - ok 09:58:20.0444 0x10a4 ================ Scan services ============================= 09:58:20.0663 0x10a4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys 09:58:20.0834 0x10a4 1394ohci - ok 09:58:20.0897 0x10a4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys 09:58:20.0959 0x10a4 ACPI - ok 09:58:20.0990 0x10a4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys 09:58:21.0053 0x10a4 AcpiPmi - ok 09:58:21.0271 0x10a4 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe 09:58:21.0334 0x10a4 AdobeFlashPlayerUpdateSvc - ok 09:58:21.0427 0x10a4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys 09:58:21.0490 0x10a4 adp94xx - ok 09:58:21.0536 0x10a4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys 09:58:21.0583 0x10a4 adpahci - ok 09:58:21.0614 0x10a4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys 09:58:21.0661 0x10a4 adpu320 - ok 09:58:21.0708 0x10a4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 09:58:21.0786 0x10a4 AeLookupSvc - ok 09:58:21.0848 0x10a4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys 09:58:21.0926 0x10a4 AFD - ok 09:58:21.0973 0x10a4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys 09:58:22.0004 0x10a4 agp440 - ok 09:58:22.0051 0x10a4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe 09:58:22.0160 0x10a4 ALG - ok 09:58:22.0207 0x10a4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys 09:58:22.0254 0x10a4 aliide - ok 09:58:22.0316 0x10a4 [ 0EE274476C3E5F05F2B79B8C63FCCCFC, 7D1861FCC975AD85D793DD6945113DA06CDD2B8F118AA61D0147FFA3315E8A48 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe 09:58:22.0394 0x10a4 AMD External Events Utility - ok 09:58:22.0410 0x10a4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys 09:58:22.0441 0x10a4 amdide - ok 09:58:22.0472 0x10a4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys 09:58:22.0550 0x10a4 AmdK8 - ok 09:58:22.0909 0x10a4 [ B18018924D6ADB6E64BC39BD37D6A4D8, 6EEB593A50AD5AA9633E6F97AB2314D674C13FAA7A6D03000A5F6C074CAF7BAF ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys 09:58:23.0284 0x10a4 amdkmdag - ok 09:58:23.0346 0x10a4 [ 3249B112D48D29BE86984CF4594C9755, 089712B872F92AB0614665F8B5EA869EAB4F6035164921EE0021158D457DE83F ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys 09:58:23.0408 0x10a4 amdkmdap - ok 09:58:23.0455 0x10a4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys 09:58:23.0502 0x10a4 AmdPPM - ok 09:58:23.0533 0x10a4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys 09:58:23.0596 0x10a4 amdsata - ok 09:58:23.0627 0x10a4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 09:58:23.0689 0x10a4 amdsbs - ok 09:58:23.0720 0x10a4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys 09:58:23.0752 0x10a4 amdxata - ok 09:58:23.0783 0x10a4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys 09:58:23.0861 0x10a4 AppID - ok 09:58:23.0892 0x10a4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll 09:58:23.0954 0x10a4 AppIDSvc - ok 09:58:23.0970 0x10a4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll 09:58:24.0032 0x10a4 Appinfo - ok 09:58:24.0064 0x10a4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys 09:58:24.0110 0x10a4 arc - ok 09:58:24.0126 0x10a4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys 09:58:24.0173 0x10a4 arcsas - ok 09:58:24.0313 0x10a4 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 09:58:24.0376 0x10a4 aspnet_state - ok 09:58:24.0438 0x10a4 [ 9BE9F2B83DE80E2752B1405CC427E2EC, 6015CA66553B3B882083B33F24FB338249A110D9769831C3D3D3C681AAFA9411 ] aswHwid C:\Windows\system32\drivers\aswHwid.sys 09:58:24.0500 0x10a4 aswHwid - ok 09:58:24.0516 0x10a4 [ 2DA1C1AEDF454F8E32A863A1AEACDD8C, F02E4D197AE00B9A9507CF6007A7B7BEA54AF0F255B752FBA7174FA2596D1CA9 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys 09:58:24.0563 0x10a4 aswMonFlt - ok 09:58:24.0610 0x10a4 [ 4750016EF9CC1DEC6DA3FE5AF9A7F095, C4CF46246D8A3FF9BD8D2FE899685654ADD45EB9B032F33804D0B8131882BC74 ] aswRdr C:\Windows\system32\drivers\aswRdr2.sys 09:58:24.0672 0x10a4 aswRdr - ok 09:58:24.0688 0x10a4 [ 1323269A92645705DEFA053F3596829D, 83EC58E0577A1E45D1FCBC0C0AF182099FB70B9005B9F8161166EBB4E9F58F35 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys 09:58:24.0734 0x10a4 aswRvrt - ok 09:58:24.0844 0x10a4 [ E74FD717476B30E23F45354B8F3ACB30, 951D1655E1FA4CF0ACB29F2EEDDB3B42522D392F46DD826C63DCA8941E17ABA8 ] aswSnx C:\Windows\system32\drivers\aswSnx.sys 09:58:24.0922 0x10a4 aswSnx - ok 09:58:24.0984 0x10a4 [ B1881A01E301990B671694CA1623F1B6, 5299C713EA7CF96F0550943DB37E963CDA09258F65C471CCEEAB44C4736B7A08 ] aswSP C:\Windows\system32\drivers\aswSP.sys 09:58:25.0046 0x10a4 aswSP - ok 09:58:25.0093 0x10a4 [ 7509F07BA6F84C1E3B2C0D78A1F6F782, A90A36E8E23F58E430DE98B3623688DC09D34B62906EF7796DFC90F581FC385F ] aswStm C:\Windows\system32\drivers\aswStm.sys 09:58:25.0124 0x10a4 aswStm - ok 09:58:25.0187 0x10a4 [ 1A5BDDE65B648DC3AD48B6ECAA3AE9C8, 858F674C3B775F9C8C782B7AFAC0B02AE9410C9F3B7F5B3AE1C4AD3BF6448C14 ] aswVmm C:\Windows\system32\drivers\aswVmm.sys 09:58:25.0249 0x10a4 aswVmm - ok 09:58:25.0296 0x10a4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys 09:58:25.0374 0x10a4 AsyncMac - ok 09:58:25.0421 0x10a4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys 09:58:25.0452 0x10a4 atapi - ok 09:58:25.0530 0x10a4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll 09:58:25.0624 0x10a4 AudioEndpointBuilder - ok 09:58:25.0655 0x10a4 [ DE3E38431B00C2EA247C53675DCF01A0, 8965192096C94203A1F16689DCDA45FE0EDF3A6FB75B70FC378C2008E8E71C9B ] AudioSrv C:\Windows\System32\Audiosrv.dll 09:58:25.0702 0x10a4 AudioSrv - ok 09:58:25.0795 0x10a4 [ E3F7EC811923F3F1A77B185F22638E5E, 324041256314C1471B5F123FA8DECC8F374A6B497A6419D4CAF61E68E1733265 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe 09:58:25.0858 0x10a4 avast! Antivirus - ok 09:58:26.0060 0x10a4 [ 4F4EBF6163D3A02D52A66BBD145B0069, 179B2FD2671F6BB8D3F77B39001F546A0DEBE85BFF9782060AF1DC50DFA071EF ] AvastVBoxSvc C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe 09:58:26.0263 0x10a4 AvastVBoxSvc - ok 09:58:26.0294 0x10a4 avchv - ok 09:58:26.0357 0x10a4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll 09:58:26.0435 0x10a4 AxInstSV - ok 09:58:26.0497 0x10a4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 09:58:26.0560 0x10a4 b06bdrv - ok 09:58:26.0606 0x10a4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys 09:58:26.0653 0x10a4 b57nd60a - ok 09:58:26.0684 0x10a4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll 09:58:26.0731 0x10a4 BDESVC - ok 09:58:26.0950 0x10a4 [ 68BF3520FE759C91FD9182F36E585374, FB88732817BBBEFB9644B9C3E1CC1033431AF9A62C742522D851FA7AB1B7F962 ] BecHelperService C:\Program Files (x86)\3 Mobile Broadband\3Connect\BecHelperService.exe 09:58:27.0059 0x10a4 BecHelperService - ok 09:58:27.0090 0x10a4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys 09:58:27.0152 0x10a4 Beep - ok 09:58:27.0246 0x10a4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll 09:58:27.0340 0x10a4 BFE - ok 09:58:27.0386 0x10a4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll 09:58:27.0511 0x10a4 BITS - ok 09:58:27.0542 0x10a4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys 09:58:27.0605 0x10a4 blbdrive - ok 09:58:27.0636 0x10a4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 09:58:27.0683 0x10a4 bowser - ok 09:58:27.0714 0x10a4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys 09:58:27.0761 0x10a4 BrFiltLo - ok 09:58:27.0776 0x10a4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys 09:58:27.0823 0x10a4 BrFiltUp - ok 09:58:27.0854 0x10a4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll 09:58:27.0917 0x10a4 Browser - ok 09:58:27.0932 0x10a4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys 09:58:28.0026 0x10a4 Brserid - ok 09:58:28.0042 0x10a4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys 09:58:28.0088 0x10a4 BrSerWdm - ok 09:58:28.0104 0x10a4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys 09:58:28.0135 0x10a4 BrUsbMdm - ok 09:58:28.0151 0x10a4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys 09:58:28.0198 0x10a4 BrUsbSer - ok 09:58:28.0229 0x10a4 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys 09:58:28.0291 0x10a4 BthEnum - ok 09:58:28.0322 0x10a4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys 09:58:28.0385 0x10a4 BTHMODEM - ok 09:58:28.0416 0x10a4 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys 09:58:28.0463 0x10a4 BthPan - ok 09:58:28.0556 0x10a4 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys 09:58:28.0619 0x10a4 BTHPORT - ok 09:58:28.0650 0x10a4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll 09:58:28.0728 0x10a4 bthserv - ok 09:58:28.0759 0x10a4 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys 09:58:28.0806 0x10a4 BTHUSB - ok 09:58:28.0837 0x10a4 [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl C:\Windows\system32\drivers\btwampfl.sys 09:58:28.0868 0x10a4 btwampfl - ok 09:58:28.0900 0x10a4 [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys 09:58:28.0946 0x10a4 btwaudio - ok 09:58:28.0962 0x10a4 [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys 09:58:28.0993 0x10a4 btwavdt - ok 09:58:29.0118 0x10a4 [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe 09:58:29.0196 0x10a4 btwdins - ok 09:58:29.0227 0x10a4 [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys 09:58:29.0258 0x10a4 btwl2cap - ok 09:58:29.0274 0x10a4 [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys 09:58:29.0290 0x10a4 btwrchid - ok 09:58:29.0368 0x10a4 [ 58BF7714A312698108A96D0DE2BB6825, 87E0EC24520C9C421AF6A680FEF42E18911AABA373A9F927C5CE77AD50F8196F ] cbVSCService11 C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe 09:58:29.0414 0x10a4 cbVSCService11 - detected UnsignedFile.Multi.Generic ( 1 ) 09:58:29.0867 0x10a4 Detect skipped due to KSN trusted 09:58:29.0867 0x10a4 cbVSCService11 - ok 09:58:29.0898 0x10a4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 09:58:29.0992 0x10a4 cdfs - ok 09:58:30.0038 0x10a4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys 09:58:30.0132 0x10a4 cdrom - ok 09:58:30.0179 0x10a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll 09:58:30.0257 0x10a4 CertPropSvc - ok 09:58:30.0272 0x10a4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys 09:58:30.0335 0x10a4 circlass - ok 09:58:30.0382 0x10a4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys 09:58:30.0428 0x10a4 CLFS - ok 09:58:30.0538 0x10a4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 09:58:30.0584 0x10a4 clr_optimization_v2.0.50727_32 - ok 09:58:30.0662 0x10a4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe 09:58:30.0725 0x10a4 clr_optimization_v2.0.50727_64 - ok 09:58:30.0818 0x10a4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 09:58:30.0850 0x10a4 clr_optimization_v4.0.30319_32 - ok 09:58:30.0865 0x10a4 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe 09:58:30.0896 0x10a4 clr_optimization_v4.0.30319_64 - ok 09:58:30.0928 0x10a4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys 09:58:30.0974 0x10a4 CmBatt - ok 09:58:31.0021 0x10a4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys 09:58:31.0052 0x10a4 cmdide - ok 09:58:31.0115 0x10a4 [ E45CDE1C8340DFEDF1D6724263F39E5B, 8B8091D0A8FF08170F34DA01A4201DAE7C3D026226BC77B5C2EC67657C670168 ] CNG C:\Windows\system32\Drivers\cng.sys 09:58:31.0177 0x10a4 CNG - ok 09:58:31.0271 0x10a4 [ 7EA8AC41A2E8426EC7079C44DBA1D254, 89C9242D0838551AEAF811F29B48B2338A05DC2F072A16A671D7B021D7B9C225 ] CobianBackup11 C:\Program Files (x86)\Cobian Backup 11\cbService.exe 09:58:31.0364 0x10a4 CobianBackup11 - detected UnsignedFile.Multi.Generic ( 1 ) 09:58:31.0832 0x10a4 Detect skipped due to KSN trusted 09:58:31.0832 0x10a4 CobianBackup11 - ok 09:58:31.0879 0x10a4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys 09:58:31.0942 0x10a4 Compbatt - ok 09:58:31.0957 0x10a4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys 09:58:32.0020 0x10a4 CompositeBus - ok 09:58:32.0035 0x10a4 COMSysApp - ok 09:58:32.0160 0x10a4 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 09:58:32.0222 0x10a4 cphs - ok 09:58:32.0238 0x10a4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys 09:58:32.0285 0x10a4 crcdisk - ok 09:58:32.0332 0x10a4 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll 09:58:32.0394 0x10a4 CryptSvc - ok 09:58:32.0441 0x10a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll 09:58:32.0519 0x10a4 DcomLaunch - ok 09:58:32.0566 0x10a4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll 09:58:32.0659 0x10a4 defragsvc - ok 09:58:32.0690 0x10a4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys 09:58:32.0800 0x10a4 DfsC - ok 09:58:32.0846 0x10a4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll 09:58:32.0893 0x10a4 Dhcp - ok 09:58:32.0924 0x10a4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys 09:58:33.0002 0x10a4 discache - ok 09:58:33.0049 0x10a4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys 09:58:33.0096 0x10a4 Disk - ok 09:58:33.0143 0x10a4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll 09:58:33.0205 0x10a4 Dnscache - ok 09:58:33.0236 0x10a4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll 09:58:33.0314 0x10a4 dot3svc - ok 09:58:33.0330 0x10a4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll 09:58:33.0392 0x10a4 DPS - ok 09:58:33.0439 0x10a4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 09:58:33.0470 0x10a4 drmkaud - ok 09:58:33.0564 0x10a4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 09:58:33.0626 0x10a4 DXGKrnl - ok 09:58:33.0658 0x10a4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll 09:58:33.0720 0x10a4 EapHost - ok 09:58:33.0892 0x10a4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys 09:58:34.0079 0x10a4 ebdrv - ok 09:58:34.0126 0x10a4 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] EFS C:\Windows\System32\lsass.exe 09:58:34.0188 0x10a4 EFS - ok 09:58:34.0266 0x10a4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe 09:58:34.0360 0x10a4 ehRecvr - ok 09:58:34.0375 0x10a4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe 09:58:34.0438 0x10a4 ehSched - ok 09:58:34.0500 0x10a4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys 09:58:34.0547 0x10a4 elxstor - ok 09:58:34.0609 0x10a4 [ D315FF43E23DF424ECEC2F6C930203E4, 68940EDA34DC4945CDD0D8018D96A0DA8F99F16A930946D14E4FECEE033FCB80 ] EpsonScanSvc C:\Windows\system32\EscSvc64.exe 09:58:34.0656 0x10a4 EpsonScanSvc - ok 09:58:34.0687 0x10a4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys 09:58:34.0734 0x10a4 ErrDev - ok 09:58:34.0828 0x10a4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll 09:58:34.0937 0x10a4 EventSystem - ok 09:58:35.0124 0x10a4 [ 7EE9F35BC1DD0CE1A4976032F9AC5162, 31FF86DEEB57AC903A1A1CE2AD8ED161CE613527F9804F9BE31A9051399F1F47 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe 09:58:35.0218 0x10a4 EvtEng - ok 09:58:35.0280 0x10a4 [ 97F9144BA87EB5826363FB345DEB40CD, 7ECDAC691EFD149C22869802F1EEE5CD147A14B8B57B3433B9D4FDCE4BD045CD ] ewusbmbb C:\Windows\system32\DRIVERS\ewusbwwan.sys 09:58:35.0342 0x10a4 ewusbmbb - ok 09:58:35.0389 0x10a4 [ 86F7951BBCEE4A86E79A97306BD14318, 84B52A0392DA53ED71A2C4D483DD93DDF552BF8AC764C7BD47BE0EB58C7C8219 ] ew_hwusbdev C:\Windows\system32\DRIVERS\ew_hwusbdev.sys 09:58:35.0436 0x10a4 ew_hwusbdev - ok 09:58:35.0514 0x10a4 [ 55E0EDA185869F7EA67EA97FD0655B39, D4A51E383102AA48F022EFCA08FAC389336A22C1DF60E17815117EFA60716964 ] ew_usbenumfilter C:\Windows\system32\DRIVERS\ew_usbenumfilter.sys 09:58:35.0561 0x10a4 ew_usbenumfilter - ok 09:58:35.0592 0x10a4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys 09:58:35.0654 0x10a4 exfat - ok 09:58:35.0686 0x10a4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys 09:58:35.0779 0x10a4 fastfat - ok 09:58:35.0857 0x10a4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe 09:58:35.0935 0x10a4 Fax - ok 09:58:35.0951 0x10a4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys 09:58:35.0998 0x10a4 fdc - ok 09:58:36.0013 0x10a4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll 09:58:36.0076 0x10a4 fdPHost - ok 09:58:36.0107 0x10a4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll 09:58:36.0169 0x10a4 FDResPub - ok 09:58:36.0216 0x10a4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 09:58:36.0232 0x10a4 FileInfo - ok 09:58:36.0247 0x10a4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys 09:58:36.0310 0x10a4 Filetrace - ok 09:58:36.0325 0x10a4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys 09:58:36.0372 0x10a4 flpydisk - ok 09:58:36.0403 0x10a4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 09:58:36.0450 0x10a4 FltMgr - ok 09:58:36.0512 0x10a4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll 09:58:36.0606 0x10a4 FontCache - ok 09:58:36.0653 0x10a4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 09:58:36.0668 0x10a4 FontCache3.0.0.0 - ok 09:58:36.0684 0x10a4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 09:58:36.0731 0x10a4 FsDepends - ok 09:58:36.0762 0x10a4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 09:58:36.0809 0x10a4 Fs_Rec - ok 09:58:36.0840 0x10a4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 09:58:36.0887 0x10a4 fvevol - ok 09:58:36.0918 0x10a4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 09:58:36.0949 0x10a4 gagp30kx - ok 09:58:37.0043 0x10a4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll 09:58:37.0136 0x10a4 gpsvc - ok 09:58:37.0152 0x10a4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys 09:58:37.0199 0x10a4 hcw85cir - ok 09:58:37.0261 0x10a4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 09:58:37.0339 0x10a4 HdAudAddService - ok 09:58:37.0402 0x10a4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys 09:58:37.0495 0x10a4 HDAudBus - ok 09:58:37.0526 0x10a4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys 09:58:37.0558 0x10a4 HidBatt - ok 09:58:37.0573 0x10a4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys 09:58:37.0604 0x10a4 HidBth - ok 09:58:37.0636 0x10a4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys 09:58:37.0698 0x10a4 HidIr - ok 09:58:37.0729 0x10a4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll 09:58:37.0776 0x10a4 hidserv - ok 09:58:37.0823 0x10a4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys 09:58:37.0885 0x10a4 HidUsb - ok 09:58:37.0916 0x10a4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll 09:58:37.0994 0x10a4 hkmsvc - ok 09:58:38.0026 0x10a4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll 09:58:38.0088 0x10a4 HomeGroupListener - ok 09:58:38.0119 0x10a4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 09:58:38.0197 0x10a4 HomeGroupProvider - ok 09:58:38.0228 0x10a4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 09:58:38.0275 0x10a4 HpSAMD - ok 09:58:38.0322 0x10a4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys 09:58:38.0447 0x10a4 HTTP - ok 09:58:38.0494 0x10a4 [ DDBB283835010E52E88AAC6995B617D7, 00BDD20B4C8DAEB1FCF545E453A09B473F19A99D1368DF8F63F0FA549766E466 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys 09:58:38.0525 0x10a4 huawei_enumerator - ok 09:58:38.0572 0x10a4 [ 24FA6177FE55C4BC045EC87E39F90688, 14B6EF152CE5293BB549A8FA069BEBC34C8C6B9796A6AA94B0AB6ADBEC3819C1 ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys 09:58:38.0603 0x10a4 hwdatacard - ok 09:58:38.0618 0x10a4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 09:58:38.0650 0x10a4 hwpolicy - ok 09:58:38.0681 0x10a4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys 09:58:38.0728 0x10a4 i8042prt - ok 09:58:38.0821 0x10a4 [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys 09:58:38.0868 0x10a4 iaStor - ok 09:58:38.0977 0x10a4 [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 09:58:39.0040 0x10a4 IAStorDataMgrSvc - ok 09:58:39.0102 0x10a4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 09:58:39.0133 0x10a4 iaStorV - ok 09:58:39.0305 0x10a4 [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe 09:58:39.0414 0x10a4 IconMan_R - ok 09:58:39.0508 0x10a4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe 09:58:39.0586 0x10a4 idsvc - ok 09:58:39.0601 0x10a4 IEEtwCollectorService - ok 09:58:40.0054 0x10a4 [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 09:58:40.0506 0x10a4 igfx - ok 09:58:40.0553 0x10a4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys 09:58:40.0584 0x10a4 iirsp - ok 09:58:40.0646 0x10a4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll 09:58:40.0709 0x10a4 IKEEXT - ok 09:58:40.0787 0x10a4 [ AE594CC17C33AC146739494615E14851, 0E4FA415C1B4065083D761A458450FAE9C6A6EE6E49B3A598B43871D6F01B3EC ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 09:58:40.0865 0x10a4 IntcDAud - ok 09:58:40.0896 0x10a4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys 09:58:40.0943 0x10a4 intelide - ok 09:58:41.0426 0x10a4 [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys 09:58:41.0863 0x10a4 intelkmd - ok 09:58:41.0910 0x10a4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys 09:58:41.0941 0x10a4 intelppm - ok 09:58:41.0957 0x10a4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll 09:58:42.0035 0x10a4 IPBusEnum - ok 09:58:42.0066 0x10a4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 09:58:42.0144 0x10a4 IpFilterDriver - ok 09:58:42.0206 0x10a4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 09:58:42.0300 0x10a4 iphlpsvc - ok 09:58:42.0331 0x10a4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys 09:58:42.0378 0x10a4 IPMIDRV - ok 09:58:42.0394 0x10a4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys 09:58:42.0456 0x10a4 IPNAT - ok 09:58:42.0503 0x10a4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys 09:58:42.0550 0x10a4 IRENUM - ok 09:58:42.0581 0x10a4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys 09:58:42.0596 0x10a4 isapnp - ok 09:58:42.0643 0x10a4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys 09:58:42.0690 0x10a4 iScsiPrt - ok 09:58:42.0721 0x10a4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys 09:58:42.0768 0x10a4 kbdclass - ok 09:58:42.0799 0x10a4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys 09:58:42.0862 0x10a4 kbdhid - ok 09:58:42.0893 0x10a4 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] KeyIso C:\Windows\system32\lsass.exe 09:58:42.0924 0x10a4 KeyIso - ok 09:58:42.0971 0x10a4 [ C60C6B9A2E50B0404F6789C62B428C03, 0DFFAACBA038FB3D994049E7BBC8E0C63CB8B4A68C4AB770AD995B66B017C25B ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 09:58:43.0002 0x10a4 KSecDD - ok 09:58:43.0018 0x10a4 [ 78D152A9FD5747FF6AA89C79F0346F62, 69138077E84E5324751E3C8B80D05BE58EDF03CEC84F69B734537F10F6998F3B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 09:58:43.0049 0x10a4 KSecPkg - ok 09:58:43.0096 0x10a4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 09:58:43.0158 0x10a4 ksthunk - ok 09:58:43.0205 0x10a4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll 09:58:43.0298 0x10a4 KtmRm - ok 09:58:43.0330 0x10a4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll 09:58:43.0408 0x10a4 LanmanServer - ok 09:58:43.0454 0x10a4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 09:58:43.0532 0x10a4 LanmanWorkstation - ok 09:58:43.0579 0x10a4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 09:58:43.0626 0x10a4 lltdio - ok 09:58:43.0657 0x10a4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll 09:58:43.0751 0x10a4 lltdsvc - ok 09:58:43.0782 0x10a4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll 09:58:43.0829 0x10a4 lmhosts - ok 09:58:43.0907 0x10a4 [ 50C7CE53EF461870410355F1F2E7D515, D6E84C63D74E4603D37FD7CC88BF51DE23CD17DB1D1AD4ADBED62F949F3C470C ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 09:58:43.0938 0x10a4 LMS - ok 09:58:43.0985 0x10a4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys 09:58:44.0016 0x10a4 LSI_FC - ok 09:58:44.0047 0x10a4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 09:58:44.0078 0x10a4 LSI_SAS - ok 09:58:44.0094 0x10a4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 09:58:44.0125 0x10a4 LSI_SAS2 - ok 09:58:44.0141 0x10a4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys 09:58:44.0172 0x10a4 LSI_SCSI - ok 09:58:44.0188 0x10a4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys 09:58:44.0266 0x10a4 luafv - ok 09:58:44.0281 0x10a4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll 09:58:44.0328 0x10a4 Mcx2Svc - ok 09:58:44.0344 0x10a4 mdvrmng - ok 09:58:44.0359 0x10a4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys 09:58:44.0406 0x10a4 megasas - ok 09:58:44.0437 0x10a4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys 09:58:44.0468 0x10a4 MegaSR - ok 09:58:44.0500 0x10a4 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys 09:58:44.0546 0x10a4 MEIx64 - ok 09:58:44.0562 0x10a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll 09:58:44.0656 0x10a4 MMCSS - ok 09:58:44.0656 0x10a4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys 09:58:44.0702 0x10a4 Modem - ok 09:58:44.0749 0x10a4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys 09:58:44.0765 0x10a4 monitor - ok 09:58:44.0780 0x10a4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys 09:58:44.0812 0x10a4 mouclass - ok 09:58:44.0827 0x10a4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys 09:58:44.0890 0x10a4 mouhid - ok 09:58:44.0921 0x10a4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 09:58:44.0952 0x10a4 mountmgr - ok 09:58:45.0014 0x10a4 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 09:58:45.0077 0x10a4 MozillaMaintenance - ok 09:58:45.0108 0x10a4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys 09:58:45.0155 0x10a4 mpio - ok 09:58:45.0170 0x10a4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 09:58:45.0233 0x10a4 mpsdrv - ok 09:58:45.0295 0x10a4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll 09:58:45.0404 0x10a4 MpsSvc - ok 09:58:45.0436 0x10a4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 09:58:45.0482 0x10a4 MRxDAV - ok 09:58:45.0514 0x10a4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 09:58:45.0576 0x10a4 mrxsmb - ok 09:58:45.0607 0x10a4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 09:58:45.0685 0x10a4 mrxsmb10 - ok 09:58:45.0701 0x10a4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 09:58:45.0748 0x10a4 mrxsmb20 - ok 09:58:45.0794 0x10a4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys 09:58:45.0810 0x10a4 msahci - ok 09:58:45.0841 0x10a4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys 09:58:45.0888 0x10a4 msdsm - ok 09:58:45.0919 0x10a4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe 09:58:45.0950 0x10a4 MSDTC - ok 09:58:45.0982 0x10a4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys 09:58:46.0044 0x10a4 Msfs - ok 09:58:46.0075 0x10a4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 09:58:46.0138 0x10a4 mshidkmdf - ok 09:58:46.0169 0x10a4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 09:58:46.0216 0x10a4 msisadrv - ok 09:58:46.0247 0x10a4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 09:58:46.0340 0x10a4 MSiSCSI - ok 09:58:46.0340 0x10a4 msiserver - ok 09:58:46.0372 0x10a4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 09:58:46.0434 0x10a4 MSKSSRV - ok 09:58:46.0450 0x10a4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 09:58:46.0543 0x10a4 MSPCLOCK - ok 09:58:46.0543 0x10a4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 09:58:46.0606 0x10a4 MSPQM - ok 09:58:46.0637 0x10a4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 09:58:46.0684 0x10a4 MsRPC - ok 09:58:46.0715 0x10a4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys 09:58:46.0730 0x10a4 mssmbios - ok 09:58:46.0762 0x10a4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 09:58:46.0824 0x10a4 MSTEE - ok 09:58:46.0840 0x10a4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys 09:58:46.0886 0x10a4 MTConfig - ok 09:58:46.0918 0x10a4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys 09:58:46.0964 0x10a4 Mup - ok 09:58:47.0042 0x10a4 [ 0CF5580F27918FFD2E165ECAFA734103, BDB6805A56C1ACE91B2BEE58DF8F48CE4E1B7211BB0AEF22424362F272E09351 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe 09:58:47.0105 0x10a4 MyWiFiDHCPDNS - ok 09:58:47.0120 0x10a4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll 09:58:47.0198 0x10a4 napagent - ok 09:58:47.0261 0x10a4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 09:58:47.0323 0x10a4 NativeWifiP - ok 09:58:47.0401 0x10a4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys 09:58:47.0479 0x10a4 NDIS - ok 09:58:47.0495 0x10a4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 09:58:47.0573 0x10a4 NdisCap - ok 09:58:47.0620 0x10a4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 09:58:47.0666 0x10a4 NdisTapi - ok 09:58:47.0698 0x10a4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 09:58:47.0760 0x10a4 Ndisuio - ok 09:58:47.0791 0x10a4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 09:58:47.0869 0x10a4 NdisWan - ok 09:58:47.0885 0x10a4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 09:58:47.0947 0x10a4 NDProxy - ok 09:58:47.0978 0x10a4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 09:58:48.0041 0x10a4 NetBIOS - ok 09:58:48.0056 0x10a4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 09:58:48.0119 0x10a4 NetBT - ok 09:58:48.0166 0x10a4 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] Netlogon C:\Windows\system32\lsass.exe 09:58:48.0181 0x10a4 Netlogon - ok 09:58:48.0228 0x10a4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll 09:58:48.0306 0x10a4 Netman - ok 09:58:48.0353 0x10a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:58:48.0400 0x10a4 NetMsmqActivator - ok 09:58:48.0415 0x10a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:58:48.0431 0x10a4 NetPipeActivator - ok 09:58:48.0462 0x10a4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll 09:58:48.0540 0x10a4 netprofm - ok 09:58:48.0556 0x10a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:58:48.0587 0x10a4 NetTcpActivator - ok 09:58:48.0602 0x10a4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 09:58:48.0618 0x10a4 NetTcpPortSharing - ok 09:58:48.0961 0x10a4 [ B9C587BDAA61A689883439D5AE6FE7F3, 4AA75BFDD18E0F7D250D1726556FA4F1B0CFE93EA1C38BA43F0EBE046B566E4F ] NETwNs64 C:\Windows\system32\DRIVERS\NETwNs64.sys 09:58:49.0289 0x10a4 NETwNs64 - ok 09:58:49.0336 0x10a4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys 09:58:49.0351 0x10a4 nfrd960 - ok 09:58:49.0382 0x10a4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll 09:58:49.0429 0x10a4 NlaSvc - ok 09:58:49.0429 0x10a4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys 09:58:49.0476 0x10a4 Npfs - ok 09:58:49.0507 0x10a4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll 09:58:49.0585 0x10a4 nsi - ok 09:58:49.0616 0x10a4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 09:58:49.0679 0x10a4 nsiproxy - ok 09:58:49.0757 0x10a4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 09:58:49.0835 0x10a4 Ntfs - ok 09:58:49.0850 0x10a4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys 09:58:49.0928 0x10a4 Null - ok 09:58:49.0960 0x10a4 [ 0EBC9D13CD96C15B1B18D8678A609E4B, B10896DE16B0C102DFB3E73A6C11A1982C5B428015DAE1F8776BCEF94A0F75C6 ] nusb3hub C:\Windows\system32\DRIVERS\nusb3hub.sys 09:58:50.0022 0x10a4 nusb3hub - ok 09:58:50.0069 0x10a4 [ 7BDEC000D56D485021D9C1E63C2F81CA, 7F1303FD0371AF8715BFC38433B730C797170AEF10C7DB845B7B547DA8DBB5D5 ] nusb3xhc C:\Windows\system32\DRIVERS\nusb3xhc.sys 09:58:50.0116 0x10a4 nusb3xhc - ok 09:58:50.0162 0x10a4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys 09:58:50.0209 0x10a4 nvraid - ok 09:58:50.0225 0x10a4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys 09:58:50.0256 0x10a4 nvstor - ok 09:58:50.0287 0x10a4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 09:58:50.0318 0x10a4 nv_agp - ok 09:58:50.0350 0x10a4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys 09:58:50.0412 0x10a4 ohci1394 - ok 09:58:50.0474 0x10a4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 09:58:50.0521 0x10a4 ose - ok 09:58:50.0802 0x10a4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 09:58:50.0989 0x10a4 osppsvc - ok 09:58:51.0036 0x10a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 09:58:51.0114 0x10a4 p2pimsvc - ok 09:58:51.0161 0x10a4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll 09:58:51.0239 0x10a4 p2psvc - ok 09:58:51.0270 0x10a4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys 09:58:51.0301 0x10a4 Parport - ok 09:58:51.0332 0x10a4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys 09:58:51.0379 0x10a4 partmgr - ok 09:58:51.0395 0x10a4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll 09:58:51.0442 0x10a4 PcaSvc - ok 09:58:51.0473 0x10a4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys 09:58:51.0520 0x10a4 pci - ok 09:58:51.0551 0x10a4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys 09:58:51.0566 0x10a4 pciide - ok 09:58:51.0598 0x10a4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 09:58:51.0629 0x10a4 pcmcia - ok 09:58:51.0660 0x10a4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys 09:58:51.0676 0x10a4 pcw - ok 09:58:51.0707 0x10a4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys 09:58:51.0800 0x10a4 PEAUTH - ok 09:58:51.0878 0x10a4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe 09:58:51.0956 0x10a4 PerfHost - ok 09:58:52.0066 0x10a4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll 09:58:52.0190 0x10a4 pla - ok 09:58:52.0268 0x10a4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll 09:58:52.0331 0x10a4 PlugPlay - ok 09:58:52.0331 0x10a4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 09:58:52.0362 0x10a4 PNRPAutoReg - ok 09:58:52.0393 0x10a4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 09:58:52.0424 0x10a4 PNRPsvc - ok 09:58:52.0471 0x10a4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 09:58:52.0534 0x10a4 PolicyAgent - ok 09:58:52.0565 0x10a4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll 09:58:52.0627 0x10a4 Power - ok 09:58:52.0674 0x10a4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys 09:58:52.0736 0x10a4 PptpMiniport - ok 09:58:52.0752 0x10a4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys 09:58:52.0783 0x10a4 Processor - ok 09:58:52.0814 0x10a4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll 09:58:52.0861 0x10a4 ProfSvc - ok 09:58:52.0877 0x10a4 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] ProtectedStorage C:\Windows\system32\lsass.exe 09:58:52.0892 0x10a4 ProtectedStorage - ok 09:58:52.0939 0x10a4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 09:58:53.0017 0x10a4 Psched - ok 09:58:53.0142 0x10a4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys 09:58:53.0251 0x10a4 ql2300 - ok 09:58:53.0282 0x10a4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys 09:58:53.0298 0x10a4 ql40xx - ok 09:58:53.0345 0x10a4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll 09:58:53.0423 0x10a4 QWAVE - ok 09:58:53.0438 0x10a4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 09:58:53.0485 0x10a4 QWAVEdrv - ok 09:58:53.0516 0x10a4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 09:58:53.0563 0x10a4 RasAcd - ok 09:58:53.0579 0x10a4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys 09:58:53.0626 0x10a4 RasAgileVpn - ok 09:58:53.0641 0x10a4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll 09:58:53.0719 0x10a4 RasAuto - ok 09:58:53.0735 0x10a4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys 09:58:53.0797 0x10a4 Rasl2tp - ok 09:58:53.0844 0x10a4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll 09:58:53.0938 0x10a4 RasMan - ok 09:58:53.0953 0x10a4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 09:58:54.0016 0x10a4 RasPppoe - ok 09:58:54.0047 0x10a4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys 09:58:54.0109 0x10a4 RasSstp - ok 09:58:54.0140 0x10a4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 09:58:54.0218 0x10a4 rdbss - ok 09:58:54.0234 0x10a4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys 09:58:54.0281 0x10a4 rdpbus - ok 09:58:54.0312 0x10a4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys 09:58:54.0359 0x10a4 RDPCDD - ok 09:58:54.0374 0x10a4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys 09:58:54.0421 0x10a4 RDPENCDD - ok 09:58:54.0437 0x10a4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys 09:58:54.0484 0x10a4 RDPREFMP - ok 09:58:54.0515 0x10a4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys 09:58:54.0562 0x10a4 RDPWD - ok 09:58:54.0624 0x10a4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 09:58:54.0686 0x10a4 rdyboost - ok 09:58:54.0842 0x10a4 [ AA9FD849C028CCB441A78061B57DB734, 5D6E8A0BEF94C2AA4B634A754BF29F93B9A5D2B02E9376CFB8BF4152EA480193 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe 09:58:54.0905 0x10a4 RegSrvc - ok 09:58:54.0936 0x10a4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll 09:58:55.0030 0x10a4 RemoteAccess - ok 09:58:55.0061 0x10a4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll 09:58:55.0154 0x10a4 RemoteRegistry - ok 09:58:55.0201 0x10a4 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys 09:58:55.0264 0x10a4 RFCOMM - ok 09:58:55.0279 0x10a4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 09:58:55.0342 0x10a4 RpcEptMapper - ok 09:58:55.0373 0x10a4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe 09:58:55.0435 0x10a4 RpcLocator - ok 09:58:55.0498 0x10a4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll 09:58:55.0576 0x10a4 RpcSs - ok 09:58:55.0622 0x10a4 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys 09:58:55.0654 0x10a4 RSPCIESTOR - ok 09:58:55.0669 0x10a4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 09:58:55.0732 0x10a4 rspndr - ok 09:58:55.0794 0x10a4 [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys 09:58:55.0856 0x10a4 RTL8167 - ok 09:58:55.0903 0x10a4 [ 68F717BC57B0FE12011EB9517C97F78D, C1492E889C5C3DEA1CB89F591A840D383ADA23AE46B496A1C01A23538113245E ] s1029bus C:\Windows\system32\DRIVERS\s1029bus.sys 09:58:55.0934 0x10a4 s1029bus - ok 09:58:55.0981 0x10a4 [ FCFAFA529F4FA27B02FCE1E52A84922E, 5707F5C97BD4B30E6E6790ADF9360EE479A1322C50E73BD435557465C6B3E8A0 ] s1029mdfl C:\Windows\system32\DRIVERS\s1029mdfl.sys 09:58:56.0044 0x10a4 s1029mdfl - ok 09:58:56.0075 0x10a4 [ 35BD0866EB422AB2D7C8F0DDCC67BF7C, A8C2CBDC8078F98277C891D9ECF52A1C7B4DE4CF06C854FF4D65ED1579DB2EB8 ] s1029mdm C:\Windows\system32\DRIVERS\s1029mdm.sys 09:58:56.0122 0x10a4 s1029mdm - ok 09:58:56.0153 0x10a4 [ E0FD4F4F42B76E910CC4295C97AA30BA, 3561478D9BD5E4BC66E150A82127964BF7E6C4A0862685CEBEC6AA097C878689 ] s1029mgmt C:\Windows\system32\DRIVERS\s1029mgmt.sys 09:58:56.0184 0x10a4 s1029mgmt - ok 09:58:56.0231 0x10a4 [ 90276F1D842EB96F82510E73FDB792AD, A8566402688208071F49410F7D973AA29BCAC43C21BFCB42E52B5B6C1240E2AC ] s1029nd5 C:\Windows\system32\DRIVERS\s1029nd5.sys 09:58:56.0293 0x10a4 s1029nd5 - ok 09:58:56.0324 0x10a4 [ 128ED45223FAB846E8436A2F2BAEBB55, CE5A2F05B6D5598100113AD688A8E0A7D041424F68106B3BFFD31C27E5D6811A ] s1029obex C:\Windows\system32\DRIVERS\s1029obex.sys 09:58:56.0371 0x10a4 s1029obex - ok 09:58:56.0434 0x10a4 [ 400FC5591586A1DFECF7A0CFAA6B0D68, E9E99BD39CFAFCB8103E4CCA62A35BBE81B5982FD5575F64F5F189C57EB6A65B ] s1029unic C:\Windows\system32\DRIVERS\s1029unic.sys 09:58:56.0496 0x10a4 s1029unic - ok 09:58:56.0512 0x10a4 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] SamSs C:\Windows\system32\lsass.exe 09:58:56.0543 0x10a4 SamSs - ok 09:58:56.0574 0x10a4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 09:58:56.0605 0x10a4 sbp2port - ok 09:58:56.0636 0x10a4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll 09:58:56.0730 0x10a4 SCardSvr - ok 09:58:56.0746 0x10a4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 09:58:56.0808 0x10a4 scfilter - ok 09:58:56.0855 0x10a4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll 09:58:56.0948 0x10a4 Schedule - ok 09:58:56.0980 0x10a4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll 09:58:57.0026 0x10a4 SCPolicySvc - ok 09:58:57.0042 0x10a4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll 09:58:57.0104 0x10a4 SDRSVC - ok 09:58:57.0260 0x10a4 [ D777F1417D9BB9F66CD9D9C3B61F730F, 0CBD830EB9D2B0F1946131F20907793B2D68A3BCEEC3EA5416972149F73DC815 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe 09:58:57.0385 0x10a4 SDScannerService - ok 09:58:57.0510 0x10a4 [ 68D6C7F99BC73B88954D844FCCBEB2A0, F746861B103C8BE8EA234B9FCFBBDD2412C79FB65F2F1E0F5E6EBC0B34905FF1 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe 09:58:57.0619 0x10a4 SDUpdateService - ok 09:58:57.0697 0x10a4 [ 9B9B368A8FF5CAF91D7A333CF62CD2CC, A4AE7FFBBAF983BFDE15B521ED162CBC4E6FC85BCDB200C75D45878B3FFDFA68 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe 09:58:57.0760 0x10a4 SDWSCService - ok 09:58:57.0791 0x10a4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 09:58:57.0853 0x10a4 secdrv - ok 09:58:57.0884 0x10a4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll 09:58:57.0947 0x10a4 seclogon - ok 09:58:57.0978 0x10a4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll 09:58:58.0040 0x10a4 SENS - ok 09:58:58.0072 0x10a4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll 09:58:58.0103 0x10a4 SensrSvc - ok 09:58:58.0118 0x10a4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys 09:58:58.0150 0x10a4 Serenum - ok 09:58:58.0181 0x10a4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys 09:58:58.0228 0x10a4 Serial - ok 09:58:58.0243 0x10a4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys 09:58:58.0337 0x10a4 sermouse - ok 09:58:58.0368 0x10a4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll 09:58:58.0446 0x10a4 SessionEnv - ok 09:58:58.0493 0x10a4 [ 70F9C476B62DE4F2823E918A6C181ADE, E1A641418A6CB4FA38BB29B86934838B28D8909B8066E5089D85BF72FD61F4C4 ] SFEP C:\Windows\system32\DRIVERS\SFEP.sys 09:58:58.0555 0x10a4 SFEP - ok 09:58:58.0571 0x10a4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys 09:58:58.0586 0x10a4 sffdisk - ok 09:58:58.0618 0x10a4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys 09:58:58.0664 0x10a4 sffp_mmc - ok 09:58:58.0664 0x10a4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys 09:58:58.0696 0x10a4 sffp_sd - ok 09:58:58.0696 0x10a4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys 09:58:58.0711 0x10a4 sfloppy - ok 09:58:58.0774 0x10a4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll 09:58:58.0852 0x10a4 SharedAccess - ok 09:58:58.0883 0x10a4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll 09:58:58.0961 0x10a4 ShellHWDetection - ok 09:58:58.0992 0x10a4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 09:58:59.0008 0x10a4 SiSRaid2 - ok 09:58:59.0023 0x10a4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 09:58:59.0054 0x10a4 SiSRaid4 - ok 09:58:59.0117 0x10a4 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 09:58:59.0179 0x10a4 SkypeUpdate - ok 09:58:59.0226 0x10a4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys 09:58:59.0320 0x10a4 Smb - ok 09:58:59.0351 0x10a4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 09:58:59.0382 0x10a4 SNMPTRAP - ok 09:58:59.0413 0x10a4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys 09:58:59.0444 0x10a4 spldr - ok 09:58:59.0522 0x10a4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe 09:58:59.0585 0x10a4 Spooler - ok 09:58:59.0741 0x10a4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe 09:58:59.0928 0x10a4 sppsvc - ok 09:58:59.0959 0x10a4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll 09:59:00.0037 0x10a4 sppuinotify - ok 09:59:00.0084 0x10a4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys 09:59:00.0146 0x10a4 srv - ok 09:59:00.0193 0x10a4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 09:59:00.0256 0x10a4 srv2 - ok 09:59:00.0271 0x10a4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 09:59:00.0318 0x10a4 srvnet - ok 09:59:00.0349 0x10a4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 09:59:00.0412 0x10a4 SSDPSRV - ok 09:59:00.0443 0x10a4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll 09:59:00.0490 0x10a4 SstpSvc - ok 09:59:00.0521 0x10a4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys 09:59:00.0552 0x10a4 stexstor - ok 09:59:00.0646 0x10a4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll 09:59:00.0724 0x10a4 stisvc - ok 09:59:00.0755 0x10a4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys 09:59:00.0770 0x10a4 swenum - ok 09:59:00.0802 0x10a4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll 09:59:00.0895 0x10a4 swprv - ok 09:59:00.0973 0x10a4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll 09:59:01.0114 0x10a4 SysMain - ok 09:59:01.0129 0x10a4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll 09:59:01.0176 0x10a4 TabletInputService - ok 09:59:01.0238 0x10a4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll 09:59:01.0348 0x10a4 TapiSrv - ok 09:59:01.0348 0x10a4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll 09:59:01.0441 0x10a4 TBS - ok 09:59:01.0566 0x10a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 09:59:01.0675 0x10a4 Tcpip - ok 09:59:01.0738 0x10a4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 09:59:01.0831 0x10a4 TCPIP6 - ok 09:59:01.0862 0x10a4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 09:59:01.0909 0x10a4 tcpipreg - ok 09:59:01.0956 0x10a4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys 09:59:01.0987 0x10a4 TDPIPE - ok 09:59:02.0034 0x10a4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys 09:59:02.0081 0x10a4 TDTCP - ok 09:59:02.0112 0x10a4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys 09:59:02.0143 0x10a4 tdx - ok 09:59:02.0174 0x10a4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys 09:59:02.0206 0x10a4 TermDD - ok 09:59:02.0252 0x10a4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll 09:59:02.0315 0x10a4 TermService - ok 09:59:02.0346 0x10a4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll 09:59:02.0393 0x10a4 Themes - ok 09:59:02.0424 0x10a4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll 09:59:02.0486 0x10a4 THREADORDER - ok 09:59:02.0502 0x10a4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll 09:59:02.0596 0x10a4 TrkWks - ok 09:59:02.0658 0x10a4 [ FD44FA80DA03EA144153A76DEBBB61B4, 0C46717F489A415A583470DAE8CF58E47BC307B9CB0F9DB6C4EDF33B7525475C ] TrueSight C:\Windows\System32\drivers\TrueSight.sys 09:59:02.0736 0x10a4 TrueSight - ok 09:59:02.0783 0x10a4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 09:59:02.0861 0x10a4 TrustedInstaller - ok 09:59:02.0908 0x10a4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys 09:59:02.0954 0x10a4 tssecsrv - ok 09:59:02.0986 0x10a4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 09:59:03.0064 0x10a4 TsUsbFlt - ok 09:59:03.0064 0x10a4 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys 09:59:03.0126 0x10a4 TsUsbGD - ok 09:59:03.0173 0x10a4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 09:59:03.0235 0x10a4 tunnel - ok 09:59:03.0251 0x10a4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 09:59:03.0282 0x10a4 uagp35 - ok 09:59:03.0313 0x10a4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys 09:59:03.0376 0x10a4 udfs - ok 09:59:03.0407 0x10a4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe 09:59:03.0454 0x10a4 UI0Detect - ok 09:59:03.0485 0x10a4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 09:59:03.0516 0x10a4 uliagpkx - ok 09:59:03.0547 0x10a4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys 09:59:03.0578 0x10a4 umbus - ok 09:59:03.0594 0x10a4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys 09:59:03.0641 0x10a4 UmPass - ok 09:59:03.0828 0x10a4 [ 374EBDA379A8F38E0CFC2211611E7167, 0D6C3002B28E27C052227488CEE69FA99399421FF777EB48031E6080A759F532 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe 09:59:03.0937 0x10a4 UNS - ok 09:59:03.0968 0x10a4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll 09:59:04.0046 0x10a4 upnphost - ok 09:59:04.0093 0x10a4 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys 09:59:04.0140 0x10a4 usbaudio - ok 09:59:04.0187 0x10a4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys 09:59:04.0202 0x10a4 usbccgp - ok 09:59:04.0249 0x10a4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys 09:59:04.0265 0x10a4 usbcir - ok 09:59:04.0296 0x10a4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys 09:59:04.0343 0x10a4 usbehci - ok 09:59:04.0374 0x10a4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys 09:59:04.0452 0x10a4 usbhub - ok 09:59:04.0483 0x10a4 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\drivers\usbohci.sys 09:59:04.0514 0x10a4 usbohci - ok 09:59:04.0546 0x10a4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys 09:59:04.0592 0x10a4 usbprint - ok 09:59:04.0624 0x10a4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys 09:59:04.0670 0x10a4 usbscan - ok 09:59:04.0733 0x10a4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS 09:59:04.0795 0x10a4 USBSTOR - ok 09:59:04.0811 0x10a4 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\drivers\usbuhci.sys 09:59:04.0858 0x10a4 usbuhci - ok 09:59:04.0889 0x10a4 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 09:59:04.0936 0x10a4 usbvideo - ok 09:59:04.0951 0x10a4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll 09:59:05.0014 0x10a4 UxSms - ok 09:59:05.0123 0x10a4 [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe 09:59:05.0170 0x10a4 VAIO Event Service - ok 09:59:05.0310 0x10a4 [ EF7CF87F940F9104A3079F839BDC60C5, 12C458454DE960F5C2C3351E2D60B2536AFBB7A005AC6327945A3F69BD43FA66 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe 09:59:05.0388 0x10a4 VAIO Power Management - ok 09:59:05.0419 0x10a4 [ E0105F3B5B1C4B0F5B3D788A13504EC6, 16C094BC098E4606239C8A54F2E4B92BABB68215CCB43C161661B1A664A0C7A0 ] VaultSvc C:\Windows\system32\lsass.exe 09:59:05.0466 0x10a4 VaultSvc - ok 09:59:05.0591 0x10a4 [ 1352B215BDC5807A5641E7C143796DD7, B54F95307253BB81E4CEE4F2033782210652364DE6A1E833B27ECE7E04A2BD51 ] VBoxAswDrv C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys 09:59:05.0638 0x10a4 VBoxAswDrv - ok 09:59:05.0684 0x10a4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 09:59:05.0731 0x10a4 vdrvroot - ok 09:59:05.0778 0x10a4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe 09:59:05.0856 0x10a4 vds - ok 09:59:05.0887 0x10a4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys 09:59:05.0918 0x10a4 vga - ok 09:59:05.0934 0x10a4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys 09:59:05.0981 0x10a4 VgaSave - ok 09:59:06.0012 0x10a4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys 09:59:06.0059 0x10a4 vhdmp - ok 09:59:06.0090 0x10a4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys 09:59:06.0121 0x10a4 viaide - ok 09:59:06.0168 0x10a4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys 09:59:06.0215 0x10a4 volmgr - ok 09:59:06.0230 0x10a4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 09:59:06.0277 0x10a4 volmgrx - ok 09:59:06.0277 0x10a4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys 09:59:06.0324 0x10a4 volsnap - ok 09:59:06.0371 0x10a4 [ 8F1E531D36D95B0586DA00D546AB8B9A, 206C568E3698096D2C2C2E5BAB53382B74DEF2B354E6029E7C34912A55A0897C ] Vsdatant C:\Windows\system32\DRIVERS\vsdatant.sys 09:59:06.0418 0x10a4 Vsdatant - ok 09:59:06.0589 0x10a4 [ EA02B9C499A795AD537E25F7C9612194, 44AE3BDBFB9CB3904387001E4937C3687D1FFD66F830A42E5F8C4CE2542BC2EC ] vsmon C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe 09:59:06.0745 0x10a4 vsmon - ok 09:59:06.0776 0x10a4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 09:59:06.0823 0x10a4 vsmraid - ok 09:59:06.0932 0x10a4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe 09:59:07.0073 0x10a4 VSS - ok 09:59:07.0104 0x10a4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys 09:59:07.0151 0x10a4 vwifibus - ok 09:59:07.0182 0x10a4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 09:59:07.0244 0x10a4 vwififlt - ok 09:59:07.0260 0x10a4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 09:59:07.0307 0x10a4 vwifimp - ok 09:59:07.0369 0x10a4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll 09:59:07.0463 0x10a4 W32Time - ok 09:59:07.0478 0x10a4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys 09:59:07.0494 0x10a4 WacomPen - ok 09:59:07.0525 0x10a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys 09:59:07.0588 0x10a4 WANARP - ok 09:59:07.0588 0x10a4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys 09:59:07.0634 0x10a4 Wanarpv6 - ok 09:59:07.0744 0x10a4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe 09:59:07.0837 0x10a4 WatAdminSvc - ok 09:59:07.0946 0x10a4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe 09:59:08.0056 0x10a4 wbengine - ok 09:59:08.0071 0x10a4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 09:59:08.0102 0x10a4 WbioSrvc - ok 09:59:08.0118 0x10a4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll 09:59:08.0180 0x10a4 wcncsvc - ok 09:59:08.0212 0x10a4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 09:59:08.0258 0x10a4 WcsPlugInService - ok 09:59:08.0290 0x10a4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys 09:59:08.0321 0x10a4 Wd - ok 09:59:08.0399 0x10a4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 09:59:08.0461 0x10a4 Wdf01000 - ok 09:59:08.0492 0x10a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll 09:59:08.0539 0x10a4 WdiServiceHost - ok 09:59:08.0539 0x10a4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll 09:59:08.0570 0x10a4 WdiSystemHost - ok 09:59:08.0602 0x10a4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll 09:59:08.0664 0x10a4 WebClient - ok 09:59:08.0695 0x10a4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll 09:59:08.0758 0x10a4 Wecsvc - ok 09:59:08.0789 0x10a4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll 09:59:08.0836 0x10a4 wercplsupport - ok 09:59:08.0882 0x10a4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll 09:59:08.0960 0x10a4 WerSvc - ok 09:59:08.0992 0x10a4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys 09:59:09.0038 0x10a4 WfpLwf - ok 09:59:09.0054 0x10a4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 09:59:09.0070 0x10a4 WIMMount - ok 09:59:09.0085 0x10a4 WinDefend - ok 09:59:09.0101 0x10a4 WinHttpAutoProxySvc - ok 09:59:09.0163 0x10a4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 09:59:09.0304 0x10a4 Winmgmt - ok 09:59:09.0413 0x10a4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll 09:59:09.0553 0x10a4 WinRM - ok 09:59:09.0616 0x10a4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys 09:59:09.0694 0x10a4 WinUsb - ok 09:59:09.0772 0x10a4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll 09:59:09.0865 0x10a4 Wlansvc - ok 09:59:09.0881 0x10a4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys 09:59:09.0928 0x10a4 WmiAcpi - ok 09:59:09.0959 0x10a4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 09:59:10.0006 0x10a4 wmiApSrv - ok 09:59:10.0021 0x10a4 WMPNetworkSvc - ok 09:59:10.0068 0x10a4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll 09:59:10.0131 0x10a4 WPCSvc - ok 09:59:10.0162 0x10a4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 09:59:10.0193 0x10a4 WPDBusEnum - ok 09:59:10.0209 0x10a4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 09:59:10.0271 0x10a4 ws2ifsl - ok 09:59:10.0302 0x10a4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll 09:59:10.0349 0x10a4 wscsvc - ok 09:59:10.0349 0x10a4 WSearch - ok 09:59:10.0427 0x10a4 [ CF1F52298E621F0B4ABB71A4F8D16776, 34E701C563457536B1227BE111843C65AF84D41D5DE48A0486F90E01BBDABD9D ] WTGService C:\Program Files (x86)\3DataManager\WTGService.exe 09:59:10.0505 0x10a4 WTGService - ok 09:59:10.0630 0x10a4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll 09:59:10.0770 0x10a4 wuauserv - ok 09:59:10.0801 0x10a4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 09:59:10.0864 0x10a4 WudfPf - ok 09:59:10.0911 0x10a4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys 09:59:10.0973 0x10a4 WUDFRd - ok 09:59:10.0989 0x10a4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 09:59:11.0051 0x10a4 wudfsvc - ok 09:59:11.0082 0x10a4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll 09:59:11.0113 0x10a4 WwanSvc - ok 09:59:11.0160 0x10a4 [ 06C2D86214E0D3590F288D18365EFE04, 2405E924B3C5648EF69103DB339F3F385797C8763C1C31B549505E62D8E903E8 ] ZAPrivacyService C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe 09:59:11.0176 0x10a4 ZAPrivacyService - ok 09:59:11.0223 0x10a4 ================ Scan global =============================== 09:59:11.0254 0x10a4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll 09:59:11.0285 0x10a4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 09:59:11.0301 0x10a4 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll 09:59:11.0347 0x10a4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll 09:59:11.0394 0x10a4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe 09:59:11.0410 0x10a4 [ Global ] - ok 09:59:11.0410 0x10a4 ================ Scan MBR ================================== 09:59:11.0425 0x10a4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 09:59:11.0737 0x10a4 \Device\Harddisk0\DR0 - ok 09:59:12.0829 0x10a4 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1 09:59:12.0923 0x10a4 \Device\Harddisk1\DR1 - ok 09:59:12.0923 0x10a4 ================ Scan VBR ================================== 09:59:12.0954 0x10a4 [ C7F3D91EFE84127BA11BE8BEDEC48934 ] \Device\Harddisk0\DR0\Partition1 09:59:12.0954 0x10a4 \Device\Harddisk0\DR0\Partition1 - ok 09:59:12.0954 0x10a4 [ 6C38AE8759EF61F6B140F23B37C1CA40 ] \Device\Harddisk1\DR1\Partition1 09:59:12.0970 0x10a4 \Device\Harddisk1\DR1\Partition1 - ok 09:59:12.0970 0x10a4 ================ Scan generic autorun ====================== 09:59:13.0001 0x10a4 [ D3E38DCD73E8F6C529F10802654F81B5, 1E5DCDEC809C8F6C7325B5F64966623745D83B18C59686CD9979472F16AC1E3A ] C:\Windows\system32\igfxtray.exe 09:59:13.0048 0x10a4 IgfxTray - ok 09:59:13.0079 0x10a4 [ 29B73F389AE0B9C7581EB71ED1ACFA22, 2F2BAB6A673439638FBB25CAA1A57F7EC62C023066574892BC83405669DE9044 ] C:\Windows\system32\hkcmd.exe 09:59:13.0141 0x10a4 HotKeysCmds - ok 09:59:13.0173 0x10a4 [ EF841D467E5DE7D096A507C345C259BC, 8571925382B59CA598A4063621A3BB59FBCE75DF705FAA4547F12827545AA0EA ] C:\Windows\system32\igfxpers.exe 09:59:13.0219 0x10a4 Persistence - ok 09:59:13.0360 0x10a4 [ D26F58CAD288E92A45A0F8517179B6A4, 50CD7E8CB80224D187ED8CDEA800FC964631DEA45616F1B53624D632DB1A9A55 ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe 09:59:13.0453 0x10a4 IntelWireless - ok 09:59:13.0485 0x10a4 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe 09:59:13.0531 0x10a4 Logitech Download Assistant - ok 09:59:13.0641 0x10a4 [ C973B2FC3E6B97C54CF633A4517C076A, 1350B2863A720309C0F653E97EF2129A8956294D8360BBA566EF3D92173E7F63 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe 09:59:13.0719 0x10a4 StartCCC - ok 09:59:13.0828 0x10a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 09:59:13.0953 0x10a4 Sidebar - ok 09:59:13.0984 0x10a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 09:59:14.0046 0x10a4 mctadmin - ok 09:59:14.0077 0x10a4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe 09:59:14.0155 0x10a4 Sidebar - ok 09:59:14.0155 0x10a4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe 09:59:14.0187 0x10a4 mctadmin - ok 09:59:14.0904 0x10a4 [ 14EF06B1EA531D681B5738F37388B99C, AB74735A3569B7995572FD7B0D026919CADA27C43A6AD0503659CE7CA3FF6B84 ] C:\Program Files\CCleaner\CCleaner64.exe 09:59:15.0201 0x10a4 CCleaner Monitoring - ok 09:59:15.0201 0x10a4 Waiting for KSN requests completion. In queue: 119 09:59:16.0215 0x10a4 Waiting for KSN requests completion. In queue: 119 09:59:17.0229 0x10a4 Waiting for KSN requests completion. In queue: 119 09:59:18.0336 0x10a4 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.0.2208.712 ), 0x41000 ( enabled : updated ) 09:59:18.0336 0x10a4 FW detected via SS2: ZoneAlarm Free Firewall Firewall, C:\Program Files (x86)\CheckPoint\ZoneAlarm\\MultiFix.exe ( 13.3.52.0 ), 0x41010 ( enabled ) 09:59:18.0711 0x10a4 ============================================================ 09:59:18.0711 0x10a4 Scan finished 09:59:18.0711 0x10a4 ============================================================ 09:59:18.0726 0x1ab8 Detected object count: 0 09:59:18.0726 0x1ab8 Actual detected object count: 0 |
07.03.2015, 18:36 | #8 |
/// the machine /// TB-Ausbilder | CPU sark beansprucht! Lüfter laut! ProcessExplorer als Ersatz für den Windows Taskmanager installieren Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden. Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt. Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
13.03.2015, 13:06 | #9 |
| CPU sark beansprucht! Lüfter laut! Hallo Schrauber, danke für das Programm. Das ist ja richtig gut. Nach der Installierung habe ich Deine angebenen Anweisungen befolgt. Der Lüfter wird laut, wenn der Firefox an ist und ich surfe. Stärker wird´s mit dem Shockwave-Player. Da wird der CPU bis 60% beansprucht, wovon der Firefox etwa 30% einnimmt. Außerdem läuft da ein System Idle Process, der bis über 90% der CPU-Leistung beansprucht (Siehe Bild). Wenn ich dann noch den Thunderbird aufmache wird es richtig laut. Andere, stärkere, Beanspruchungen sind Word mit Excel zusammen. Allerdings habe ich teilweise ziemlich große Dateien mit vielen Berechnungen, Hyperlinks, etc. Kannst Du etwas damit anfangen? Gruß Bennie |
13.03.2015, 15:34 | #10 |
| CPU sark beansprucht! Lüfter laut! Jetzt habe ich noch etwas hinzuzufügen. Bei starker Beanspruchung durch Youtube geht der system Idle Process runter, während die CPU-Auslastung steigt (über bis auf 60%; siehe Bild). Neben Firefox wird auch ein SearchFilterHost.exe als Hauptaulaster des CPU angegeben. Während dessen läuft der Lüfter sehr lange und laut. Gruß Bennie |
13.03.2015, 18:02 | #11 |
/// the machine /// TB-Ausbilder | CPU sark beansprucht! Lüfter laut! Revo Uninstaller - Download - Filepony damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.mozilla.org/de/kb/fi...einfach-loesen Und WIndows Search Indizierung abschalten.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
08.05.2015, 11:33 | #12 |
| CPU sark beansprucht! Lüfter laut! Hallo Schrauber, es ist jetzt eine Weile her, dass ich mich zuletzt meldete. Aber ich will mich nochmal bedanken für die Hilfe. Nach der Neuinstallation von Firefox lief mein Rechner viel leiser, da weniger beansprucht. LG Bennie |
09.05.2015, 08:22 | #13 |
/// the machine /// TB-Ausbilder | CPU sark beansprucht! Lüfter laut! Dann räumen wir noch auf Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde: Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung: Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu CPU sark beansprucht! Lüfter laut! |
antivirus, avast, browser, cpu, defender, desktop, explorer, firefox, flash player, helper.exe, home, installation, mozilla, programm, realtek, registry, registry key, rundll, security, services.exe, software, superantispyware, svchost.exe, system, temp, tracker, windows, winlogon.exe |