| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 8: Browser sehr langsam, Probleme mit dem wlanWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.07.2015, 16:09
| #1 |
 |  Windows 8: Browser sehr langsam, Probleme mit dem wlan Hallo, ich hab Probleme mit meinem Browser/Internet allgemein. Mein Browser, Opera, ist unfassbar langsam. Es ist die neuste Version, aber er braucht ewig, bis er gestartet wird und wenn ich zwei Tabs hintereinander aufmache stürzt er immer ab. Deswegen hab ich ihn deinstalliert, alles dazu gelöscht, neu installiert, aber es hat sich nichts geändert, beim ersten Start ist er schon wieder hängen geblieben. Wenn man lange genug wartet, läuft er irgendwann wieder, aber das ist doch nicht normal. Manche Websites werden auch gar nicht erst geladen, da steht dann einfach ich hätte keine Internetverbindung oder angeblich reagiert der Server nicht und nach ein paar Minuten geht es dann plötzlich wieder. Das Problem hab ich allerdings beim Handy ebenfalls - im mobilen Netz geht die Seite dann aber, nur nicht im WLAN? Jedenfalls wollte ich euch bitten, euch das mal anzuschauen. Ich benutze jetzt Google Chrome und der funktioniert bisher einwandfrei. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:10 on 04/07/2015 (Désirée)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Désirée (administrator) on FELICA on 04-07-2015 16:12:38
Running from C:\Users\Désirée\Desktop
Loaded Profiles: Désirée (Available Profiles: Désirée)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2274478751-3046789010-2582509646-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{958C2582-A601-48F7-9908-451F70DAD795}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{A86DCECD-29F2-43A3-B36D-6263AA7A35BE}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-30] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-30] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Anti-Phishing - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\{bae4e2d9-a9ac-4f2c-a844-ff576912bcef} [2015-06-17]
FF Extension: ProxTube - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\ich@maltegoetz.de.xpi [2015-06-15]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-24]
CHR Extension: (Google Wallet) - C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG)
R3 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R3 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [3672560 2015-04-07] (G Data Software AG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-06-01] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [27648 2015-06-01] (G Data Software AG)
R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2015-06-01] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-06-01] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-06-01] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-06-01] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-12-03] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-06-01] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [13696 2012-09-17] (ASUSTek Computer Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-04 16:12 - 2015-07-04 16:13 - 00015269 _____ C:\Users\Désirée\Desktop\FRST.txt
2015-07-04 16:12 - 2015-07-04 16:13 - 00000000 ____D C:\FRST
2015-07-04 16:10 - 2015-07-04 16:10 - 00380416 _____ C:\Users\Désirée\Desktop\4ggbnxp9.exe
2015-07-04 16:10 - 2015-07-04 16:10 - 00000476 _____ C:\Users\Désirée\Desktop\defogger_disable.log
2015-07-04 16:10 - 2015-07-04 16:10 - 00000000 _____ C:\Users\Désirée\defogger_reenable
2015-07-04 16:09 - 2015-07-04 16:09 - 02112512 _____ (Farbar) C:\Users\Désirée\Desktop\FRST64.exe
2015-07-04 16:09 - 2015-07-04 16:09 - 00050477 _____ C:\Users\Désirée\Desktop\Defogger.exe
2015-07-04 15:52 - 2015-07-04 15:52 - 00003842 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1436017931
2015-07-04 15:52 - 2015-07-04 15:52 - 00001153 _____ C:\Users\Public\Desktop\Opera.lnk
2015-07-04 15:52 - 2015-07-04 15:52 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-04 15:52 - 2015-07-04 15:52 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\Opera Software
2015-07-04 15:52 - 2015-07-04 15:52 - 00000000 ____D C:\Users\Désirée\AppData\Local\Opera Software
2015-07-04 15:51 - 2015-07-04 15:52 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-04 15:29 - 2015-07-04 15:29 - 00687064 _____ (Opera Software) C:\Users\Désirée\Desktop\Opera_NI_stable.exe
2015-07-04 15:06 - 2015-07-04 15:06 - 00061576 _____ C:\Users\Désirée\Desktop\Bookmarks.html
2015-06-30 19:29 - 2015-06-30 19:29 - 00016931 _____ C:\Users\Désirée\AppData\Local\recently-used.xbel
2015-06-25 22:04 - 2015-06-25 22:04 - 00207286 _____ C:\Users\Désirée\Documents\gesuchkayben2.xcf
2015-06-25 22:03 - 2015-06-25 22:03 - 01049142 _____ C:\Users\Désirée\Documents\gesuchkayben.xcf
2015-06-20 12:36 - 2015-06-20 12:36 - 00000259 _____ C:\Users\Désirée\.gtk-bookmarks
2015-06-16 12:05 - 2015-06-16 12:05 - 06477032 _____ (Tim Kosse) C:\Users\Désirée\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-15 11:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-15 11:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-15 11:35 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-15 11:35 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-15 11:35 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-15 11:35 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-15 11:35 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-15 11:35 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-15 11:35 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-15 11:35 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-15 11:35 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-15 11:35 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-15 11:35 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-15 11:35 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-15 11:35 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-15 11:35 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-15 11:35 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-15 11:35 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-15 11:35 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-15 11:35 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-15 11:35 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-15 11:35 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-15 11:35 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-15 11:35 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-15 11:35 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-15 11:35 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-15 11:35 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-15 11:35 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-15 11:35 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-15 11:35 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-15 11:35 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-15 11:35 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-15 11:35 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-15 11:35 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-15 11:35 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-15 11:35 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-15 11:34 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-15 11:34 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-15 11:34 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-15 11:34 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-15 11:34 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-15 11:34 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-15 11:34 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-15 11:34 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-15 11:34 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-15 11:34 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-15 11:34 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-15 11:34 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-15 11:34 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-15 11:34 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-15 11:34 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-15 11:34 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-15 11:34 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-15 11:34 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-15 11:34 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-15 11:34 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-15 11:34 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-15 11:34 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-15 11:34 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-15 11:34 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-15 11:34 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-15 11:34 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-15 11:34 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-15 11:34 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-15 11:34 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-15 11:34 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-15 11:34 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-15 11:34 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-15 11:34 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-04 16:10 - 2014-02-06 17:10 - 00000000 ____D C:\Users\Désirée
2015-07-04 16:02 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-04 16:01 - 2014-02-06 17:28 - 01546241 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-04 15:55 - 2013-01-06 05:31 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2274478751-3046789010-2582509646-1001
2015-07-04 15:51 - 2013-08-19 21:11 - 00003870 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-04 15:51 - 2013-08-19 21:11 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-04 15:51 - 2012-11-30 10:32 - 00003052 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-07-04 15:51 - 2012-11-30 10:30 - 00003024 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-07-04 15:50 - 2014-12-24 19:19 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-04 15:50 - 2013-01-06 05:21 - 00000401 _____ C:\Users\Désirée\AppData\Roaming\sp_data.sys
2015-07-04 15:50 - 2012-11-30 10:29 - 00003114 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-07-04 15:48 - 2014-12-01 00:00 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-04 15:31 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-04 15:30 - 2013-08-22 16:46 - 00301292 _____ C:\WINDOWS\setupact.log
2015-07-04 15:30 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-07-04 15:25 - 2013-08-19 21:11 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieUserList
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieSiteList
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieBrowserModeList
2015-07-04 13:28 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-04 12:35 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-01 21:28 - 2013-09-05 10:22 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\FileZilla
2015-06-30 19:29 - 2013-07-12 13:30 - 00000000 ____D C:\Users\Désirée\.gimp-2.8
2015-06-30 08:42 - 2014-12-01 00:00 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-30 08:42 - 2013-01-07 00:09 - 00000000 ____D C:\Users\Désirée\AppData\Local\Adobe
2015-06-27 20:16 - 2013-05-28 21:47 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\Skype
2015-06-26 13:19 - 2013-07-12 13:41 - 00000000 ____D C:\Users\Désirée\AppData\Local\gtk-2.0
2015-06-25 09:42 - 2013-11-14 09:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-25 09:42 - 2013-11-14 09:11 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-25 09:42 - 2013-11-14 09:11 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-24 18:21 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-24 10:16 - 2013-08-19 21:11 - 00000000 ____D C:\Users\Désirée\AppData\Local\Google
2015-06-24 10:11 - 2015-04-16 17:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-24 10:11 - 2015-03-17 10:49 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-24 10:11 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 14:32 - 2013-05-28 21:47 - 00000000 ____D C:\ProgramData\Skype
2015-06-17 15:55 - 2015-03-24 17:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-15 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-15 15:05 - 2013-08-22 16:44 - 00535280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-15 15:03 - 2013-11-14 00:18 - 00041852 _____ C:\WINDOWS\PFRO.log
2015-06-15 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-15 15:00 - 2013-01-07 00:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 14:58 - 2013-09-11 21:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-15 14:52 - 2013-01-07 13:58 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-15 14:45 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
2015-06-04 22:45 - 2013-01-06 23:37 - 00000000 ____D C:\ProgramData\G DATA
==================== Files in the root of some directories =======
2013-06-04 20:16 - 2013-06-04 20:16 - 0000021 _____ () C:\Users\Désirée\AppData\Roaming\my_intel.sys
2013-01-06 05:21 - 2015-07-04 15:50 - 0000401 _____ () C:\Users\Désirée\AppData\Roaming\sp_data.sys
2013-07-27 08:43 - 2013-08-02 22:46 - 0000070 _____ () C:\Users\Désirée\AppData\Roaming\WB.CFG
2013-07-14 13:43 - 2013-08-15 11:28 - 0000005 _____ () C:\Users\Désirée\AppData\Roaming\WBPU-TTL.DAT
2015-06-30 19:29 - 2015-06-30 19:29 - 0016931 _____ () C:\Users\Désirée\AppData\Local\recently-used.xbel
2014-11-27 19:12 - 2014-11-27 19:12 - 0000017 _____ () C:\Users\Désirée\AppData\Local\resmon.resmoncfg
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
Some files in TEMP:
====================
C:\Users\Désirée\AppData\Local\Temp\eauninstall.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Désirée\AppData\Local\Temp\Quarantine.exe
C:\Users\Désirée\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Désirée\AppData\Local\Temp\sqlite3.dll
C:\Users\Désirée\AppData\Local\Temp\The Sims 2_uninst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-04 15:42
==================== End of log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:04-07-2015
Ran by Désirée at 2015-07-04 16:15:01
Running from C:\Users\Désirée\Desktop
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2274478751-3046789010-2582509646-500 - Administrator - Disabled)
Désirée (S-1-5-21-2274478751-3046789010-2582509646-1001 - Administrator - Enabled) => C:\Users\Désirée
Gast (S-1-5-21-2274478751-3046789010-2582509646-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Instant Connect (HKLM-x32\...\{89ECB85A-D933-4CEA-9116-5CBC9C2ED95B}) (Version: 1.2.8 - ASUS)
ASUS InstantOn (HKLM-x32\...\{749F674B-2674-47E8-879C-5626A06B2A91}) (Version: 3.0.2 - ASUS)
ASUS LifeFrame3 (HKLM-x32\...\{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}) (Version: 3.1.7 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.1.8 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 2.1.1 - ASUS)
ASUS Product Demo Movie (HKLM-x32\...\{DC06C90B-C5BE-42F6-B74D-A9503170998C}) (Version: 1.0.3 - ASUS )
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 1.03.0004 - ASUS)
ASUS Tutor (HKLM-x32\...\{58172D66-2F69-4215-9AEC-ED8196023736}) (Version: 1.0.7 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.4 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.9.120 - ASUS Cloud Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0023 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.03 - Piriform)
Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.05182 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.05182 - Cisco Systems, Inc.) Hidden
FileZilla Client 3.10.3 (HKLM-x32\...\FileZilla Client) (Version: 3.10.3 - Tim Kosse)
G DATA INTERNET SECURITY (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.4 - G DATA Software AG)
GIMP 2.8.6 (HKLM\...\GIMP-2_is1) (Version: 2.8.6 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.130 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.4 (x86 de)) (Version: 36.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.5 - Notepad++ Team)
Opera Stable 30.0.1835.110 (HKLM-x32\...\Opera 30.0.1835.110) (Version: 30.0.1835.110 - Opera Software)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6754 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.5 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.5.102 - Skype Technologies S.A.)
Sony Pictures Download Manager (HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\...\1347980927.redeem.sonypicturesstore.com) (Version: - redeem.sonypicturesstore.com)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
Tipptrainer (HKLM-x32\...\{F7114331-3A26-423C-9C39-633B11BEB7B8}) (Version: 1.0.0 - soft.art GmbH)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
Windows Driver Package - ASUS (ATP) Mouse (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.41.1 - ASUS)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
15-06-2015 14:41:59 Windows Update
24-06-2015 18:15:55 Windows Update
28-06-2015 08:30:28 Windows Update
01-07-2015 18:26:39 Windows Update
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {01E55ABD-470A-4D67-98CC-0B08828C679D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-06-15] (Microsoft Corporation)
Task: {0A677E1D-1161-4E69-99ED-C2F529368CB2} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2012-07-25] (ASUSTeK Computer Inc.)
Task: {0DF96126-12FE-44DB-BA82-9B6806C7B8FE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {2C858B02-E18B-4F37-84C5-F9B36766C96E} - System32\Tasks\Opera scheduled Autoupdate 1436017931 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-02] (Opera Software)
Task: {98AFFFE1-8277-47A3-9C89-B2C74617FA63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {A18368BD-33B5-40CB-9A25-5C49C9FCD91F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-06-30] (Adobe Systems Incorporated)
Task: {A40D6F68-42C5-46BB-9F47-32CA162BD4E8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-06-12] (Adobe Systems Incorporated)
Task: {D9FA70F8-A179-4611-8767-B9995832321B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-19] (Google Inc.)
Task: {DA12C581-7FE6-45C7-A973-BF50AAB073AD} - System32\Tasks\ASUS InstantOn Config => C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnCfg.exe [2012-08-06] (ASUS)
Task: {DBDB9779-A45D-4626-952A-EFD1D2EE149C} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-07-24] (ASUSTek Computer Inc.)
Task: {EF424FF7-A632-4FA9-ABC3-4753005AC4B9} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2012-09-17] (ASUS)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2015-02-20 05:42 - 2015-02-20 05:42 - 00382072 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-01-30 00:02 - 2014-01-30 00:02 - 00094208 _____ () C:\WINDOWS\system32\IccLibDll_x64.dll
2012-09-17 17:05 - 2012-09-17 17:05 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2012-09-17 17:05 - 2012-09-17 17:05 - 00028544 _____ () C:\Program Files\ASUS\P4G\plctrl.dll
2012-08-24 19:17 - 2012-08-24 19:17 - 00009216 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-30 10:20 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-08-15 20:25 - 2014-08-15 20:25 - 00063400 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2015-03-29 12:25 - 2015-03-29 12:25 - 00039384 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2015-06-23 10:28 - 2015-06-20 07:46 - 01281864 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libglesv2.dll
2015-06-23 10:28 - 2015-06-20 07:46 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\43.0.2357.130\libegl.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Control Panel\Desktop\\Wallpaper -> D:\Dateien\RPGs\Periculum\Adminkram\leah2.jpg
DNS Servers: 192.168.2.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ASUSQuickGesture(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
MSCONFIG\startupreg: ASUSQuickGesture(x86) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
MSCONFIG\startupreg: ASUSTPLoader(x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
MSCONFIG\startupreg: ASUSWebStorage => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\AsusWSPanel.exe /S
MSCONFIG\startupreg: Cisco AnyConnect Secure Mobility Agent for Windows => "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
MSCONFIG\startupreg: DisableS3S4 => c:\windows\temp\DisableS3S464\sethigh.cmd
MSCONFIG\startupreg: G Data AntiVirus Tray => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: G Data AntiVirus Tray Application => C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
MSCONFIG\startupreg: GDFirewallTray => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
MSCONFIG\startupreg: HotKeysCmds => "C:\WINDOWS\system32\hkcmd.exe"
MSCONFIG\startupreg: IgfxTray => "C:\WINDOWS\system32\igfxtray.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: mcui_exe => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
MSCONFIG\startupreg: Persistence => "C:\WINDOWS\system32\igfxpers.exe"
MSCONFIG\startupreg: PowerSkin => c:\windows\temp\PowerSkin\PowerSkin.exe
MSCONFIG\startupreg: RtHDVBg => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /MAXX3
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{984747FC-1FFC-40FE-B12A-2C7917D28F5F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3E5AC641-6379-434B-9F28-89D2F7672265}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{E676278D-86A1-4653-9F3B-36C11A93D210}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{40F917B0-BD98-47F8-A513-97F74569F623}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D78E5D34-7CF5-4757-99B4-2FF4EE86A4A3}] => (Allow) C:\ProgramData\eSafe\eGdpSvc.exe
FirewallRules: [{0FDA9F98-8EF4-4831-B14B-AB2561208D10}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{64F479C7-1696-4132-91F8-92FAF38198E1}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{8445499A-C6C4-48DE-8ACD-EAF901CBC038}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{9EE93ECD-FD00-4C2E-83A0-53E7E2F0E17A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9CF0D14B-BD71-40BF-B6DE-CC1561B1B5C0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{35F2CAFC-2A74-4075-A8B1-558D590EF969}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Faulty Device Manager Devices =============
Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (07/03/2015 00:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6391
Error: (07/03/2015 00:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6391
Error: (07/03/2015 00:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/03/2015 00:38:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3156
Error: (07/03/2015 00:38:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3156
Error: (07/03/2015 00:38:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2015 11:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594
Error: (06/29/2015 11:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594
Error: (06/29/2015 11:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/25/2015 11:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15390
System errors:
=============
Error: (07/04/2015 03:30:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet:
%%1062
Error: (07/04/2015 03:02:40 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}
Error: (07/04/2015 03:02:21 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ASUS InstantOn erreicht.
Error: (07/04/2015 02:23:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (07/04/2015 02:23:27 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
Error: (07/04/2015 10:48:13 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/04/2015 08:55:28 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Error: (07/04/2015 08:47:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0244 fehlgeschlagen: Intel Corporation driver update for Intel(R) HD Graphics
Error: (07/04/2015 08:47:23 AM) (Source: DCOM) (EventID: 10010) (User: Felica)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (07/04/2015 08:46:53 AM) (Source: DCOM) (EventID: 10010) (User: Felica)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Microsoft Office:
=========================
Error: (07/03/2015 00:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6391
Error: (07/03/2015 00:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6391
Error: (07/03/2015 00:38:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (07/03/2015 00:38:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3156
Error: (07/03/2015 00:38:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3156
Error: (07/03/2015 00:38:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/29/2015 11:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15594
Error: (06/29/2015 11:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15594
Error: (06/29/2015 11:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (06/25/2015 11:33:45 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15390
==================== Memory info ===========================
Processor: Intel(R) Celeron(R) CPU 847 @ 1.10GHz
Percentage of memory in use: 35%
Total physical RAM: 3979.62 MB
Available physical RAM: 2561.96 MB
Total Virtual: 4811.62 MB
Available Virtual: 2917.75 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:185.96 GB) (Free:114.85 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:258.15 GB) (Free:200.94 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 04A53D1B)
Partition: GPT Partition Type.
==================== End of log ============================
Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-07-04 16:55:04
Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\0000002e ST500LT012-9WS142 rev.0001SDM1 465,76GB
Running: 4ggbnxp9.exe; Driver: C:\Users\DSIRE~1\AppData\Local\Temp\pwldypod.sys
---- Threads - GMER 2.1 ----
Thread C:\WINDOWS\system32\csrss.exe [524:548] fffff960009182d0
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk0\DR0 unknown MBR code
---- EOF - GMER 2.1 ----
Vielen Dank! |
|
04.07.2015, 17:29
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 8: Browser sehr langsam, Probleme mit dem wlan hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
04.07.2015, 19:18
| #3 |
| | Windows 8: Browser sehr langsam, Probleme mit dem wlan Hi schrauber!
__________________ Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.07.04.03
rootkit: v2015.07.03.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.17842
Désirée :: FELICA [administrator]
04.07.2015 18:41:05
mbar-log-2015-07-04 (18-41-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 396421
Time elapsed: 1 hour(s), 6 minute(s), 44 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 19:49:50.0665 0x0908 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
19:49:50.0665 0x0908 UEFI system
19:49:56.0198 0x0908 ============================================================
19:49:56.0198 0x0908 Current date / time: 2015/07/04 19:49:56.0198
19:49:56.0198 0x0908 SystemInfo:
19:49:56.0198 0x0908
19:49:56.0198 0x0908 OS Version: 6.3.9600 ServicePack: 0.0
19:49:56.0198 0x0908 Product type: Workstation
19:49:56.0198 0x0908 ComputerName: FELICA
19:49:56.0198 0x0908 UserName: Désirée
19:49:56.0198 0x0908 Windows directory: C:\WINDOWS
19:49:56.0198 0x0908 System windows directory: C:\WINDOWS
19:49:56.0198 0x0908 Running under WOW64
19:49:56.0198 0x0908 Processor architecture: Intel x64
19:49:56.0198 0x0908 Number of processors: 2
19:49:56.0198 0x0908 Page size: 0x1000
19:49:56.0198 0x0908 Boot type: Normal boot
19:49:56.0198 0x0908 ============================================================
19:49:57.0260 0x0908 KLMD registered as C:\WINDOWS\system32\drivers\10272795.sys
19:50:03.0576 0x0908 System UUID: {9E119F97-091D-7D9D-6D25-DFCD518AA615}
19:50:07.0331 0x0908 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:50:07.0362 0x0908 ============================================================
19:50:07.0362 0x0908 \Device\Harddisk0\DR0:
19:50:07.0362 0x0908 GPT partitions:
19:50:07.0362 0x0908 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {2825BE3C-A830-413A-B913-334F17389C83}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x96000
19:50:07.0362 0x0908 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {5975917D-3891-4E85-83F2-FC6400BC7ED7}, Name: Basic data partition, StartLBA 0x96800, BlocksNum 0x1C2000
19:50:07.0362 0x0908 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {AA7229B7-5630-4FE3-8774-19B93251FF33}, Name: Microsoft reserved partition, StartLBA 0x258800, BlocksNum 0x40000
19:50:07.0362 0x0908 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {89794D6E-B731-4E38-A031-27B0734916FC}, Name: Basic data partition, StartLBA 0x298800, BlocksNum 0x173ED000
19:50:07.0362 0x0908 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {18A0E14D-12B4-4B18-B60D-A69CAE2E8AAD}, Name: , StartLBA 0x17685800, BlocksNum 0xAF000
19:50:07.0362 0x0908 \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {52B90836-DC99-4C81-911A-540B85A280FD}, Name: Basic data partition, StartLBA 0x17734800, BlocksNum 0x2044C800
19:50:07.0362 0x0908 \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {3E8FC2A2-1158-442D-BC49-1EF339F1F09C}, Name: Basic data partition, StartLBA 0x37B81000, BlocksNum 0x2805000
19:50:07.0362 0x0908 MBR partitions:
19:50:07.0362 0x0908 ============================================================
19:50:07.0378 0x0908 C: <-> \Device\Harddisk0\DR0\Partition4
19:50:07.0440 0x0908 D: <-> \Device\Harddisk0\DR0\Partition6
19:50:07.0440 0x0908 ============================================================
19:50:07.0440 0x0908 Initialize success
19:50:07.0440 0x0908 ============================================================
19:51:13.0891 0x0914 ============================================================
19:51:13.0891 0x0914 Scan started
19:51:13.0891 0x0914 Mode: Manual; SigCheck; TDLFS;
19:51:13.0891 0x0914 ============================================================
19:51:13.0891 0x0914 KSN ping started
19:51:17.0704 0x0914 KSN ping finished: true
19:51:20.0393 0x0914 ================ Scan system memory ========================
19:51:20.0393 0x0914 System memory - ok
19:51:20.0393 0x0914 ================ Scan services =============================
19:51:20.0861 0x0914 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
19:51:21.0049 0x0914 1394ohci - ok
19:51:21.0111 0x0914 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
19:51:21.0143 0x0914 3ware - ok
19:51:21.0252 0x0914 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
19:51:21.0315 0x0914 ACPI - ok
19:51:21.0346 0x0914 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
19:51:21.0393 0x0914 acpiex - ok
19:51:21.0408 0x0914 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
19:51:21.0455 0x0914 acpipagr - ok
19:51:21.0487 0x0914 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
19:51:21.0580 0x0914 AcpiPmi - ok
19:51:21.0596 0x0914 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
19:51:21.0643 0x0914 acpitime - ok
19:51:21.0674 0x0914 [ D0B11E40EA74A98A5E133DF1F5276240, BAD5885CD8CC271D59DFA95159EFC3AC36D2BA11B6DA593AAED0C45F1C2F280F ] acsock C:\WINDOWS\system32\DRIVERS\acsock64.sys
19:51:21.0737 0x0914 acsock - ok
19:51:21.0862 0x0914 [ A542C712794FB8FBD27E37271C730F36, 8C327BFAC10C7BBD48277D4FEB862D58CA1F22DC10F0632BB8B18CF54A507216 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:51:21.0893 0x0914 AdobeARMservice - ok
19:51:22.0393 0x0914 [ 1234A12B71DAE034E45C714AE5A54412, 079E6BC834F38322ED5ED76295EC3961ED894084EF5CB171DFFBD9B3822CC78D ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:51:22.0424 0x0914 AdobeFlashPlayerUpdateSvc - ok
19:51:22.0503 0x0914 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
19:51:22.0596 0x0914 ADP80XX - ok
19:51:22.0643 0x0914 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
19:51:22.0737 0x0914 AeLookupSvc - ok
19:51:22.0831 0x0914 [ 9AF53908184E6CBAA9D5F741EE2CDCF4, EC58B54F3651C9CFD08E0506A31FDFCE5B2A571B51EF4470BC87A337B94C19CD ] AFBAgent C:\Windows\system32\FBAgent.exe
19:51:22.0940 0x0914 AFBAgent - ok
19:51:23.0003 0x0914 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
19:51:23.0143 0x0914 AFD - ok
19:51:23.0174 0x0914 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
19:51:23.0206 0x0914 agp440 - ok
19:51:23.0221 0x0914 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
19:51:23.0315 0x0914 ahcache - ok
19:51:23.0331 0x0914 [ 16F6F6B7903B913AB41AB848C8BB5658, 7304257048CB42E5274B3F6400F4A053A38E3B70A157662FE9D2B7C5979DE851 ] AiCharger C:\WINDOWS\system32\DRIVERS\AiCharger.sys
19:51:23.0346 0x0914 AiCharger - ok
19:51:23.0378 0x0914 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
19:51:23.0456 0x0914 ALG - ok
19:51:23.0518 0x0914 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
19:51:23.0612 0x0914 AmdK8 - ok
19:51:23.0643 0x0914 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
19:51:23.0690 0x0914 AmdPPM - ok
19:51:23.0721 0x0914 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
19:51:23.0753 0x0914 amdsata - ok
19:51:23.0799 0x0914 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
19:51:23.0846 0x0914 amdsbs - ok
19:51:23.0862 0x0914 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
19:51:23.0894 0x0914 amdxata - ok
19:51:23.0925 0x0914 [ C7BE7FBB9B6BDE11E12A0F204384C1D6, 36A6387B90DFB2488ABF135198F0F9E19EE29F7A521818DF92E64B36A0BE0245 ] AmUStor C:\WINDOWS\system32\drivers\AmUStor.SYS
19:51:23.0956 0x0914 AmUStor - ok
19:51:23.0972 0x0914 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
19:51:24.0050 0x0914 AppID - ok
19:51:24.0097 0x0914 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
19:51:24.0144 0x0914 AppIDSvc - ok
19:51:24.0175 0x0914 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
19:51:24.0237 0x0914 Appinfo - ok
19:51:24.0284 0x0914 [ 650D03E40F93FAE323CB841F80368E5C, F67B97CFDCE2EE9294977725268EFDB0DD724BD16E7ED5BFCA45375AA8EBA5BB ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
19:51:24.0316 0x0914 Apple Mobile Device - ok
19:51:24.0378 0x0914 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
19:51:24.0472 0x0914 AppReadiness - ok
19:51:24.0597 0x0914 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
19:51:24.0784 0x0914 AppXSvc - ok
19:51:24.0831 0x0914 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
19:51:24.0863 0x0914 arcsas - ok
19:51:24.0956 0x0914 [ D01D1B40EEF27F64B45165CE0ACDE6CD, E6A9200A66806A2477D5D846D9B48A7087DBC6E99892213E99AB4F030ECB04FE ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
19:51:24.0988 0x0914 ASLDRService - ok
19:51:25.0019 0x0914 [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
19:51:25.0034 0x0914 ASMMAP64 - ok
19:51:25.0081 0x0914 [ 6A122B4F0E5293CACFA8A5F2CBA9B356, 9D69076B697BEE8742E32EBEF1802D829DEA6B1D93AF485D11CC89A08CA4D809 ] ASUS InstantOn C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
19:51:25.0113 0x0914 ASUS InstantOn - ok
19:51:25.0128 0x0914 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
19:51:25.0159 0x0914 atapi - ok
19:51:25.0503 0x0914 [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr C:\WINDOWS\system32\DRIVERS\athw8x.sys
19:51:25.0863 0x0914 athr - ok
19:51:25.0894 0x0914 [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
19:51:25.0909 0x0914 ATKGFNEXSrv - ok
19:51:25.0956 0x0914 [ 41CEAFFCF3550785E59E3EC9BEE8D97A, 89FE604088B65B82AA794E1DA8429033CD2F05FFB2D7EFAAC7B967C7A83D1B1E ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
19:51:25.0972 0x0914 ATKWMIACPIIO - ok
19:51:26.0019 0x0914 [ 0BDBEF18C7FFC64E8C12705265F2DBD9, F5751C62AD28608F4577D6EA2A905A334D831873F6AB96E176C17AE0F85302E5 ] ATP C:\WINDOWS\System32\drivers\AsusTP.sys
19:51:26.0050 0x0914 ATP - ok
19:51:26.0081 0x0914 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
19:51:26.0159 0x0914 AudioEndpointBuilder - ok
19:51:26.0238 0x0914 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
19:51:26.0363 0x0914 Audiosrv - ok
19:51:26.0534 0x0914 [ 6CC48A2B2A2A52FACC19259E5B304590, 3010BFD6310EDCEA34BDBFE57E92FE67A3358496F6F694B2A34E393531955621 ] AVKProxy C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
19:51:26.0722 0x0914 AVKProxy - ok
19:51:26.0816 0x0914 [ BCC79D1E0605ABE4B58A9DEE696982A5, 7619EDBB1ABEE4A1B3476D42BCD718876C5BE7F7A4B972414D45F2540F17C665 ] AVKService C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
19:51:26.0880 0x0914 AVKService - ok
19:51:27.0099 0x0914 [ 89774771ECD5869ED9E1EB6D448D8FF6, BB914E238E23C7F6695FF30C475DC7A92CBAA51F68E433DF3D5C86F7972DB81C ] AVKWCtl C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe
19:51:27.0334 0x0914 AVKWCtl - ok
19:51:27.0427 0x0914 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
19:51:27.0490 0x0914 AxInstSV - ok
19:51:27.0537 0x0914 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
19:51:27.0599 0x0914 b06bdrv - ok
19:51:27.0615 0x0914 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
19:51:27.0724 0x0914 BasicDisplay - ok
19:51:27.0771 0x0914 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
19:51:27.0880 0x0914 BasicRender - ok
19:51:27.0912 0x0914 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
19:51:27.0927 0x0914 bcmfn2 - ok
19:51:27.0974 0x0914 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
19:51:28.0052 0x0914 BDESVC - ok
19:51:28.0084 0x0914 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
19:51:28.0193 0x0914 Beep - ok
19:51:28.0255 0x0914 [ 7BCB00EA702F78EC74CD9699D85CE80B, 17241ADAA13051B560DB9FA9079CAE6321D5B49788B596C125DC912443B00421 ] BFE C:\WINDOWS\System32\bfe.dll
19:51:28.0396 0x0914 BFE - ok
19:51:28.0459 0x0914 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
19:51:28.0584 0x0914 BITS - ok
19:51:28.0740 0x0914 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:51:28.0771 0x0914 Bonjour Service - ok
19:51:28.0834 0x0914 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
19:51:28.0935 0x0914 bowser - ok
19:51:28.0967 0x0914 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
19:51:29.0060 0x0914 BrokerInfrastructure - ok
19:51:29.0092 0x0914 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
19:51:29.0170 0x0914 Browser - ok
19:51:29.0217 0x0914 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
19:51:29.0248 0x0914 BthAvrcpTg - ok
19:51:29.0295 0x0914 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
19:51:29.0342 0x0914 BthHFEnum - ok
19:51:29.0373 0x0914 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
19:51:29.0420 0x0914 bthhfhid - ok
19:51:29.0467 0x0914 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
19:51:29.0560 0x0914 BthHFSrv - ok
19:51:29.0592 0x0914 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
19:51:29.0638 0x0914 BTHMODEM - ok
19:51:29.0701 0x0914 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
19:51:29.0748 0x0914 bthserv - ok
19:51:29.0763 0x0914 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
19:51:29.0873 0x0914 cdfs - ok
19:51:29.0889 0x0914 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
19:51:29.0935 0x0914 cdrom - ok
19:51:29.0967 0x0914 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
19:51:30.0045 0x0914 CertPropSvc - ok
19:51:30.0076 0x0914 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
19:51:30.0123 0x0914 circlass - ok
19:51:30.0185 0x0914 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
19:51:30.0248 0x0914 CLFS - ok
19:51:30.0310 0x0914 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
19:51:30.0389 0x0914 CmBatt - ok
19:51:30.0451 0x0914 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
19:51:30.0514 0x0914 CNG - ok
19:51:30.0529 0x0914 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
19:51:30.0576 0x0914 CompositeBus - ok
19:51:30.0592 0x0914 COMSysApp - ok
19:51:30.0592 0x0914 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
19:51:30.0654 0x0914 condrv - ok
19:51:30.0732 0x0914 [ 08F934092E0429BADF88E9F91DB0F61E, 6E9091C006FFFF261DC61C8E9A45219E47C351296E5355FC4B7242F30E1DDFE3 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
19:51:30.0779 0x0914 cphs - ok
19:51:30.0826 0x0914 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
19:51:30.0904 0x0914 CryptSvc - ok
19:51:30.0920 0x0914 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys
19:51:30.0951 0x0914 dam - ok
19:51:31.0014 0x0914 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
19:51:31.0139 0x0914 DcomLaunch - ok
19:51:31.0201 0x0914 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
19:51:31.0311 0x0914 defragsvc - ok
19:51:31.0357 0x0914 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
19:51:31.0436 0x0914 DeviceAssociationService - ok
19:51:31.0467 0x0914 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
19:51:31.0514 0x0914 DeviceInstall - ok
19:51:31.0561 0x0914 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
19:51:31.0654 0x0914 Dfsc - ok
19:51:31.0717 0x0914 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
19:51:31.0826 0x0914 Dhcp - ok
19:51:31.0998 0x0914 [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
19:51:32.0170 0x0914 DiagTrack - ok
19:51:32.0217 0x0914 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
19:51:32.0248 0x0914 disk - ok
19:51:32.0280 0x0914 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
19:51:32.0389 0x0914 dmvsc - ok
19:51:32.0436 0x0914 [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
19:51:32.0483 0x0914 Dnscache - ok
19:51:32.0545 0x0914 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
19:51:32.0623 0x0914 dot3svc - ok
19:51:32.0655 0x0914 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
19:51:32.0701 0x0914 DPS - ok
19:51:32.0733 0x0914 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
19:51:32.0764 0x0914 drmkaud - ok
19:51:32.0795 0x0914 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
19:51:32.0842 0x0914 DsmSvc - ok
19:51:33.0045 0x0914 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
19:51:33.0217 0x0914 DXGKrnl - ok
19:51:33.0280 0x0914 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
19:51:33.0342 0x0914 Eaphost - ok
19:51:33.0826 0x0914 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
19:51:34.0155 0x0914 ebdrv - ok
19:51:34.0202 0x0914 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
19:51:34.0233 0x0914 EFS - ok
19:51:34.0280 0x0914 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
19:51:34.0311 0x0914 EhStorClass - ok
19:51:34.0358 0x0914 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
19:51:34.0389 0x0914 EhStorTcgDrv - ok
19:51:34.0421 0x0914 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
19:51:34.0467 0x0914 ErrDev - ok
19:51:34.0530 0x0914 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
19:51:34.0655 0x0914 EventSystem - ok
19:51:34.0702 0x0914 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
19:51:34.0811 0x0914 exfat - ok
19:51:34.0842 0x0914 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
19:51:34.0874 0x0914 fastfat - ok
19:51:34.0983 0x0914 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
19:51:35.0108 0x0914 Fax - ok
19:51:35.0124 0x0914 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
19:51:35.0171 0x0914 fdc - ok
19:51:35.0202 0x0914 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
19:51:35.0280 0x0914 fdPHost - ok
19:51:35.0311 0x0914 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
19:51:35.0358 0x0914 FDResPub - ok
19:51:35.0405 0x0914 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
19:51:35.0499 0x0914 fhsvc - ok
19:51:35.0530 0x0914 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
19:51:35.0561 0x0914 FileInfo - ok
19:51:35.0592 0x0914 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
19:51:35.0655 0x0914 Filetrace - ok
19:51:35.0671 0x0914 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
19:51:35.0717 0x0914 flpydisk - ok
19:51:35.0764 0x0914 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
19:51:35.0811 0x0914 FltMgr - ok
19:51:36.0079 0x0914 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
19:51:36.0251 0x0914 FontCache - ok
19:51:36.0407 0x0914 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:51:36.0422 0x0914 FontCache3.0.0.0 - ok
19:51:36.0469 0x0914 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
19:51:36.0501 0x0914 FsDepends - ok
19:51:36.0532 0x0914 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
19:51:36.0547 0x0914 Fs_Rec - ok
19:51:36.0610 0x0914 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
19:51:36.0688 0x0914 fvevol - ok
19:51:36.0719 0x0914 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
19:51:36.0766 0x0914 FxPPM - ok
19:51:36.0782 0x0914 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
19:51:36.0813 0x0914 gagp30kx - ok
19:51:36.0844 0x0914 [ 22F1DEC206A6756884ED0740DBCB31AF, D1766BDE07CF24809A39264DEF6534552C6919684FB811CA4F3BE63E60250AA4 ] GDBehave C:\WINDOWS\system32\drivers\GDBehave.sys
19:51:36.0876 0x0914 GDBehave - ok
19:51:36.0907 0x0914 [ 1314062567B9ED86BFFDE5D8C48C52AE, 01DE02308E478F50DBFE4C6EAE9D0C052C1575283F2C182388E2028F3BF2E756 ] GDElam C:\WINDOWS\system32\DRIVERS\GDElam.sys
19:51:36.0938 0x0914 GDElam - ok
19:51:37.0438 0x0914 [ 73F5C62BBE0CDCDFFDC3C0B71F24E4FD, 8BB0796DF4BC6C11AEC33ECDECCAF85946C3BB19C85F1700020AA353000B4361 ] GDFwSvc C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
19:51:37.0657 0x0914 GDFwSvc - ok
19:51:37.0704 0x0914 [ FF5543CDA6B06E3D29A5F312BE5C4919, 91E0BB934EFD01576C94FDA967340563BB92ECE7C5389978FBC9587A9D21B9CF ] GDKBB C:\WINDOWS\system32\drivers\GDKBB64.sys
19:51:37.0719 0x0914 GDKBB - ok
19:51:37.0766 0x0914 [ 1543775197DD1A27D16C0FA0FF73CAFB, B149282AFA5A60CEC797B643207F2541722C360989148FBC7A06DA0EB501ABED ] GDKBFlt C:\WINDOWS\system32\drivers\GDKBFlt64.sys
19:51:37.0782 0x0914 GDKBFlt - ok
19:51:37.0829 0x0914 [ EBA67BDB064A0A86CE318E8D1B7FD16A, 6C1B7F851EE1D7CE2BEC7C1743E070646CC8E6895135D6B3E176AD6FC82E81D6 ] GDMnIcpt C:\Windows\system32\drivers\MiniIcpt.sys
19:51:37.0860 0x0914 GDMnIcpt - ok
19:51:37.0891 0x0914 [ FBDCD080CC7BD1875056B3813B1F2D13, 7196B8FCED495F774A845FA6D55671368B8F94CF7B7DC6C533FE6172F2341324 ] GDPkIcpt C:\Windows\system32\drivers\PktIcpt.sys
19:51:37.0923 0x0914 GDPkIcpt - ok
19:51:38.0110 0x0914 [ 2FC204FF990827303D9184B390F5C15E, A194ACE75ADD2E105C1C5555621A2E4292617C37BA17070F88D4CA56B24D9291 ] GDScan C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
19:51:38.0157 0x0914 GDScan - ok
19:51:38.0220 0x0914 [ 6DE4E91BA586977CD843BF5C7E3276E5, 5010F93820FEBC25AD2F118EDEEBDE26CCCC92B854B55300952469CB653FCDD9 ] gdwfpcd C:\WINDOWS\system32\drivers\gdwfpcd64.sys
19:51:38.0251 0x0914 gdwfpcd - ok
19:51:38.0282 0x0914 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
19:51:38.0298 0x0914 GEARAspiWDM - ok
19:51:38.0329 0x0914 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
19:51:38.0376 0x0914 gencounter - ok
19:51:38.0407 0x0914 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
19:51:38.0438 0x0914 GPIOClx0101 - ok
19:51:38.0688 0x0914 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
19:51:38.0829 0x0914 gpsvc - ok
19:51:38.0876 0x0914 [ 57875BA7B65C5FE5A87630DC1544C420, 5BB2F6CD21E3855F163B2B15E2E51A3D58637A890D0D3C6AEFB0F60214D6FBD2 ] GRD C:\Windows\system32\drivers\GRD.sys
19:51:38.0907 0x0914 GRD - ok
19:51:38.0985 0x0914 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:51:39.0032 0x0914 gupdate - ok
19:51:39.0063 0x0914 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
19:51:39.0079 0x0914 gupdatem - ok
19:51:39.0141 0x0914 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
19:51:39.0235 0x0914 HDAudBus - ok
19:51:39.0267 0x0914 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
19:51:39.0298 0x0914 HidBatt - ok
19:51:39.0329 0x0914 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
19:51:39.0407 0x0914 HidBth - ok
19:51:39.0423 0x0914 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
19:51:39.0470 0x0914 hidi2c - ok
19:51:39.0501 0x0914 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
19:51:39.0532 0x0914 HidIr - ok
19:51:39.0579 0x0914 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
19:51:39.0642 0x0914 hidserv - ok
19:51:39.0688 0x0914 [ A9F2301B8D28BB4D887F5AEBB55ACB3A, 886B04224CA0A90B4FD0B9F8D243EED4FBA367D078FB1CAF99EE671FE1FCEC27 ] HIDSwitch C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
19:51:39.0704 0x0914 HIDSwitch - ok
19:51:39.0735 0x0914 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
19:51:39.0829 0x0914 HidUsb - ok
19:51:39.0860 0x0914 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
19:51:39.0923 0x0914 hkmsvc - ok
19:51:39.0970 0x0914 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
19:51:40.0064 0x0914 HomeGroupListener - ok
19:51:40.0126 0x0914 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
19:51:40.0189 0x0914 HomeGroupProvider - ok
19:51:40.0220 0x0914 [ 20A8E34FE6FD617598E3B90C596D9557, 12A4EEDDB0479300122C32141C0646E48609AFFAF59608B7D7CC8C067C7AC7BB ] HookCentre C:\Windows\system32\drivers\HookCentre.sys
19:51:40.0236 0x0914 HookCentre - ok
19:51:40.0282 0x0914 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
19:51:40.0298 0x0914 HpSAMD - ok
19:51:40.0423 0x0914 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
19:51:40.0548 0x0914 HTTP - ok
19:51:40.0611 0x0914 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
19:51:40.0626 0x0914 hwpolicy - ok
19:51:40.0673 0x0914 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
19:51:40.0704 0x0914 hyperkbd - ok
19:51:40.0736 0x0914 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
19:51:40.0767 0x0914 HyperVideo - ok
19:51:40.0814 0x0914 [ D887446F3F6051C60C26F4FD1FC8D43F, A3235C64E9D5378E3409FA7CDD9DB0DD1B3CE6A6EB018F2C40558EB9C427A498 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
19:51:40.0907 0x0914 i8042prt - ok
19:51:40.0939 0x0914 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
19:51:40.0954 0x0914 iaLPSSi_GPIO - ok
19:51:41.0001 0x0914 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
19:51:41.0017 0x0914 iaLPSSi_I2C - ok
19:51:41.0079 0x0914 [ 0FE66A51D81A25AACEAAE4C26308121D, C5553F7ABA74A8EB71A4ED0E8F2A6AA2892F871D164F2D4FADB035BE7D1A8C44 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
19:51:41.0126 0x0914 iaStorA - ok
19:51:41.0267 0x0914 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
19:51:41.0345 0x0914 iaStorAV - ok
19:51:41.0423 0x0914 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
19:51:41.0501 0x0914 iaStorV - ok
19:51:41.0501 0x0914 IEEtwCollectorService - ok
19:51:42.0251 0x0914 [ 8C44E6B688790E2AD3846C97661C54F1, CB487D167EDA3C1E30BD5FB8F98C15EB9E75A6FB793009C2F1BBCAAB4285F772 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
19:51:42.0783 0x0914 igfx - ok
19:51:42.0939 0x0914 [ 3DBDBD9581C015F02651D6A89801FAD5, 81B6D302C9CD29AD8319515056CFBCD0BD25619B2B166937ACD5F1416B568837 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
19:51:43.0017 0x0914 IKEEXT - ok
19:51:43.0267 0x0914 [ CCDD9D55E9BD0806DAD6BAB4EE8DA1D0, 5D64D8231B17873F8D666EDF630595E2E4CEB34AD1E3ED467DDE0F86FC6EE098 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
19:51:43.0611 0x0914 IntcAzAudAddService - ok
19:51:43.0673 0x0914 [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
19:51:43.0752 0x0914 IntcDAud - ok
19:51:43.0892 0x0914 [ C99F8E90DE4B8F0C7FE15BB1CBCD29DC, F791EE101EEF8B9F48102B6C63A89B78F7C0041C750C4F4C0D16D54B583B7B5C ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:51:43.0939 0x0914 Intel(R) Capability Licensing Service Interface - ok
19:51:44.0080 0x0914 [ 9656F8E29F6C3161A3E99BCD3A472FF9, 30AD00B53CCB2E4121508729F3471D3C0568F1C32324C398382C97E8BC43ECF0 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:51:44.0095 0x0914 Intel(R) ME Service - ok
19:51:44.0142 0x0914 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
19:51:44.0158 0x0914 intelide - ok
19:51:44.0189 0x0914 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
19:51:44.0220 0x0914 intelpep - ok
19:51:44.0252 0x0914 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
19:51:44.0314 0x0914 intelppm - ok
19:51:44.0345 0x0914 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
19:51:44.0455 0x0914 IpFilterDriver - ok
19:51:44.0564 0x0914 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
19:51:44.0689 0x0914 iphlpsvc - ok
19:51:44.0736 0x0914 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
19:51:44.0877 0x0914 IPMIDRV - ok
19:51:44.0908 0x0914 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
19:51:44.0986 0x0914 IPNAT - ok
19:51:45.0049 0x0914 [ 7FAE5B6CDB18B0B2E81F32869F595022, D873A7EE94749E1700E8F6B8BB7B485AE1B0B83388D63BE06335720498D4794F ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
19:51:45.0096 0x0914 iPod Service - ok
19:51:45.0158 0x0914 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
19:51:45.0205 0x0914 IRENUM - ok
19:51:45.0283 0x0914 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
19:51:45.0299 0x0914 isapnp - ok
19:51:45.0361 0x0914 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
19:51:45.0408 0x0914 iScsiPrt - ok
19:51:45.0471 0x0914 [ 78ABBE558F57144047F10A0F50FE4B2F, 6BE608F7697D83FD6C7E6EA422AC5637933BDC96B1044C12DE9A419CE7D6F6CE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:51:45.0486 0x0914 jhi_service - ok
19:51:45.0517 0x0914 [ A1D4D34A56DF1D5122CDB265038A2E72, AE061BA1A65C98AF875FA18878B014B57E33594D4AC4C39B050AA532E2220F83 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
19:51:45.0549 0x0914 kbdclass - ok
19:51:45.0580 0x0914 [ 4A34D7084B862A92F3ABC4969166B3D3, 87B2635873DA4DD06D9E3B8E4313CBDBDC1488E4E340EC2101393EC65823771F ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
19:51:45.0627 0x0914 kbdhid - ok
19:51:45.0674 0x0914 [ A8080BEBCDB7A16495CE1205921DCAC5, D4B0EF97B75BF75934A0BEEE48CACD20E8F505600C3A07243DF7627680EE8552 ] kbfiltr C:\WINDOWS\System32\drivers\kbfiltr.sys
19:51:45.0689 0x0914 kbfiltr - ok
19:51:45.0721 0x0914 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
19:51:45.0814 0x0914 kdnic - ok
19:51:45.0830 0x0914 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
19:51:45.0861 0x0914 KeyIso - ok
19:51:45.0893 0x0914 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
19:51:45.0940 0x0914 KSecDD - ok
19:51:45.0971 0x0914 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
19:51:46.0002 0x0914 KSecPkg - ok
19:51:46.0018 0x0914 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
19:51:46.0049 0x0914 ksthunk - ok
19:51:46.0080 0x0914 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
19:51:46.0143 0x0914 KtmRm - ok
19:51:46.0190 0x0914 [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
19:51:46.0205 0x0914 L1C - ok
19:51:46.0252 0x0914 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
19:51:46.0330 0x0914 LanmanServer - ok
19:51:46.0377 0x0914 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
19:51:46.0455 0x0914 LanmanWorkstation - ok
19:51:46.0502 0x0914 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
19:51:46.0596 0x0914 lfsvc - ok
19:51:46.0643 0x0914 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
19:51:46.0690 0x0914 lltdio - ok
19:51:46.0752 0x0914 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
19:51:46.0799 0x0914 lltdsvc - ok
19:51:46.0830 0x0914 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
19:51:46.0908 0x0914 lmhosts - ok
19:51:46.0940 0x0914 [ 2C24DC448DBE8DB9BE1441B824C57E79, DA2257EEC964A47D03C2BB13317FD788E51D4685E2395B303ED7B2575FEF3B19 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:51:46.0971 0x0914 LMS - ok
19:51:47.0018 0x0914 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
19:51:47.0049 0x0914 LSI_SAS - ok
19:51:47.0065 0x0914 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
19:51:47.0096 0x0914 LSI_SAS2 - ok
19:51:47.0127 0x0914 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
19:51:47.0158 0x0914 LSI_SAS3 - ok
19:51:47.0174 0x0914 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
19:51:47.0205 0x0914 LSI_SSS - ok
19:51:47.0268 0x0914 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\WINDOWS\System32\lsm.dll
19:51:47.0424 0x0914 LSM - ok
19:51:47.0440 0x0914 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
19:51:47.0533 0x0914 luafv - ok
19:51:47.0580 0x0914 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
19:51:47.0612 0x0914 megasas - ok
19:51:47.0658 0x0914 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
19:51:47.0721 0x0914 megasr - ok
19:51:47.0768 0x0914 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\WINDOWS\System32\drivers\HECIx64.sys
19:51:47.0783 0x0914 MEIx64 - ok
19:51:47.0815 0x0914 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
19:51:47.0893 0x0914 MMCSS - ok
19:51:47.0940 0x0914 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
19:51:47.0971 0x0914 Modem - ok
19:51:48.0002 0x0914 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
19:51:48.0065 0x0914 monitor - ok
19:51:48.0096 0x0914 [ 2A2F8D5284E59815169A88F1FC9CEE28, 58EFBCF3C849FD088CFB7FE287FC7D9DD7E03D4E6AA98F0497C09E4596E42538 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
19:51:48.0127 0x0914 mouclass - ok
19:51:48.0159 0x0914 [ 91223A2AE2955B3E0DA3DB79C3A897A6, 32B59CF1586C2300D60AF8A1D819515033ACC7F7A1F3523FC4AC7725E29B5A90 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
19:51:48.0221 0x0914 mouhid - ok
19:51:48.0252 0x0914 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
19:51:48.0284 0x0914 mountmgr - ok
19:51:48.0377 0x0914 [ 0A68B3E37961CEC327EED518F6D62530, EDEB16545ECDDEA2ADFF73E4DF3E9FD87E4B7126C8CFB037ABAF883D157103DE ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:51:48.0409 0x0914 MozillaMaintenance - ok
19:51:48.0440 0x0914 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
19:51:48.0487 0x0914 mpsdrv - ok
19:51:48.0549 0x0914 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
19:51:48.0674 0x0914 MpsSvc - ok
19:51:48.0721 0x0914 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
19:51:48.0846 0x0914 MRxDAV - ok
19:51:48.0895 0x0914 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
19:51:48.0991 0x0914 mrxsmb - ok
19:51:49.0022 0x0914 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
19:51:49.0132 0x0914 mrxsmb10 - ok
19:51:49.0163 0x0914 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
19:51:49.0194 0x0914 mrxsmb20 - ok
19:51:49.0241 0x0914 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
19:51:49.0272 0x0914 MsBridge - ok
19:51:49.0303 0x0914 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
19:51:49.0350 0x0914 MSDTC - ok
19:51:49.0397 0x0914 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
19:51:49.0460 0x0914 Msfs - ok
19:51:49.0507 0x0914 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
19:51:49.0522 0x0914 msgpiowin32 - ok
19:51:49.0538 0x0914 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
19:51:49.0569 0x0914 mshidkmdf - ok
19:51:49.0585 0x0914 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
19:51:49.0632 0x0914 mshidumdf - ok
19:51:49.0679 0x0914 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
19:51:49.0694 0x0914 msisadrv - ok
19:51:49.0741 0x0914 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
19:51:49.0788 0x0914 MSiSCSI - ok
19:51:49.0804 0x0914 msiserver - ok
19:51:49.0835 0x0914 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
19:51:49.0882 0x0914 MSKSSRV - ok
19:51:49.0913 0x0914 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
19:51:49.0960 0x0914 MsLldp - ok
19:51:49.0991 0x0914 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
19:51:50.0022 0x0914 MSPCLOCK - ok
19:51:50.0038 0x0914 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
19:51:50.0085 0x0914 MSPQM - ok
19:51:50.0116 0x0914 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
19:51:50.0163 0x0914 MsRPC - ok
19:51:50.0194 0x0914 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
19:51:50.0210 0x0914 mssmbios - ok
19:51:50.0225 0x0914 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
19:51:50.0272 0x0914 MSTEE - ok
19:51:50.0304 0x0914 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
19:51:50.0350 0x0914 MTConfig - ok
19:51:50.0350 0x0914 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
19:51:50.0382 0x0914 Mup - ok
19:51:50.0413 0x0914 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
19:51:50.0444 0x0914 mvumis - ok
19:51:50.0491 0x0914 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
19:51:50.0569 0x0914 napagent - ok
19:51:50.0632 0x0914 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
19:51:50.0757 0x0914 NativeWifiP - ok
19:51:50.0804 0x0914 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
19:51:50.0866 0x0914 NcaSvc - ok
19:51:50.0898 0x0914 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
19:51:50.0960 0x0914 NcbService - ok
19:51:51.0007 0x0914 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
19:51:51.0069 0x0914 NcdAutoSetup - ok
19:51:51.0148 0x0914 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
19:51:51.0273 0x0914 NDIS - ok
19:51:51.0335 0x0914 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
19:51:51.0366 0x0914 NdisCap - ok
19:51:51.0413 0x0914 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
19:51:51.0476 0x0914 NdisImPlatform - ok
19:51:51.0491 0x0914 [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
19:51:51.0538 0x0914 NdisTapi - ok
19:51:51.0585 0x0914 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
19:51:51.0663 0x0914 Ndisuio - ok
19:51:51.0679 0x0914 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
19:51:51.0726 0x0914 NdisVirtualBus - ok
19:51:51.0757 0x0914 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:51:51.0820 0x0914 NdisWan - ok
19:51:51.0835 0x0914 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
19:51:51.0882 0x0914 NdisWanLegacy - ok
19:51:51.0913 0x0914 [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
19:51:51.0960 0x0914 NDProxy - ok
19:51:51.0991 0x0914 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
19:51:52.0070 0x0914 Ndu - ok
19:51:52.0101 0x0914 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
19:51:52.0148 0x0914 NetBIOS - ok
19:51:52.0195 0x0914 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
19:51:52.0288 0x0914 NetBT - ok
19:51:52.0304 0x0914 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
19:51:52.0335 0x0914 Netlogon - ok
19:51:52.0382 0x0914 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
19:51:52.0429 0x0914 Netman - ok
19:51:52.0507 0x0914 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
19:51:52.0601 0x0914 netprofm - ok
19:51:52.0757 0x0914 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
19:51:52.0804 0x0914 NetTcpPortSharing - ok
19:51:52.0851 0x0914 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
19:51:52.0945 0x0914 netvsc - ok
19:51:52.0992 0x0914 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
19:51:53.0101 0x0914 NlaSvc - ok
19:51:53.0132 0x0914 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
19:51:53.0179 0x0914 Npfs - ok
19:51:53.0242 0x0914 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
19:51:53.0289 0x0914 npsvctrig - ok
19:51:53.0320 0x0914 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
19:51:53.0367 0x0914 nsi - ok
19:51:53.0398 0x0914 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
19:51:53.0445 0x0914 nsiproxy - ok
19:51:53.0664 0x0914 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
19:51:53.0867 0x0914 Ntfs - ok
19:51:53.0914 0x0914 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
19:51:53.0976 0x0914 Null - ok
19:51:54.0007 0x0914 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
19:51:54.0039 0x0914 nvraid - ok
19:51:54.0070 0x0914 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
19:51:54.0117 0x0914 nvstor - ok
19:51:54.0148 0x0914 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
19:51:54.0179 0x0914 nv_agp - ok
19:51:54.0242 0x0914 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:51:54.0273 0x0914 ose - ok
19:51:54.0820 0x0914 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:51:55.0133 0x0914 osppsvc - ok
19:51:55.0195 0x0914 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
19:51:55.0289 0x0914 p2pimsvc - ok
19:51:55.0320 0x0914 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
19:51:55.0414 0x0914 p2psvc - ok
19:51:55.0430 0x0914 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
19:51:55.0461 0x0914 Parport - ok
19:51:55.0492 0x0914 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
19:51:55.0523 0x0914 partmgr - ok
19:51:55.0570 0x0914 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
19:51:55.0648 0x0914 PcaSvc - ok
19:51:55.0726 0x0914 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
19:51:55.0773 0x0914 pci - ok
19:51:55.0805 0x0914 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
19:51:55.0836 0x0914 pciide - ok
19:51:55.0867 0x0914 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
19:51:55.0898 0x0914 pcmcia - ok
19:51:55.0914 0x0914 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
19:51:55.0945 0x0914 pcw - ok
19:51:55.0976 0x0914 [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
19:51:56.0008 0x0914 pdc - ok
19:51:56.0101 0x0914 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
19:51:56.0211 0x0914 PEAUTH - ok
19:51:56.0476 0x0914 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
19:51:56.0555 0x0914 PerfHost - ok
19:51:56.0680 0x0914 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
19:51:56.0836 0x0914 pla - ok
19:51:56.0898 0x0914 [ 6A5BC1C37D62C9ABD4B1CB6754B74246, 860F9697E75200AE63C8E96142424A34B347CA7EF3F6276CEF04C0B835EDB4F3 ] plctrl C:\Program Files\ASUS\P4G\plctrl.sys
19:51:56.0914 0x0914 plctrl - ok
19:51:56.0945 0x0914 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
19:51:56.0992 0x0914 PlugPlay - ok
19:51:57.0008 0x0914 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
19:51:57.0055 0x0914 PNRPAutoReg - ok
19:51:57.0101 0x0914 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
19:51:57.0148 0x0914 PNRPsvc - ok
19:51:57.0226 0x0914 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
19:51:57.0289 0x0914 PolicyAgent - ok
19:51:57.0336 0x0914 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
19:51:57.0414 0x0914 Power - ok
19:51:57.0805 0x0914 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
19:51:58.0149 0x0914 PrintNotify - ok
19:51:58.0195 0x0914 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
19:51:58.0258 0x0914 Processor - ok
19:51:58.0305 0x0914 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
19:51:58.0367 0x0914 ProfSvc - ok
19:51:58.0414 0x0914 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
19:51:58.0445 0x0914 Psched - ok
19:51:58.0492 0x0914 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
19:51:58.0570 0x0914 QWAVE - ok
19:51:58.0602 0x0914 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
19:51:58.0649 0x0914 QWAVEdrv - ok
19:51:58.0680 0x0914 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
19:51:58.0727 0x0914 RasAcd - ok
19:51:58.0758 0x0914 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
19:51:58.0805 0x0914 RasAuto - ok
19:51:58.0867 0x0914 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
19:51:58.0945 0x0914 RasMan - ok
19:51:58.0992 0x0914 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
19:51:59.0039 0x0914 RasPppoe - ok
19:51:59.0086 0x0914 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
19:51:59.0258 0x0914 rdbss - ok
19:51:59.0305 0x0914 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
19:51:59.0383 0x0914 rdpbus - ok
19:51:59.0414 0x0914 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
19:51:59.0492 0x0914 RDPDR - ok
19:51:59.0539 0x0914 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
19:51:59.0555 0x0914 RdpVideoMiniport - ok
19:51:59.0602 0x0914 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
19:51:59.0649 0x0914 rdyboost - ok
19:51:59.0789 0x0914 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
19:51:59.0883 0x0914 ReFS - ok
19:51:59.0946 0x0914 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
19:51:59.0992 0x0914 RemoteAccess - ok
19:52:00.0039 0x0914 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
19:52:00.0102 0x0914 RemoteRegistry - ok
19:52:00.0133 0x0914 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
19:52:00.0180 0x0914 RpcEptMapper - ok
19:52:00.0211 0x0914 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
19:52:00.0274 0x0914 RpcLocator - ok
19:52:00.0336 0x0914 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
19:52:00.0414 0x0914 RpcSs - ok
19:52:00.0477 0x0914 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
19:52:00.0524 0x0914 rspndr - ok
19:52:00.0539 0x0914 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
19:52:00.0586 0x0914 s3cap - ok
19:52:00.0617 0x0914 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
19:52:00.0633 0x0914 SamSs - ok
19:52:00.0711 0x0914 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
19:52:00.0742 0x0914 sbp2port - ok
19:52:00.0789 0x0914 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
19:52:00.0836 0x0914 SCardSvr - ok
19:52:00.0867 0x0914 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
19:52:00.0932 0x0914 ScDeviceEnum - ok
19:52:00.0963 0x0914 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
19:52:00.0994 0x0914 scfilter - ok
19:52:01.0135 0x0914 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
19:52:01.0275 0x0914 Schedule - ok
19:52:01.0369 0x0914 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
19:52:01.0400 0x0914 SCPolicySvc - ok
19:52:01.0494 0x0914 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
19:52:01.0541 0x0914 sdbus - ok
19:52:01.0588 0x0914 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
19:52:01.0619 0x0914 sdstor - ok
19:52:01.0666 0x0914 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
19:52:01.0697 0x0914 secdrv - ok
19:52:01.0744 0x0914 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
19:52:01.0791 0x0914 seclogon - ok
19:52:01.0838 0x0914 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
19:52:01.0869 0x0914 SENS - ok
19:52:01.0916 0x0914 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
19:52:02.0025 0x0914 SensrSvc - ok
19:52:02.0057 0x0914 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
19:52:02.0088 0x0914 SerCx - ok
19:52:02.0119 0x0914 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
19:52:02.0151 0x0914 SerCx2 - ok
19:52:02.0182 0x0914 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
19:52:02.0213 0x0914 Serenum - ok
19:52:02.0229 0x0914 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
19:52:02.0276 0x0914 Serial - ok
19:52:02.0307 0x0914 [ 96B01F117057FB4DAE0FF919ACB55770, D0F58F1CAE4F81D60FCE60BB0065A34B4F897E8105DF17B6DAA334938CD25A56 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
19:52:02.0338 0x0914 sermouse - ok
19:52:02.0401 0x0914 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
19:52:02.0494 0x0914 SessionEnv - ok
19:52:02.0526 0x0914 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
19:52:02.0572 0x0914 sfloppy - ok
19:52:02.0619 0x0914 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
19:52:02.0697 0x0914 SharedAccess - ok
19:52:02.0776 0x0914 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
19:52:02.0901 0x0914 ShellHWDetection - ok
19:52:02.0932 0x0914 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
19:52:02.0963 0x0914 SiSRaid2 - ok
19:52:02.0979 0x0914 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
19:52:03.0010 0x0914 SiSRaid4 - ok
19:52:03.0104 0x0914 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:52:03.0244 0x0914 SkypeUpdate - ok
19:52:03.0260 0x0914 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
19:52:03.0307 0x0914 smphost - ok
19:52:03.0354 0x0914 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
19:52:03.0385 0x0914 SNMPTRAP - ok
19:52:03.0448 0x0914 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
19:52:03.0510 0x0914 spaceport - ok
19:52:03.0541 0x0914 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
19:52:03.0573 0x0914 SpbCx - ok
19:52:03.0635 0x0914 [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler C:\WINDOWS\System32\spoolsv.exe
19:52:03.0744 0x0914 Spooler - ok
19:52:04.0119 0x0914 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
19:52:04.0651 0x0914 sppsvc - ok
19:52:04.0776 0x0914 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
19:52:04.0948 0x0914 srv - ok
19:52:05.0010 0x0914 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
19:52:05.0073 0x0914 srv2 - ok
19:52:05.0104 0x0914 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
19:52:05.0245 0x0914 srvnet - ok
19:52:05.0292 0x0914 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
19:52:05.0338 0x0914 SSDPSRV - ok
19:52:05.0401 0x0914 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
19:52:05.0432 0x0914 SstpSvc - ok
19:52:05.0479 0x0914 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
19:52:05.0510 0x0914 stexstor - ok
19:52:05.0573 0x0914 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
19:52:05.0667 0x0914 stisvc - ok
19:52:05.0698 0x0914 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
19:52:05.0729 0x0914 storahci - ok
19:52:05.0760 0x0914 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
19:52:05.0792 0x0914 storflt - ok
19:52:05.0823 0x0914 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
19:52:05.0854 0x0914 stornvme - ok
19:52:05.0885 0x0914 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
19:52:05.0948 0x0914 StorSvc - ok
19:52:05.0964 0x0914 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
19:52:05.0995 0x0914 storvsc - ok
19:52:06.0026 0x0914 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
19:52:06.0057 0x0914 svsvc - ok
19:52:06.0089 0x0914 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
19:52:06.0120 0x0914 swenum - ok
19:52:06.0182 0x0914 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
19:52:06.0292 0x0914 swprv - ok
19:52:06.0464 0x0914 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
19:52:06.0589 0x0914 SysMain - ok
19:52:06.0635 0x0914 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
19:52:06.0698 0x0914 SystemEventsBroker - ok
19:52:06.0745 0x0914 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
19:52:06.0854 0x0914 TabletInputService - ok
19:52:06.0901 0x0914 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
19:52:06.0995 0x0914 TapiSrv - ok
19:52:07.0183 0x0914 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
19:52:07.0433 0x0914 Tcpip - ok
19:52:07.0698 0x0914 [ 468273F7089A3A33D149955F0F203FA4, 18FD0B73FBD63550E904EE76D4323EFE163BFF8C3DC6DE67F4BE6003C7DC6879 ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
19:52:07.0907 0x0914 TCPIP6 - ok
19:52:07.0969 0x0914 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
19:52:08.0063 0x0914 tcpipreg - ok
19:52:08.0110 0x0914 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
19:52:08.0141 0x0914 tdx - ok
19:52:08.0188 0x0914 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
19:52:08.0203 0x0914 terminpt - ok
19:52:08.0313 0x0914 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\WINDOWS\System32\termsrv.dll
19:52:08.0407 0x0914 TermService - ok
19:52:08.0453 0x0914 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
19:52:08.0485 0x0914 Themes - ok
19:52:08.0516 0x0914 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
19:52:08.0547 0x0914 THREADORDER - ok
19:52:08.0625 0x0914 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
19:52:08.0688 0x0914 TimeBroker - ok
19:52:08.0735 0x0914 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
19:52:08.0766 0x0914 TPM - ok
19:52:08.0797 0x0914 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
19:52:08.0828 0x0914 TrkWks - ok
19:52:08.0907 0x0914 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
19:52:08.0953 0x0914 TrustedInstaller - ok
19:52:08.0969 0x0914 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
19:52:09.0063 0x0914 TsUsbFlt - ok
19:52:09.0078 0x0914 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
19:52:09.0157 0x0914 TsUsbGD - ok
19:52:09.0203 0x0914 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
19:52:09.0250 0x0914 tunnel - ok
19:52:09.0266 0x0914 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
19:52:09.0297 0x0914 uagp35 - ok
19:52:09.0313 0x0914 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
19:52:09.0344 0x0914 UASPStor - ok
19:52:09.0391 0x0914 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
19:52:09.0438 0x0914 UCX01000 - ok
19:52:09.0485 0x0914 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
19:52:09.0578 0x0914 udfs - ok
19:52:09.0625 0x0914 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
19:52:09.0688 0x0914 UEFI - ok
19:52:09.0735 0x0914 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
19:52:09.0782 0x0914 UI0Detect - ok
19:52:09.0813 0x0914 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
19:52:09.0844 0x0914 uliagpkx - ok
19:52:09.0860 0x0914 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
19:52:09.0907 0x0914 umbus - ok
19:52:09.0938 0x0914 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
19:52:09.0969 0x0914 UmPass - ok
19:52:10.0047 0x0914 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
19:52:10.0125 0x0914 UmRdpService - ok
19:52:10.0297 0x0914 [ E1A119AD21F5AFE22EB516C549306D3D, 48769D5E7A78B7A2C00F1F6798AC133CF3E0B2C76F71D3719BD741DDD8F2D229 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:52:10.0329 0x0914 UNS - ok
19:52:10.0454 0x0914 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
19:52:10.0516 0x0914 upnphost - ok
19:52:10.0579 0x0914 [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
19:52:10.0625 0x0914 USBAAPL64 - ok
19:52:10.0657 0x0914 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
19:52:10.0688 0x0914 usbccgp - ok
19:52:10.0735 0x0914 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
19:52:10.0782 0x0914 usbcir - ok
19:52:10.0813 0x0914 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
19:52:10.0844 0x0914 usbehci - ok
19:52:10.0875 0x0914 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
19:52:10.0943 0x0914 usbhub - ok
19:52:11.0083 0x0914 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
19:52:11.0146 0x0914 USBHUB3 - ok
19:52:11.0224 0x0914 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
19:52:11.0365 0x0914 usbohci - ok
19:52:11.0412 0x0914 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
19:52:11.0490 0x0914 usbprint - ok
19:52:11.0537 0x0914 [ 0F030491BA4A27BD46F8B8ACEEE83F1A, 7063855611BEF94D4D229BA1BE507ECBDD89F5861641A407EB3E2919A352F9D4 ] usbscan C:\WINDOWS\System32\drivers\usbscan.sys
19:52:11.0615 0x0914 usbscan - ok
19:52:11.0646 0x0914 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
19:52:11.0677 0x0914 USBSTOR - ok
19:52:11.0708 0x0914 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
19:52:11.0771 0x0914 usbuhci - ok
19:52:11.0818 0x0914 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
19:52:11.0880 0x0914 usbvideo - ok
19:52:11.0978 0x0914 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
19:52:12.0025 0x0914 USBXHCI - ok
19:52:12.0040 0x0914 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
19:52:12.0071 0x0914 VaultSvc - ok
19:52:12.0134 0x0914 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
19:52:12.0165 0x0914 vdrvroot - ok
19:52:12.0259 0x0914 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
19:52:12.0384 0x0914 vds - ok
19:52:12.0446 0x0914 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
19:52:12.0478 0x0914 VerifierExt - ok
19:52:12.0665 0x0914 [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
19:52:12.0759 0x0914 vhdmp - ok
19:52:12.0837 0x0914 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
19:52:12.0853 0x0914 viaide - ok
19:52:12.0900 0x0914 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
19:52:12.0931 0x0914 vmbus - ok
19:52:12.0946 0x0914 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
19:52:12.0978 0x0914 VMBusHID - ok
19:52:13.0040 0x0914 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
19:52:13.0103 0x0914 vmicguestinterface - ok
19:52:13.0134 0x0914 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
19:52:13.0196 0x0914 vmicheartbeat - ok
19:52:13.0259 0x0914 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
19:52:13.0306 0x0914 vmickvpexchange - ok
19:52:13.0368 0x0914 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
19:52:13.0415 0x0914 vmicrdv - ok
19:52:13.0462 0x0914 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
19:52:13.0525 0x0914 vmicshutdown - ok
19:52:13.0634 0x0914 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
19:52:13.0681 0x0914 vmictimesync - ok
19:52:13.0728 0x0914 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
19:52:13.0790 0x0914 vmicvss - ok
19:52:13.0868 0x0914 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
19:52:13.0900 0x0914 volmgr - ok
19:52:13.0915 0x0914 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
19:52:13.0978 0x0914 volmgrx - ok
19:52:14.0056 0x0914 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
19:52:14.0118 0x0914 volsnap - ok
19:52:14.0134 0x0914 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
19:52:14.0165 0x0914 vpci - ok
19:52:14.0275 0x0914 [ D9ED5BF4CEDDD0D029A71E615A65D4EF, 3710A1C644AF8503B4194D556ED788E767EC08032E71F6B82BE8AB28C007A377 ] vpnagent C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
19:52:14.0337 0x0914 vpnagent - ok
19:52:14.0400 0x0914 [ 0F42C39016F82F345C0F2DB2D5B90EB4, 2E957E72BB8D0293F61FA7385BA9400DF7759E1E3D35FE24F3877A6460988F4D ] vpnva C:\WINDOWS\system32\DRIVERS\vpnva64-6.sys
19:52:14.0415 0x0914 vpnva - ok
19:52:14.0462 0x0914 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
19:52:14.0509 0x0914 vsmraid - ok
19:52:14.0697 0x0914 [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS C:\WINDOWS\system32\vssvc.exe
19:52:14.0853 0x0914 VSS - ok
19:52:14.0915 0x0914 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
19:52:14.0962 0x0914 VSTXRAID - ok
19:52:15.0056 0x0914 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
19:52:15.0165 0x0914 vwifibus - ok
19:52:15.0197 0x0914 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
19:52:15.0259 0x0914 vwififlt - ok
19:52:15.0275 0x0914 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
19:52:15.0306 0x0914 vwifimp - ok
19:52:15.0368 0x0914 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
19:52:15.0462 0x0914 W32Time - ok
19:52:15.0478 0x0914 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
19:52:15.0509 0x0914 WacomPen - ok
19:52:15.0634 0x0914 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
19:52:15.0790 0x0914 wbengine - ok
19:52:15.0853 0x0914 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
19:52:15.0931 0x0914 WbioSrvc - ok
19:52:15.0978 0x0914 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
19:52:16.0025 0x0914 Wcmsvc - ok
19:52:16.0088 0x0914 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
19:52:16.0150 0x0914 wcncsvc - ok
19:52:16.0181 0x0914 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
19:52:16.0275 0x0914 WcsPlugInService - ok
19:52:16.0306 0x0914 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
19:52:16.0338 0x0914 WdBoot - ok
19:52:16.0431 0x0914 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
19:52:16.0525 0x0914 Wdf01000 - ok
19:52:16.0556 0x0914 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
19:52:16.0619 0x0914 WdFilter - ok
19:52:16.0650 0x0914 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
19:52:16.0697 0x0914 WdiServiceHost - ok
19:52:16.0713 0x0914 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
19:52:16.0744 0x0914 WdiSystemHost - ok
19:52:16.0791 0x0914 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
19:52:16.0822 0x0914 WdNisDrv - ok
19:52:16.0838 0x0914 WdNisSvc - ok
19:52:16.0900 0x0914 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
19:52:16.0978 0x0914 WebClient - ok
19:52:17.0025 0x0914 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
19:52:17.0072 0x0914 Wecsvc - ok
19:52:17.0103 0x0914 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
19:52:17.0150 0x0914 WEPHOSTSVC - ok
19:52:17.0197 0x0914 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
19:52:17.0259 0x0914 wercplsupport - ok
19:52:17.0291 0x0914 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
19:52:17.0338 0x0914 WerSvc - ok
19:52:17.0384 0x0914 [ BAB713B409258DB7B5D9F9693F802B0E, C0D0391EC4FDC07E0A07F4EEB2DC9CC5B2BE5D2E292E7D01929E8D39D6F73EA5 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
19:52:17.0416 0x0914 WFPLWFS - ok
19:52:17.0447 0x0914 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
19:52:17.0494 0x0914 WiaRpc - ok
19:52:17.0541 0x0914 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
19:52:17.0556 0x0914 WIMMount - ok
19:52:17.0572 0x0914 WinDefend - ok
19:52:17.0634 0x0914 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
19:52:17.0728 0x0914 WinHttpAutoProxySvc - ok
19:52:17.0853 0x0914 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
19:52:17.0900 0x0914 Winmgmt - ok
19:52:18.0182 0x0914 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
19:52:18.0432 0x0914 WinRM - ok
19:52:18.0479 0x0914 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\System32\drivers\WinUsb.sys
19:52:18.0542 0x0914 WinUsb - ok
19:52:18.0636 0x0914 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
19:52:18.0807 0x0914 WlanSvc - ok
19:52:18.0917 0x0914 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
19:52:19.0057 0x0914 wlidsvc - ok
19:52:19.0120 0x0914 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
19:52:19.0167 0x0914 WmiAcpi - ok
19:52:19.0214 0x0914 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
19:52:19.0261 0x0914 wmiApSrv - ok
19:52:19.0292 0x0914 WMPNetworkSvc - ok
19:52:19.0323 0x0914 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
19:52:19.0370 0x0914 Wof - ok
19:52:19.0511 0x0914 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
19:52:19.0745 0x0914 workfolderssvc - ok
19:52:19.0776 0x0914 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
19:52:19.0792 0x0914 wpcfltr - ok
19:52:19.0839 0x0914 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
19:52:19.0901 0x0914 WPCSvc - ok
19:52:19.0933 0x0914 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
19:52:19.0996 0x0914 WPDBusEnum - ok
19:52:20.0043 0x0914 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
19:52:20.0074 0x0914 WpdUpFltr - ok
19:52:20.0089 0x0914 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
19:52:20.0136 0x0914 ws2ifsl - ok
19:52:20.0183 0x0914 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
19:52:20.0261 0x0914 wscsvc - ok
19:52:20.0261 0x0914 WSearch - ok
19:52:20.0511 0x0914 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
19:52:20.0855 0x0914 WSService - ok
19:52:21.0090 0x0914 [ 5F3D70B19BCAC985DA90F22CA2FF45E4, BBD82BAEF0DCA2C6361F8D1ADF5BED36D0F1AB1A2AEADB0E4526B917F40C2E52 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
19:52:21.0387 0x0914 wuauserv - ok
19:52:21.0434 0x0914 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
19:52:21.0512 0x0914 WudfPf - ok
19:52:21.0543 0x0914 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
19:52:21.0606 0x0914 WUDFRd - ok
19:52:21.0653 0x0914 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
19:52:21.0700 0x0914 wudfsvc - ok
19:52:21.0715 0x0914 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\System32\drivers\WUDFRd.sys
19:52:21.0747 0x0914 WUDFWpdFs - ok
19:52:21.0793 0x0914 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\System32\drivers\WUDFRd.sys
19:52:21.0825 0x0914 WUDFWpdMtp - ok
19:52:21.0934 0x0914 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
19:52:22.0012 0x0914 WwanSvc - ok
19:52:22.0043 0x0914 ================ Scan global ===============================
19:52:22.0075 0x0914 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
19:52:22.0122 0x0914 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
19:52:22.0168 0x0914 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
19:52:22.0231 0x0914 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
19:52:22.0262 0x0914 [ Global ] - ok
19:52:22.0262 0x0914 ================ Scan MBR ==================================
19:52:22.0278 0x0914 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
19:52:22.0512 0x0914 \Device\Harddisk0\DR0 - ok
19:52:22.0512 0x0914 ================ Scan VBR ==================================
19:52:22.0543 0x0914 [ BE269661C5B3BD04BE6684D39C9133A1 ] \Device\Harddisk0\DR0\Partition1
19:52:22.0559 0x0914 \Device\Harddisk0\DR0\Partition1 - ok
19:52:22.0575 0x0914 [ 5E9F0C57291ECEFEB967DDC0F2209601 ] \Device\Harddisk0\DR0\Partition2
19:52:22.0590 0x0914 \Device\Harddisk0\DR0\Partition2 - ok
19:52:22.0606 0x0914 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
19:52:22.0606 0x0914 \Device\Harddisk0\DR0\Partition3 - ok
19:52:22.0622 0x0914 [ DAB2444D5DBD52180C106B8F69EFD282 ] \Device\Harddisk0\DR0\Partition4
19:52:22.0637 0x0914 \Device\Harddisk0\DR0\Partition4 - ok
19:52:22.0668 0x0914 [ D5B5023B835D25510C369F7FA4105AF4 ] \Device\Harddisk0\DR0\Partition5
19:52:22.0684 0x0914 \Device\Harddisk0\DR0\Partition5 - ok
19:52:22.0700 0x0914 [ BF957E5AF69932A807B2DAC1AC8FE7E9 ] \Device\Harddisk0\DR0\Partition6
19:52:22.0700 0x0914 \Device\Harddisk0\DR0\Partition6 - ok
19:52:22.0731 0x0914 [ 7315884CC3C30CD71B6D2AEBA85492B8 ] \Device\Harddisk0\DR0\Partition7
19:52:22.0747 0x0914 \Device\Harddisk0\DR0\Partition7 - ok
19:52:22.0747 0x0914 ================ Scan generic autorun ======================
19:52:22.0747 0x0914 Waiting for KSN requests completion. In queue: 131
19:52:23.0763 0x0914 Waiting for KSN requests completion. In queue: 131
19:52:24.0778 0x0914 Waiting for KSN requests completion. In queue: 131
19:52:25.0872 0x0914 AV detected via SS2: G DATA INTERNET SECURITY, C:\Program Files (x86)\G Data\InternetSecurity\AVK\avkwscpe.exe ( 25.1.0.0 ), 0x41000 ( enabled : updated )
19:52:25.0935 0x0914 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
19:52:25.0950 0x0914 FW detected via SS2: G Data Personal Firewall, C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcExtResx64.exe ( 1.0.0.0 ), 0x41010 ( enabled )
19:52:28.0357 0x0914 ============================================================
19:52:28.0357 0x0914 Scan finished
19:52:28.0357 0x0914 ============================================================
19:52:28.0373 0x0bb4 Detected object count: 0
19:52:28.0373 0x0bb4 Actual detected object count: 0
19:59:43.0541 0x1438 Deinitialize success
|
|
05.07.2015, 07:29
| #4 |
| /// the machine /// TB-Ausbilder | Windows 8: Browser sehr langsam, Probleme mit dem wlan Router auf Werkseinstellungen zurücksetzen, Verbindungsdaten neu eingeben
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.07.2015, 10:19
| #5 |
| | Windows 8: Browser sehr langsam, Probleme mit dem wlan Danke, schrauber, hab ich gemacht - mal sehen, was der Langzeittest sagt. Aber das kann doch nicht der Grund für die Probleme mit Opera sein, oder? Der stürzt jedenfalls immer noch fröhlich ab und ist sooo langsam. Sahen die ersten Logs denn soweit sauber aus oder hab ich mir doch was eingefangen? |
|
05.07.2015, 18:34
| #6 | |
| /// the machine /// TB-Ausbilder | Windows 8: Browser sehr langsam, Probleme mit dem wlanZitat:
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 8: Browser sehr langsam, Probleme mit dem wlan |
|
05.07.2015, 22:15
| #7 |
| | Windows 8: Browser sehr langsam, Probleme mit dem wlan Okay! Hier die Logs.Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.07.2015 Suchlaufzeit: 20:54 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.05.05 Rootkit-Datenbank: v2015.07.05.03 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Désirée Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 396094 Abgelaufene Zeit: 1 Std., 5 Min., 47 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.207 - Bericht erstellt 05/07/2015 um 22:51:49
# Aktualisiert 21/06/2015 von Xplode
# Datenbank : 2015-07-05.2 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : Désirée - FELICA
# Gestarted von : C:\Users\Désirée\Desktop\AdwCleaner_4.207.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Datei Gelöscht : C:\Users\Désirée\AppData\Roaming\WBPU-TTL.DAT
Datei Gelöscht : C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\foxydeal.sqlite
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\93BAD29AC2E44034A96BCB446EB8552E
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\93BAD29AC2E44034A96BCB446EB8552E
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v36.0.4 (x86 de)
-\\ Google Chrome v43.0.2357.130
-\\ Opera v30.0.1835.110
*************************
AdwCleaner[R0].txt - [1349 Bytes] - [05/07/2015 22:48:54]
AdwCleaner[S0].txt - [1265 Bytes] - [05/07/2015 22:51:49]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1324 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.3.1 (07.05.2015:1)
OS: Windows 8.1 x64
Ran by D‚sir‚e on 05.07.2015 at 22:55:40,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
Successfully deleted: [File] C:\Users\D‚sir‚e\AppData\Roaming\my_intel.sys
Successfully deleted: [File] C:\Users\D‚sir‚e\AppData\Roaming\sp_data.sys
~~~ Folders
~~~ Chrome
[C:\Users\D‚sir‚e\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\D‚sir‚e\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\D‚sir‚e\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\D‚sir‚e\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.07.2015 at 23:05:03,17
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Désirée (administrator) on FELICA on 05-07-2015 23:06:54
Running from C:\Users\Désirée\Desktop
Loaded Profiles: Désirée (Available Profiles: Désirée)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{958C2582-A601-48F7-9908-451F70DAD795}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{A86DCECD-29F2-43A3-B36D-6263AA7A35BE}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-30] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-30] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Anti-Phishing - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\{bae4e2d9-a9ac-4f2c-a844-ff576912bcef} [2015-06-17]
FF Extension: ProxTube - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\ich@maltegoetz.de.xpi [2015-06-15]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-24]
CHR Extension: (Google Wallet) - C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG)
R3 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R3 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [3672560 2015-04-07] (G Data Software AG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
S3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-06-01] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [27648 2015-06-01] (G Data Software AG)
R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2015-06-01] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-06-01] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-06-01] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-06-01] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-12-03] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-06-01] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [13696 2012-09-17] (ASUSTek Computer Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-05 23:05 - 2015-07-05 23:05 - 00001215 _____ C:\Users\Désirée\Desktop\JRT.txt
2015-07-05 22:55 - 2015-07-05 22:55 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-FELICA-Windows-8.1-(64-bit).dat
2015-07-05 22:55 - 2015-07-05 22:55 - 00000000 ____D C:\RegBackup
2015-07-05 22:53 - 2015-07-05 22:53 - 00001408 _____ C:\Users\Désirée\Desktop\AdwCleaner[S0].txt
2015-07-05 22:48 - 2015-07-05 22:51 - 00000000 ____D C:\AdwCleaner
2015-07-05 22:03 - 2015-07-05 22:03 - 00001203 _____ C:\Users\Désirée\Desktop\mbam.txt
2015-07-05 20:51 - 2015-07-05 20:53 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-05 20:51 - 2015-07-05 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-05 20:51 - 2015-07-05 20:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-05 20:51 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-07-05 20:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-05 20:49 - 2015-07-05 20:50 - 02953798 _____ (Malwarebytes Corporation) C:\Users\Désirée\Desktop\JRT.exe
2015-07-05 20:49 - 2015-07-05 20:49 - 02244096 _____ C:\Users\Désirée\Desktop\AdwCleaner_4.207.exe
2015-07-05 20:48 - 2015-07-05 20:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Désirée\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-05 16:10 - 2015-07-05 16:10 - 00000000 ____D C:\Users\Désirée\AppData\Local\CrashDumps
2015-07-04 21:06 - 2015-07-04 21:06 - 00002018 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-07-04 18:40 - 2015-07-05 20:54 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-04 18:40 - 2015-07-04 19:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-04 18:39 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-04 18:38 - 2015-07-04 19:48 - 00000000 ____D C:\Users\Désirée\Desktop\mbar
2015-07-04 18:37 - 2015-07-04 18:37 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Désirée\Desktop\tdsskiller.exe
2015-07-04 18:36 - 2015-07-04 18:36 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Désirée\Desktop\mbar-1.09.1.1004.exe
2015-07-04 16:52 - 2015-07-04 16:55 - 00000495 _____ C:\Users\Désirée\Desktop\gmerlog.log
2015-07-04 16:15 - 2015-07-04 16:16 - 00024297 _____ C:\Users\Désirée\Desktop\Addition.txt
2015-07-04 16:12 - 2015-07-05 23:06 - 00012912 _____ C:\Users\Désirée\Desktop\FRST.txt
2015-07-04 16:12 - 2015-07-05 23:06 - 00000000 ____D C:\FRST
2015-07-04 16:10 - 2015-07-04 16:10 - 00380416 _____ C:\Users\Désirée\Desktop\4ggbnxp9.exe
2015-07-04 16:10 - 2015-07-04 16:10 - 00000476 _____ C:\Users\Désirée\Desktop\defogger_disable.log
2015-07-04 16:10 - 2015-07-04 16:10 - 00000000 _____ C:\Users\Désirée\defogger_reenable
2015-07-04 16:09 - 2015-07-04 16:09 - 02112512 _____ (Farbar) C:\Users\Désirée\Desktop\FRST64.exe
2015-07-04 16:09 - 2015-07-04 16:09 - 00050477 _____ C:\Users\Désirée\Desktop\Defogger.exe
2015-07-04 15:52 - 2015-07-05 22:54 - 00003844 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1436017931
2015-07-04 15:52 - 2015-07-04 15:52 - 00001153 _____ C:\Users\Public\Desktop\Opera.lnk
2015-07-04 15:52 - 2015-07-04 15:52 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-04 15:52 - 2015-07-04 15:52 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\Opera Software
2015-07-04 15:52 - 2015-07-04 15:52 - 00000000 ____D C:\Users\Désirée\AppData\Local\Opera Software
2015-07-04 15:51 - 2015-07-05 11:25 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-04 15:29 - 2015-07-04 15:29 - 00687064 _____ (Opera Software) C:\Users\Désirée\Desktop\Opera_NI_stable.exe
2015-07-04 15:06 - 2015-07-04 15:06 - 00061576 _____ C:\Users\Désirée\Desktop\Bookmarks.html
2015-06-30 19:29 - 2015-06-30 19:29 - 00016931 _____ C:\Users\Désirée\AppData\Local\recently-used.xbel
2015-06-25 22:04 - 2015-06-25 22:04 - 00207286 _____ C:\Users\Désirée\Documents\gesuchkayben2.xcf
2015-06-25 22:03 - 2015-06-25 22:03 - 01049142 _____ C:\Users\Désirée\Documents\gesuchkayben.xcf
2015-06-20 12:36 - 2015-06-20 12:36 - 00000259 _____ C:\Users\Désirée\.gtk-bookmarks
2015-06-16 12:05 - 2015-06-16 12:05 - 06477032 _____ (Tim Kosse) C:\Users\Désirée\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-15 11:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-15 11:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-15 11:35 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-15 11:35 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-15 11:35 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-15 11:35 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-15 11:35 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-15 11:35 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-15 11:35 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-15 11:35 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-15 11:35 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-15 11:35 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-15 11:35 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-15 11:35 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-15 11:35 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-15 11:35 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-15 11:35 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-15 11:35 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-15 11:35 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-15 11:35 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-15 11:35 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-15 11:35 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-15 11:35 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-15 11:35 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-15 11:35 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-15 11:35 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-15 11:35 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-15 11:35 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-15 11:35 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-15 11:35 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-15 11:35 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-15 11:35 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-15 11:35 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-15 11:35 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-15 11:35 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-15 11:35 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-15 11:34 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-15 11:34 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-15 11:34 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-15 11:34 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-15 11:34 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-15 11:34 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-15 11:34 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-15 11:34 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-15 11:34 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-15 11:34 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-15 11:34 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-15 11:34 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-15 11:34 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-15 11:34 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-15 11:34 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-15 11:34 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-15 11:34 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-15 11:34 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-15 11:34 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-15 11:34 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-15 11:34 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-15 11:34 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-15 11:34 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-15 11:34 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-15 11:34 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-15 11:34 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-15 11:34 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-15 11:34 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-15 11:34 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-15 11:34 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-15 11:34 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-15 11:34 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-15 11:34 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-05 23:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-05 22:54 - 2013-08-19 21:11 - 00003870 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-05 22:54 - 2013-08-19 21:11 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-05 22:54 - 2012-11-30 10:32 - 00003052 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-07-05 22:54 - 2012-11-30 10:30 - 00003024 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-07-05 22:54 - 2012-11-30 10:29 - 00003114 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-07-05 22:53 - 2014-12-24 19:19 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-05 22:52 - 2013-11-14 00:18 - 00042224 _____ C:\WINDOWS\PFRO.log
2015-07-05 22:52 - 2013-08-22 16:46 - 00301523 _____ C:\WINDOWS\setupact.log
2015-07-05 22:52 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-05 22:48 - 2014-12-01 00:00 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-05 22:48 - 2014-02-06 17:28 - 01903147 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-05 22:45 - 2013-01-06 05:31 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2274478751-3046789010-2582509646-1001
2015-07-05 22:25 - 2013-08-19 21:11 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-05 20:11 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-04 23:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-04 21:07 - 2013-09-05 10:22 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\FileZilla
2015-07-04 21:06 - 2013-09-05 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-07-04 21:06 - 2013-09-05 10:22 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-07-04 18:41 - 2013-08-18 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-04 18:35 - 2012-11-30 11:12 - 00003247 _____ C:\WINDOWS\system32\ServiceFilter.ini
2015-07-04 16:10 - 2014-02-06 17:10 - 00000000 ____D C:\Users\Désirée
2015-07-04 15:30 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieUserList
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieSiteList
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieBrowserModeList
2015-06-30 19:29 - 2013-07-12 13:30 - 00000000 ____D C:\Users\Désirée\.gimp-2.8
2015-06-30 08:42 - 2014-12-01 00:00 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-30 08:42 - 2013-01-07 00:09 - 00000000 ____D C:\Users\Désirée\AppData\Local\Adobe
2015-06-27 20:16 - 2013-05-28 21:47 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\Skype
2015-06-26 13:19 - 2013-07-12 13:41 - 00000000 ____D C:\Users\Désirée\AppData\Local\gtk-2.0
2015-06-25 09:42 - 2013-11-14 09:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-25 09:42 - 2013-11-14 09:11 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-25 09:42 - 2013-11-14 09:11 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-24 18:21 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-24 10:16 - 2013-08-19 21:11 - 00000000 ____D C:\Users\Désirée\AppData\Local\Google
2015-06-24 10:11 - 2015-04-16 17:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-24 10:11 - 2015-03-17 10:49 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-24 10:11 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 14:32 - 2013-05-28 21:47 - 00000000 ____D C:\ProgramData\Skype
2015-06-17 15:55 - 2015-03-24 17:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-15 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-15 15:05 - 2013-08-22 16:44 - 00535280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-15 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-15 15:00 - 2013-01-07 00:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 14:58 - 2013-09-11 21:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-15 14:52 - 2013-01-07 13:58 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-15 14:45 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2013-07-27 08:43 - 2013-08-02 22:46 - 0000070 _____ () C:\Users\Désirée\AppData\Roaming\WB.CFG
2015-06-30 19:29 - 2015-06-30 19:29 - 0016931 _____ () C:\Users\Désirée\AppData\Local\recently-used.xbel
2014-11-27 19:12 - 2014-11-27 19:12 - 0000017 _____ () C:\Users\Désirée\AppData\Local\resmon.resmoncfg
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
Some files in TEMP:
====================
C:\Users\Désirée\AppData\Local\Temp\eauninstall.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Désirée\AppData\Local\Temp\Quarantine.exe
C:\Users\Désirée\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Désirée\AppData\Local\Temp\sqlite3.dll
C:\Users\Désirée\AppData\Local\Temp\The Sims 2_uninst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-05 20:03
==================== End of log ============================
|
|
06.07.2015, 05:50
| #8 |
| /// the machine /// TB-Ausbilder | Windows 8: Browser sehr langsam, Probleme mit dem wlanESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2015, 09:49
| #9 |
| | Windows 8: Browser sehr langsam, Probleme mit dem wlan Hey, hier die Logs: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=932fcb10f11aac41ab4a588a1714dd34
# end=init
# utc_time=2015-07-06 06:40:55
# local_time=2015-07-06 08:40:55 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 24656
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=932fcb10f11aac41ab4a588a1714dd34
# end=updated
# utc_time=2015-07-06 06:43:49
# local_time=2015-07-06 08:43:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=932fcb10f11aac41ab4a588a1714dd34
# engine=24656
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-06 08:29:35
# local_time=2015-07-06 10:29:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='G DATA INTERNET SECURITY'
# compatibility_mode=4112 16777213 100 100 40283 11773647 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 9592690 61052668 0 0
# scanned=290827
# found=0
# cleaned=0
# scan_time=6345
Code:
ATTFilter Results of screen317's Security Check version 1.004
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
G DATA INTERNET SECURITY
Windows Defender
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 31
Java version 32-bit out of Date!
Adobe Flash Player 18.0.0.194
Adobe Reader XI
Mozilla Firefox 36.0.4 Firefox out of Date!
Google Chrome (43.0.2357.124)
Google Chrome (43.0.2357.130)
````````Process Check: objlist.exe by Laurent````````
G Data InternetSecurity Firewall GDFwSvcx64.exe
G Data InternetSecurity Firewall GDFirewallTray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:04-07-2015
Ran by Désirée (administrator) on FELICA on 06-07-2015 10:40:24
Running from C:\Users\Désirée\Desktop
Loaded Profiles: Désirée (Available Profiles: Désirée)
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AvkBap64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnWMI.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1855608 2015-02-20] (G DATA Software AG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707496 2014-08-15] (Cisco Systems, Inc.)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [788480 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7190} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D808} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D} => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.9.120\ASUSWSShellExt64.dll [2012-03-13] (ASUS Cloud Corporation.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKU\S-1-5-21-2274478751-3046789010-2582509646-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll [2012-09-11] (ASUSTeK Computer Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{958C2582-A601-48F7-9908-451F70DAD795}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{A86DCECD-29F2-43A3-B36D-6263AA7A35BE}: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-30] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-30] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Extension: Anti-Phishing - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\{bae4e2d9-a9ac-4f2c-a844-ff576912bcef} [2015-06-17]
FF Extension: ProxTube - C:\Users\Désirée\AppData\Roaming\Mozilla\Firefox\Profiles\u8hbjxkh.default\Extensions\ich@maltegoetz.de.xpi [2015-06-15]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR Profile: C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-24]
CHR Extension: (Google Wallet) - C:\Users\Désirée\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-04]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ASUS InstantOn; C:\Program Files (x86)\ASUS\ASUS InstantOn\InsOnSrv.exe [277120 2012-04-13] (ASUS)
R3 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2528888 2015-04-16] (G Data Software AG)
R3 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [965240 2015-02-20] (G Data Software AG)
R3 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlX64.exe [3672560 2015-04-07] (G Data Software AG)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3193080 2015-02-20] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789112 2015-03-04] (G Data Software AG)
R3 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R3 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [150016 2015-06-01] (G Data Software AG)
S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [27648 2015-06-01] (G Data Software AG)
R1 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [20992 2015-06-01] (G Data Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [230400 2015-06-01] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2015-06-01] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [68608 2015-06-01] (G Data Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2014-12-03] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [124928 2015-06-01] (G Data Software AG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R2 plctrl; C:\Program Files\ASUS\P4G\plctrl.sys [13696 2012-09-17] (ASUSTek Computer Inc.)
S3 vpnva; C:\Windows\system32\DRIVERS\vpnva64-6.sys [52592 2014-08-15] (Cisco Systems, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-06 10:35 - 2015-07-06 10:35 - 00852662 _____ C:\Users\Désirée\Desktop\SecurityCheck.exe
2015-07-06 08:40 - 2015-07-06 08:40 - 02870984 _____ (ESET) C:\Users\Désirée\Desktop\esetsmartinstaller_deu.exe
2015-07-06 08:40 - 2015-07-06 08:40 - 00000000 ____D C:\Program Files (x86)\ESET
2015-07-05 23:17 - 2015-07-05 23:17 - 00000401 _____ C:\Users\Désirée\AppData\Roaming\sp_data.sys
2015-07-05 23:05 - 2015-07-05 23:05 - 00001215 _____ C:\Users\Désirée\Desktop\JRT.txt
2015-07-05 22:55 - 2015-07-05 22:55 - 00000207 _____ C:\WINDOWS\tweaking.com-regbackup-FELICA-Windows-8.1-(64-bit).dat
2015-07-05 22:55 - 2015-07-05 22:55 - 00000000 ____D C:\RegBackup
2015-07-05 22:53 - 2015-07-05 22:53 - 00001408 _____ C:\Users\Désirée\Desktop\AdwCleaner[S0].txt
2015-07-05 22:48 - 2015-07-05 22:51 - 00000000 ____D C:\AdwCleaner
2015-07-05 22:03 - 2015-07-05 22:03 - 00001203 _____ C:\Users\Désirée\Desktop\mbam.txt
2015-07-05 20:51 - 2015-07-05 20:53 - 00001120 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-07-05 20:51 - 2015-07-05 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-05 20:51 - 2015-07-05 20:53 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-05 20:51 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-07-05 20:51 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-07-05 20:49 - 2015-07-05 20:50 - 02953798 _____ (Malwarebytes Corporation) C:\Users\Désirée\Desktop\JRT.exe
2015-07-05 20:49 - 2015-07-05 20:49 - 02244096 _____ C:\Users\Désirée\Desktop\AdwCleaner_4.207.exe
2015-07-05 20:48 - 2015-07-05 20:49 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Désirée\Desktop\mbam-setup-2.1.6.1022.exe
2015-07-05 16:10 - 2015-07-05 16:10 - 00000000 ____D C:\Users\Désirée\AppData\Local\CrashDumps
2015-07-04 21:06 - 2015-07-04 21:06 - 00002018 _____ C:\Users\Public\Desktop\FileZilla Client.lnk
2015-07-04 18:40 - 2015-07-05 20:54 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-07-04 18:40 - 2015-07-04 19:48 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-07-04 18:39 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-07-04 18:38 - 2015-07-04 19:48 - 00000000 ____D C:\Users\Désirée\Desktop\mbar
2015-07-04 18:37 - 2015-07-04 18:37 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Désirée\Desktop\tdsskiller.exe
2015-07-04 18:36 - 2015-07-04 18:36 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Désirée\Desktop\mbar-1.09.1.1004.exe
2015-07-04 16:52 - 2015-07-04 16:55 - 00000495 _____ C:\Users\Désirée\Desktop\gmerlog.log
2015-07-04 16:15 - 2015-07-04 16:16 - 00024297 _____ C:\Users\Désirée\Desktop\Addition.txt
2015-07-04 16:12 - 2015-07-06 10:40 - 00015511 _____ C:\Users\Désirée\Desktop\FRST.txt
2015-07-04 16:12 - 2015-07-06 10:40 - 00000000 ____D C:\FRST
2015-07-04 16:10 - 2015-07-04 16:10 - 00380416 _____ C:\Users\Désirée\Desktop\4ggbnxp9.exe
2015-07-04 16:10 - 2015-07-04 16:10 - 00000476 _____ C:\Users\Désirée\Desktop\defogger_disable.log
2015-07-04 16:10 - 2015-07-04 16:10 - 00000000 _____ C:\Users\Désirée\defogger_reenable
2015-07-04 16:09 - 2015-07-04 16:09 - 02112512 _____ (Farbar) C:\Users\Désirée\Desktop\FRST64.exe
2015-07-04 16:09 - 2015-07-04 16:09 - 00050477 _____ C:\Users\Désirée\Desktop\Defogger.exe
2015-07-04 15:52 - 2015-07-05 23:18 - 00003844 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1436017931
2015-07-04 15:52 - 2015-07-04 15:52 - 00001153 _____ C:\Users\Public\Desktop\Opera.lnk
2015-07-04 15:52 - 2015-07-04 15:52 - 00001153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-07-04 15:52 - 2015-07-04 15:52 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\Opera Software
2015-07-04 15:52 - 2015-07-04 15:52 - 00000000 ____D C:\Users\Désirée\AppData\Local\Opera Software
2015-07-04 15:51 - 2015-07-05 23:20 - 00000000 ____D C:\Program Files (x86)\Opera
2015-07-04 15:29 - 2015-07-04 15:29 - 00687064 _____ (Opera Software) C:\Users\Désirée\Desktop\Opera_NI_stable.exe
2015-07-04 15:06 - 2015-07-04 15:06 - 00061576 _____ C:\Users\Désirée\Desktop\Bookmarks.html
2015-06-30 19:29 - 2015-06-30 19:29 - 00016931 _____ C:\Users\Désirée\AppData\Local\recently-used.xbel
2015-06-25 22:04 - 2015-06-25 22:04 - 00207286 _____ C:\Users\Désirée\Documents\gesuchkayben2.xcf
2015-06-25 22:03 - 2015-06-25 22:03 - 01049142 _____ C:\Users\Désirée\Documents\gesuchkayben.xcf
2015-06-20 12:36 - 2015-06-20 12:36 - 00000259 _____ C:\Users\Désirée\.gtk-bookmarks
2015-06-16 12:05 - 2015-06-16 12:05 - 06477032 _____ (Tim Kosse) C:\Users\Désirée\Downloads\FileZilla_3.11.0.2_win64-setup.exe
2015-06-15 11:35 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-06-15 11:35 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-06-15 11:35 - 2015-05-25 15:23 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-06-15 11:35 - 2015-05-25 15:07 - 01430528 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-06-15 11:35 - 2015-05-22 15:08 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 01119232 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2015-06-15 11:35 - 2015-05-21 15:08 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-06-15 11:35 - 2015-04-25 04:34 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2015-06-15 11:35 - 2015-04-25 04:33 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2015-06-15 11:35 - 2015-04-17 00:07 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2015-06-15 11:35 - 2015-04-16 08:17 - 00325464 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2015-06-15 11:35 - 2015-04-14 00:37 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2015-06-15 11:35 - 2015-04-14 00:34 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2015-06-15 11:35 - 2015-04-10 02:40 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-06-15 11:35 - 2015-04-10 02:17 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-06-15 11:35 - 2015-04-09 00:41 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rgb9rast.dll
2015-06-15 11:35 - 2015-04-09 00:07 - 00410336 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-06-15 11:35 - 2015-04-02 00:42 - 03097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2015-06-15 11:35 - 2015-04-02 00:30 - 02483712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2015-06-15 11:35 - 2015-04-01 06:21 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2015-06-15 11:35 - 2015-04-01 06:18 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2015-06-15 11:35 - 2015-04-01 06:17 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2015-06-15 11:35 - 2015-04-01 06:08 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2015-06-15 11:35 - 2015-04-01 05:46 - 03633664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2015-06-15 11:35 - 2015-04-01 05:17 - 02551808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2015-06-15 11:35 - 2015-04-01 05:17 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2015-06-15 11:35 - 2015-04-01 04:53 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2015-06-15 11:35 - 2015-04-01 04:53 - 00272896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2015-06-15 11:35 - 2015-04-01 04:45 - 02749952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2015-06-15 11:35 - 2015-04-01 04:45 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2015-06-15 11:35 - 2015-04-01 04:14 - 01920000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2015-06-15 11:35 - 2015-04-01 04:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2015-06-15 11:35 - 2015-03-20 05:49 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2015-06-15 11:35 - 2015-03-20 05:08 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2015-06-15 11:35 - 2015-03-20 04:37 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2015-06-15 11:35 - 2015-03-20 04:07 - 01091072 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2015-06-15 11:35 - 2015-03-02 03:43 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2015-06-15 11:35 - 2015-03-02 03:21 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2015-06-15 11:34 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-06-15 11:34 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-06-15 11:34 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-06-15 11:34 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-06-15 11:34 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2015-06-15 11:34 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-06-15 11:34 - 2015-05-23 04:47 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-06-15 11:34 - 2015-05-23 04:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-06-15 11:34 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-06-15 11:34 - 2015-05-23 04:38 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-06-15 11:34 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-06-15 11:34 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-06-15 11:34 - 2015-05-23 04:28 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-06-15 11:34 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-06-15 11:34 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-06-15 11:34 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-06-15 11:34 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-06-15 11:34 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-06-15 11:34 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-06-15 11:34 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-06-15 11:34 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2015-06-15 11:34 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-06-15 11:34 - 2015-05-22 20:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-06-15 11:34 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-06-15 11:34 - 2015-05-22 20:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-06-15 11:34 - 2015-05-22 20:09 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-06-15 11:34 - 2015-05-22 20:08 - 00374272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-06-15 11:34 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-06-15 11:34 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-06-15 11:34 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-06-15 11:34 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-06-15 11:34 - 2015-05-22 19:49 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-06-15 11:34 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-06-15 11:34 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-06-15 11:34 - 2015-05-21 18:47 - 04177920 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-07-06 10:36 - 2014-02-06 17:28 - 02028808 _____ C:\WINDOWS\WindowsUpdate.log
2015-07-06 10:25 - 2013-08-19 21:11 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-06 10:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-07-06 09:48 - 2014-12-01 00:00 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-07-06 08:23 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2015-07-05 23:18 - 2014-12-24 19:19 - 00003888 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2015-07-05 23:18 - 2013-08-19 21:11 - 00003870 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-05 23:18 - 2013-08-19 21:11 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-07-05 23:18 - 2012-11-30 10:32 - 00003052 _____ C:\WINDOWS\System32\Tasks\ASUS P4G
2015-07-05 23:18 - 2012-11-30 10:30 - 00003024 _____ C:\WINDOWS\System32\Tasks\ASUS USB Charger Plus
2015-07-05 23:18 - 2012-11-30 10:29 - 00003114 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update
2015-07-05 23:17 - 2013-08-22 16:46 - 00301600 _____ C:\WINDOWS\setupact.log
2015-07-05 23:17 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-07-05 22:52 - 2013-11-14 00:18 - 00042224 _____ C:\WINDOWS\PFRO.log
2015-07-05 22:45 - 2013-01-06 05:31 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2274478751-3046789010-2582509646-1001
2015-07-04 23:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-07-04 21:07 - 2013-09-05 10:22 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\FileZilla
2015-07-04 21:06 - 2013-09-05 10:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2015-07-04 21:06 - 2013-09-05 10:22 - 00000000 ____D C:\Program Files (x86)\FileZilla FTP Client
2015-07-04 18:41 - 2013-08-18 15:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-04 18:35 - 2012-11-30 11:12 - 00003247 _____ C:\WINDOWS\system32\ServiceFilter.ini
2015-07-04 16:10 - 2014-02-06 17:10 - 00000000 ____D C:\Users\Désirée
2015-07-04 15:30 - 2013-08-22 15:25 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieUserList
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieSiteList
2015-07-04 15:22 - 2014-11-27 17:39 - 00000000 __SHD C:\Users\Désirée\AppData\Local\EmieBrowserModeList
2015-06-30 19:29 - 2013-07-12 13:30 - 00000000 ____D C:\Users\Désirée\.gimp-2.8
2015-06-30 08:42 - 2014-12-01 00:00 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-06-30 08:42 - 2013-01-07 00:09 - 00000000 ____D C:\Users\Désirée\AppData\Local\Adobe
2015-06-27 20:16 - 2013-05-28 21:47 - 00000000 ____D C:\Users\Désirée\AppData\Roaming\Skype
2015-06-26 13:19 - 2013-07-12 13:41 - 00000000 ____D C:\Users\Désirée\AppData\Local\gtk-2.0
2015-06-25 09:42 - 2013-11-14 09:27 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-06-25 09:42 - 2013-11-14 09:11 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2015-06-25 09:42 - 2013-11-14 09:11 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2015-06-24 18:21 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-06-24 10:16 - 2013-08-19 21:11 - 00000000 ____D C:\Users\Désirée\AppData\Local\Google
2015-06-24 10:11 - 2015-04-16 17:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-06-24 10:11 - 2015-03-17 10:49 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-06-24 10:11 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2015-06-20 05:02 - 2013-08-22 17:38 - 00792568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-06-20 05:02 - 2013-08-22 17:38 - 00178168 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-19 14:32 - 2013-05-28 21:47 - 00000000 ____D C:\ProgramData\Skype
2015-06-17 15:55 - 2015-03-24 17:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-15 18:35 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-06-15 15:05 - 2013-08-22 16:44 - 00535280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-06-15 15:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-06-15 15:00 - 2013-01-07 00:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-15 14:58 - 2013-09-11 21:56 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-06-15 14:52 - 2013-01-07 13:58 - 140135120 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-06-15 14:45 - 2012-07-26 07:26 - 00000199 _____ C:\WINDOWS\win.ini
==================== Files in the root of some directories =======
2015-07-05 23:17 - 2015-07-05 23:17 - 0000401 _____ () C:\Users\Désirée\AppData\Roaming\sp_data.sys
2013-07-27 08:43 - 2013-08-02 22:46 - 0000070 _____ () C:\Users\Désirée\AppData\Roaming\WB.CFG
2015-06-30 19:29 - 2015-06-30 19:29 - 0016931 _____ () C:\Users\Désirée\AppData\Local\recently-used.xbel
2014-11-27 19:12 - 2014-11-27 19:12 - 0000017 _____ () C:\Users\Désirée\AppData\Local\resmon.resmoncfg
2012-08-17 02:52 - 2012-07-30 08:03 - 0000217 _____ () C:\ProgramData\SetStretch.cmd
2012-08-17 02:52 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
Some files in TEMP:
====================
C:\Users\Désirée\AppData\Local\Temp\eauninstall.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Désirée\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Désirée\AppData\Local\Temp\Quarantine.exe
C:\Users\Désirée\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Désirée\AppData\Local\Temp\sqlite3.dll
C:\Users\Désirée\AppData\Local\Temp\The Sims 2_uninst.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-07-06 00:18
==================== End of log ============================
Ja, ich hab leider nach wie vor das Problem mit Opera. Also wenn ich Opera öffne ist es schon sehr langsam, aber sobald ich einen weiteren Tab auf mache geht gar nichts mehr. Der Kreis am Mauszeiger dreht sich die ganze Zeit, ich kann Opera nicht schließen, ich kann die Fenster nicht klein machen und was anderes öffnen, die Lüfter drehen total laut und wenn ich den Task Manager öffnen möchte, dauert es eine gute Minute bis überhaupt irgendwas reagiert. Sobald Opera dann wieder zu ist läuft wieder alles normal. |
|
06.07.2015, 15:02
| #10 |
| /// the machine /// TB-Ausbilder | Windows 8: Browser sehr langsam, Probleme mit dem wlan Java und Firefox updaten. Opera mal komplett deinstallieren und neu installieren, dann Opera zurücksetzen: Opera Einstellungen zurücksetzen - so geht's - Anleitungen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.07.2015, 15:38
| #11 |
| | Windows 8: Browser sehr langsam, Probleme mit dem wlan Mache ich gleich! Das mit Opera hab ich nach eurer Anleitung schon gemacht, bevor ich hier gepostet hab. Soll ich das trotzdem nochmal machen? Eben weil es danach auch nicht ging fand ich es komisch. |
|
07.07.2015, 05:58
| #12 |
| /// the machine /// TB-Ausbilder | Windows 8: Browser sehr langsam, Probleme mit dem wlan Hast Du Opera auch vorher wie beschrieben deinstalliert und neu installiert?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.07.2015, 07:59
| #13 |
| | Windows 8: Browser sehr langsam, Probleme mit dem wlan Hey, ja, hatte ich - hab es jetzt aber trotzdem nochmal gemacht.  Und auch die Ordner nochmal gelöscht (die allerdings noch leer waren).Allerdings alles unverändert, ich kann den Browser nicht benutzen, da tut sich einfach nichts und nach einer Minute kommt "keine Rückmeldung". |
|
07.07.2015, 12:12
| #14 |
| /// the machine /// TB-Ausbilder | Windows 8: Browser sehr langsam, Probleme mit dem wlan Andere Browser gehen aber tadellos?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.07.2015, 13:33
| #15 |
| | Windows 8: Browser sehr langsam, Probleme mit dem wlan Die funktionieren besser, aber Google Chrome stürzt mindestens einmal die Stunde ab. Also mit dieser "Google Chrome funktioniert nicht mehr, es wird nach einer Lösung gesucht" Meldung und dann wird der Browser geschlossen. Zu Firefox und IE kann ich nichts genaueres sagen, beim antesten hat es funktioniert, aber ich hab die nur ein paar Minuten ausprobiert. Ich weiß ja auch nicht, ich dachte bei Opera hat sich irgendwas eingenistet, aber es wurde ja kaum was gefunden. |
|
| Themen zu Windows 8: Browser sehr langsam, Probleme mit dem wlan |
| adware, antivirus, bonjour, browser, computer, cpu, fehler, flash player, ftp, google, hängen, installation, langsam, mozilla, realtek, registry, scan, security, server, services.exe, software, svchost.exe, system, windows, wlan |
Linear-Darstellung
